185.18.52.85 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 185.18.52.85 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

• JARM: 21d10d00021d21d00021d10d21d21d58940be617019cf12c3f6a743329ef2e

• View other sources: Spamhaus VirusTotal

• Country: Netherlands
• Network: AS49981 worldstream b.v.
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: thickethumility.online tradehistmaps.tech moonglowingadventures.online sevenbar.store www.a120488.hostnl03.fornex.host a120488.hostnl03.fornex.host paradiseplinko.online x5-village.com oppositionadviser.online toksnewsn.online platarium.com www.platarium.com test.faberlic.name www.test.faberlic.name fonset.online www.fonset.online artbrand.store www.befaberlic.ru befaberlic.ru kraftcg.ru www.kraftcg.ru yamax.pro www.mypmlab.in mypmlab.in www.catcher.live juicybc.com www.juicybc.com royalbarclub.site luckbarbet.online mesldoubleauthentication.com www.xn--80aa1am1aeh.xn–p1ai xn–80aa1am1aeh.xn–p1ai www.latup-associes.net 1win-ms.fun www.1win-ms.fun www.goodlanduz.productuzcrm.uz goodlanduz.productuzcrm.uz fnbet.online deployment.sk-vu.ru www.deployment.sk-vu.ru www.solutionsweb-info.b118937.hostnl03.fornex.host tokensolutions-info.b118937.hostnl03.fornex.host www.solutionsreviews-info.b118937.hostnl03.fornex.host www.skote.skybox.uz skote.skybox.uz pinupbar.online www.pinupbar.online planetatravel.skybox.uz www.planetatravel.skybox.uz naturewisetoday.online fitlifefacts.online test.cpamonstro.com slawa.su www.r118665.hostnl03.fornex.host r118665.hostnl03.fornex.host pokapptop.online ketodietbhb.fun pivazyan.com www.siralikebap.skybox.uz siralikebap.skybox.uz acv-gummiess.fun www.lekant-eu.e66955.hostnl03.fornex.host rybolov-com-ua.e66955.hostnl03.fornex.host www.rybolov-com-ua.e66955.hostnl03.fornex.host e66955.hostnl03.fornex.host black-white.cc www.dumpsterrentals-sandiego-com.d117862.hostnl03.fornex.host www.jiboxadmin.skybox.uz jiboxadmin.skybox.uz www.roadport.skybox.uz roadport.skybox.uz flyfix-obmen.tech awards.cpamonstro.com vsem-stendi.store www.vsem-stendi.store cryptopure.pro www.cryptopure.pro cropetex.com dardinstore.com www.dardinstore.com vejaaftrumsuntrans.com www.housesnab.ru housesnab.ru latup-associes.net www.gepatit.top gepatit.top www.admin.arena-express.uz arena-express.uz www.arena-express.uz admin.arena-express.uz punt-buddy.com www.xn----7sbifce9abfrqqh1a5n.xn–p1ai xn—-7sbifce9abfrqqh1a5n.xn–p1ai smartassessment.skybox.uz www.smartassessment.skybox.uz www.lovesong.skybox.uz lovesong.skybox.uz hotels.main.guide www.hotels.main.guide catcher.live www.findor.live findor.live trafficsplinter.com www.babylook.lv babylook.lv www.apostile.credoconsulting.uz apostile.credoconsulting.uz www.pu.productuzcrm.uz pu.productuzcrm.uz www.trans.starsoft.website trans.starsoft.website rossaservices.com www.rossaservices.com profu4t.fun www.profu4t.fun www.soliq.skybox.uz soliq.skybox.uz revistasaluds.com www.revistasaluds.com www.weady.starsoft.website weady.starsoft.website vkstudio.net www.vkstudio.net www.demo.starsoft.website demo.starsoft.website www.graffiory.com graffiory.com www.puntbuddy.com.au puntbuddy.com.au wellmed.starsoft.website www.wellmed.starsoft.website timeweb.skybox.uz www.timeweb.skybox.uz baltichus.no www.baltichus.no www.pulyny.online pulyny.online safo.productuzcrm.uz www.safo.productuzcrm.uz www.lukas.starsoft.website lukas.starsoft.website sibgeek.ru www.sibgeek.ru joomla.starsoft.website www.joomla.starsoft.website www.luxframe.lv luxframe.lv www.trans.izibiz.pl trans.izibiz.pl saforobot.productuzcrm.uz www.saforobot.productuzcrm.uz www.eurobaltictour.com eurobaltictour.com bravepeople.online www.bravepeople.online pitstop.online www.pitstop.online www.onecardiall.com onecardiall.com gz-kazan.ru www.gz-kazan.ru www.cbaha.com cbaha.com www.kraftpay.ru kraftpay.ru www.nasimov.skybox.uz nasimov.skybox.uz www.restaurant.starsoft.website restaurant.starsoft.website www.bravepeople.com.ua bravepeople.com.ua www.largemeeadow.com largemeeadow.com www.partneri.skybox.uz partneri.skybox.uz ivascenko.com www.ivascenko.com kappacommerce.com www.kappacommerce.com www.keitaro.starsoft.website keitaro.starsoft.website ecodeckprofile-lv.a111323.hostnl03.fornex.host svetlanakibalova.online www.svetlanakibalova.online microlux-lv.a111323.hostnl03.fornex.host www.rdospecstroy-ru.a111323.hostnl03.fornex.host www.ecodeckprofile-lv.a111323.hostnl03.fornex.host www.ecodeckprofile.lv ecodeckprofile.lv www.happylife-lv.a111323.hostnl03.fornex.host rdospecstroy-ru.a111323.hostnl03.fornex.host hepcludex.info www.hepcludex.info www.healingbowl-nepal.com healingbowl-nepal.com 380.ofo7788.info 780.ofo7788.info www.780.ofo7788.info www.560.ofo7788.info 540.ofo7788.info www.380.ofo7788.info www.660.ofo7788.info 560.ofo7788.info www.540.ofo7788.info 660.ofo7788.info www.li.ofo7788.info li.ofo7788.info www.178.ofo7788.info www.430.ofo7788.info 430.ofo7788.info www.sp.ofo7788.info www.261.ofo7788.info www.260.ofo7788.info www.kr.ofo7788.info www.980.ofo7788.info 260.ofo7788.info 980.ofo7788.info www.300.ofo7788.info 240.ofo7788.info kr.ofo7788.info 178.ofo7788.info sp.ofo7788.info 300.ofo7788.info www.240.ofo7788.info 261.ofo7788.info www.550.ofo7788.info www.ofo7788.info 550.ofo7788.info ofo7788.info vsecosmetics.com.ua www.vsecosmetics.com.ua piter-rotterdam.com www.piter-rotterdam.com np.heal-store.com sirotinushka.site www.sirotinushka.site www.cpamonstro.com cpamonstro.com www.diaresults.com diaresults.com www.saludinforms.com saludinforms.com www.starsoft.store starsoft.store www.beta.expandingspace.io www.expandingspace.io www.docs.expandingspace.io www.alpha.expandingspace.io www.api.expandingspace.io img.starsoft.website uhl.starsoft.website www.img.starsoft.website www.uhl.starsoft.website www.lacajadmusica.org lacajadmusica.org webuy.info poroh-2.site www.poroh-2.site www.poroh-2.space poroh-2.space www.poroh-2.fun poroh-2.fun www.your-keeper.ru your-keeper.ru www.surveylist.site surveylist.site ekb-glavnoezdorovie.ru www.ekb-glavnoezdorovie.ru www.mirvdom.com.ua mirvdom.com.ua trans.monisaver.com www.trans.monisaver.com www.open-internet.online open-internet.online kiosk.juicycoutureoutletonline.com www.kz.juicycoutureoutletonline.com juicycoutureoutletonline.com kz.juicycoutureoutletonline.com www.juicycoutureoutletonline.com www.kiosk.juicycoutureoutletonline.com elfbar.starsoft.website www.elfbar.starsoft.website www.top-specialists.ru top-specialists.ru smmbang.ru www.smmbang.ru fansly.shell-developer.com www.opencart.shell-developer.com www.fansly.shell-developer.com opencart.shell-developer.com fansee.net www.fansee.net activopaso.com www.activopaso.com www.quatraglobal.com quatraglobal.com www.mmatema.com www.healingbowlschool.com healingbowlschool.com mmatema.com www.acvaldemar.live info-go.co tiktuc.ru www.tiktuc.ru js.starsoft.website www.js.starsoft.website css.starsoft.website www.css.starsoft.website www.molnkan.site molnkan.site www.winpriz22.site winpriz22.site wml-fansly.shell-developer.com www.wml-fansly.shell-developer.com productuzrobot.productuzcrm.uz www.productuzrobot.productuzcrm.uz www.spring-organic.skybox.uz spring-organic.skybox.uz happylife.lv www.happylife.lv metodosmejorar.com www.metodosmejorar.com gentedeinfo.com www.gentedeinfo.com wordpress.starsoft.website www.wordpress.starsoft.website www.productuzcrm.uz productuzcrm.uz www.superprize23z.site m.dsmessage.ru www.m.dsmessage.ru superprize23z.site microlux.lv www.microlux.lv rdospecstroy.ru www.rdospecstroy.ru limidex.com www.limidex.com www.vgipsokartone.ru vgipsokartone.ru topnine-casino.com www.topnine-casino.com www.a111323.hostnl03.fornex.host a111323.hostnl03.fornex.host matrac-lv.a111323.hostnl03.fornex.host alishopi.ru www.alishopi.ru cyber-punk.games www.cyber-punk.games matrac.lv www.matrac.lv v-domen.ru www.v-domen.ru sputnikovoe-televidenie.ru www.sputnikovoe-televidenie.ru www.recept-kofe.ru recept-kofe.ru elementekb.ru www.elementekb.ru android.biz.ua www.android.biz.ua acvaldemar.live n110747.hostnl03.fornex.host www.n110747.hostnl03.fornex.host www.pleasure24-xyz.n110747.hostnl03.fornex.host www.optom.kh.ua optom.kh.ua zinkiv.pl.ua www.zinkiv.pl.ua www.ws.biz.ua ws.biz.ua www.pleasure24.xyz pleasure24.xyz www.letix-rent.online letix-rent.online test.perfect-perfum.ru www.test.perfect-perfum.ru tonnft.info www.tonnft.info www.gallery.shell-developer.com gallery.shell-developer.com www.test.starsoft.website test.starsoft.website dsmessage.ru www.tis22.ru tis22.ru mylarant.com www.dsmessage.ru parser.juzt.studio psdcreativ.com www.psdcreativ.com www.arosaservices.com arosaservices.com www.wizardleads.net r110694.hostnl03.fornex.host wizardleads.net www.perfect-perfum.ru perfect-perfum.ru xn–c1aapkdmbwcavc.online www.xn--c1aapkdmbwcavc.online www.testcenterantalya.org testcenterantalya.org dardincommerce.com www.dardincommerce.com www.k110548.hostnl03.fornex.host k110548.hostnl03.fornex.host www.rev.ocout.com rev.ocout.com palai.media www.palai.media www.899themes.com 899themes.com www.btflx.xyz ro2.trobito.eu www.ro2.trobito.eu www.ro.trobito.eu ro.trobito.eu www.trobito.eu trobito.eu www.p3.sagnetic.eu www.p2.sagnetic.eu sagnetic.eu p3.sagnetic.eu p2.sagnetic.eu www.p1.sagnetic.eu www.sagnetic.eu p1.sagnetic.eu www.p2.kazster.eu www.p1.kazster.eu p2.kazster.eu www.p3.kazster.eu p1.kazster.eu p3.kazster.eu www.p1.kazsio.eu p2.kazsio.eu p3.kazsio.eu www.p3.kazsio.eu p1.kazsio.eu www.p2.kazsio.eu kazry.eu www.p3.kazry.eu www.p1.kazry.eu www.p2.kazry.eu p1.kazry.eu p3.kazry.eu p2.kazry.eu www.kazry.eu btflx.xyz www.recbook.top recbook.top starsoft.website www.modx.starsoft.website modx.starsoft.website www.starsoft.website heal-store.com www.p2.atopefluent.eu p1.atopefluent.eu p3.atopefluent.eu www.p3.atopefluent.eu www.p1.atopefluent.eu p2.atopefluent.eu atopefluent.eu www.atopefluent.eu www.p3.atopebia.eu www.p2.atopebia.eu p1.atopebia.eu www.p1.atopebia.eu p2.atopebia.eu p3.atopebia.eu www.p2.atopeaza.eu www.p1.atopeaza.eu p1.atopeaza.eu p3.atopeaza.eu www.p3.atopeaza.eu p2.atopeaza.eu sagish.eu www.sagish.eu www.kazzoid.eu kazzoid.eu kazster.eu www.kazster.eu www.kazsio.eu kazsio.eu kaznest.eu www.kaznest.eu atopebia.eu www.atopebia.eu atopeaza.eu www.atopeaza.eu www.p3.mykazakstan.eu p3.mykazakstan.eu www.p3.kazah.eu p3.kazah.eu license.899themes.com www.license.899themes.com www.testinggames.space russprize22z.site www.russprize22z.site www.lotrozpriz22.site lotrozpriz22.site

Malware Detected on Host

Count: 5 ab09a794a1ecd609c6e9d6b3a08179ea0bbe024127b4fd0bc30f6612fdaa845d f7b1cc7b836c41820621a0bec945247f060a76146d4e3e7b42578b0a1a9a525e 83d2f2b4b109bad74db4b526fee434ecede4a1e36bd4cd3dd5c47bcbf3b807ac f9acab6bf96f478e78ef9fb37e4826d68425b2676d8866bfbef1652a36f62aff cb9444abe28e93c6777f3f65a2fa6bb77d9906f740973c1fee19d18a763992ec

Open Ports Detected

110 2077 2083 2086 2095 30003 443 465 587 993 995

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

• inetnum: 185.18.52.0 - 185.18.55.255
• netname: ES-FORNEX-20130206
• country: NL
• descr: www.fornex.com, Fornex Hosting S.L.
• org: ORG-FHS3-RIPE
• admin-c: FRNX-RIPE
• tech-c: FRNX-RIPE
• status: ALLOCATED PA
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: MNT-FORNEX
• mnt-lower: MNT-FORNEX
• mnt-routes: MNT-FORNEX
• created: 2013-02-06T10:44:13Z
• last-modified: 2019-02-08T21:28:14Z
• organisation: ORG-FHS3-RIPE
• org-name: Fornex Hosting S.L.
• country: ES
• org-type: LIR
• address: URBANIZACION EL SALADILLO (ED ALTAIR), 214 - OFFICE 212
• address: 29680
• address: Estepona
• address: SPAIN
• phone: +34661766120
• fax-no: +34952808521
• abuse-c: FRNX-RIPE
• mnt-ref: RIPE-NCC-HM-MNT
• mnt-ref: MNT-FORNEX
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: MNT-FORNEX
• created: 2012-08-06T08:46:51Z
• last-modified: 2021-08-18T08:32:33Z
• role: Fornex Hosting Ripe coordination
• address: Fornex Hosting S.L.
• abuse-mailbox: abuse@fornex.com
• admin-c: SS20513-RIPE
• tech-c: SS20513-RIPE
• nic-hdl: FRNX-RIPE
• mnt-by: MNT-FORNEX
• created: 2012-08-07T12:08:17Z
• last-modified: 2015-05-04T10:23:25Z
• route: 185.18.52.0/22
• origin: AS49981
• mnt-by: MNT-FORNEX
• created: 2019-02-08T21:09:14Z
• last-modified: 2019-02-08T21:09:14Z