46.246.84.12 Threat Intelligence and Host Information

Share on:
Aug 04, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 46.246.84.12 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: anapa, k1llerni2x, kill4rnix, kirpich, lilocc, mniami, prophef6, qmashton, rspich, valhalla

  • View other sources: Spamhaus VirusTotal

  • Country: Sweden
  • Network: AS42708 glesys ab
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: asy1543.duckdns.org antgobec.duckdns.org mayo21.duckdns.org matarife.duckdns.org spamworzon.duckdns.org mr1963.duckdns.org saintjames.publicvm.com connectionservices.sytes.net server.freedynamicdns.org tecklink.publicvm.com septiembre2022.duckdns.org dera12.ddns.net james12.ddns.net ncoresnew.hopto.org microsoftnet1.hopto.org freetime.theworkpc.com diosamor27.duckdns.org doug-916.direct.quickconnect.to dpm4vpn.familyds.org windowsupdaters.zapto.org news.banquealtantique.net update.mcafee-endpoint.com personnels.bdm-sa.fr ant-ec.duckdns.org androidmedallo.duckdns.org proxy21.duckdns.org ecuado2021.duckdns.org ecuadordos.duckdns.org bando222.no-ip.biz

Malware Detected on Host

Count: 9 7c1cd71f2a3477b33d1dd702dcdc993ad1d648630e76f6b90288b1b609db3098 807a2dab7647a26c5dbf41f678a7a8a8076a66c15b12bf645745875c7f2afe18 4f0e5aa77c0e9894c311e8ba4daadeeb5d8b7a6f583cf087a5c90547cfe54708 79d3666b7a0fa6f7497eb4675b1ca9c550f8cdbf932f4410f1b8feb8d1e31d49 c91814a20e581ed58e22d44f441c195d471657ff36e97a4934abe9c603c16dfa d1ae3ed0e65a3e85becdaea040af72e64f84aaf2e97dd62ba55639a81265d46d bd989528e2c4ca64c6dfa437d1ba34e3eea0877e540bef8e7fd8c96b3ec17126 6802c19079c21a985288ad3e2bae4881ca3314037711a1427f6b461598833143 353ad7e6e97a800ae060d31a617ca1fe686c196cf19218d8eebe34e6f8f6cc2e

Open Ports Detected

9091

Map

Whois Information

  • inetnum: 46.246.0.0 - 46.246.127.255
  • geofeed: https://as42708.net/geofeed.csv
  • netname: SE-GLE-RIPE-20110127
  • country: SE
  • org: ORG-GISA2-RIPE
  • admin-c: GLE-RIPE
  • tech-c: GLE-RIPE
  • status: ALLOCATED PA
  • mnt-by: GLESYS-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • created: 2019-02-07T10:02:28Z
  • last-modified: 2023-07-03T07:21:12Z
  • organisation: ORG-GISA2-RIPE
  • org-name: GleSYS AB
  • country: SE
  • org-type: LIR
  • address: Badhusvagen 45
  • address: S-31122
  • address: Falkenberg
  • address: SWEDEN
  • phone: +4634649395
  • fax-no: +4634658445
  • abuse-c: GLE101-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: GLESYS-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: GLESYS-MNT
  • created: 2007-11-06T11:11:44Z
  • last-modified: 2020-12-16T13:16:00Z
  • person: GleSYS Support
  • address: Box 134
  • address: 31122 Falkenberg
  • address: Sweden
  • phone: +46-346-738800
  • nic-hdl: GLE-RIPE
  • mnt-by: GLESYS-MNT
  • created: 2007-09-20T12:07:40Z
  • last-modified: 2010-05-28T04:24:21Z
  • route: 46.246.0.0/17
  • descr: Portlane Network
  • origin: AS42708
  • mnt-by: MNT-PORTLANE
  • created: 2011-01-27T13:42:49Z
  • last-modified: 2011-01-27T13:42:49Z

Links to attack logs

anonymous-proxy-ip-list-2023-08-03