185.253.212.68 Threat Intelligence and Host Information

Oct 27, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 185.253.212.68 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 32/100

Host and Network Information

  • Tags: accept, api behavior, aukcje, authentihash, black, chytron, country pl, dane, details name, droppedby, entropy, error, file activity, generator, gieda, groove, imphash, jeli, kontakt z, mark, nie masz, nie mona, ntcreatefile, null, number, open, pasek, path, przecz, request http, rich pe, scal, sha1, sha512, shift, skontaktuj, small, solid, span, ssdeep, szukaj, tree, twoje konto, typeerror, typeof symbol, typ symbolu, upuszczony, vhash, write, wstaw, wyrwnaj tekst, zachowanie api, zapis

  • View other sources: Spamhaus VirusTotal

  • Country: Poland
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: SSH
  • Passive DNS Results: blackhole.aftermarket.pl

Malware Detected on Host

Count: 46 5b44060c27407ca104637a42c7873119c7948bcc9d10b1fa7af09f7b4887ae9f 6598daa5904f003efb7063e67a642ddad03d2df5c61e86977c3a59cc9abcd975 58273d5c1aa5b08861f3760babfbb0b01f2774c9de1b7f2057d15a44829fde9f a60a376c1cfe447c7a474d330a71a05c90f099bf8e93b08b9a8e6ce489a1da88 788a92b0ab5aba563a67e99fac3af719a7b8b3ba16b93db5dc63bb45142acfed 51610cb4c5823667c1d3eab11a0e8c8a207516f6ffa15d881e6cc2d6ef8fc5a0 b1786c93729872a8c28bda311ce76d6514c32c3f661e6f764ae723647590ed75 50fb11c272b384edcf5b484d43b2b8765057f07f5ae6a11dff53454e9c0a7b16 670c2707b02ae67be9cf6c517ed0fb841434c7dc78d0d5ed5561e27822f779b9 c0d72c840e2154f90a0d653843858fdb07b9c8909c5b47bbb034396233360b44

Map

Whois Information

  • inetnum: 185.253.212.0 - 185.253.212.255
  • netname: AfterMarket-Production-Network
  • country: PL
  • admin-c: ATC53-RIPE
  • tech-c: ATC53-RIPE
  • abuse-c: ACRO34735-RIPE
  • org: ORG-MEL21-RIPE
  • status: ASSIGNED PA
  • mnt-by: GREENER-MNT
  • created: 2019-03-13T15:52:48Z
  • last-modified: 2020-08-05T09:45:24Z
  • organisation: ORG-MEL21-RIPE
  • org-name: Aftermarket.pl Limited
  • org-type: OTHER
  • descr: www.aftermarket.pl service provider
  • address: Chytron 3, Office 301, 1075 Nicosia, Cyprus
  • phone: +357.22761649
  • fax-no: +357.22767543
  • abuse-c: AR44209-RIPE
  • mnt-ref: GREENER-MNT
  • mnt-by: GREENER-MNT
  • created: 2019-03-13T15:36:59Z
  • last-modified: 2019-12-30T18:39:33Z
  • person: AfterMarket.pl Technical Contact
  • address: Chytron 3, Office 301, 1075 Nicosia, Cyprus
  • phone: +357.22761649
  • fax-no: +357.22767543
  • nic-hdl: ATC53-RIPE
  • mnt-by: GREENER-MNT
  • created: 2020-08-05T09:40:20Z
  • last-modified: 2020-08-05T09:43:46Z
  • route: 185.253.212.0/24
  • origin: AS48707
  • mnt-by: GREENER-MNT
  • created: 2018-04-06T13:02:22Z
  • last-modified: 2018-04-06T13:02:22Z

Links to attack logs

****** ****** ******

Share on: