5.79.79.212 Threat Intelligence and Host Information

Oct 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 5.79.79.212 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Known Malicious Host 🔴 75/100

Host and Network Information

  • Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1036.004 - Masquerade Task or Service, T1055 - Process Injection, T1059.007 - JavaScript, T1060 - Registry Run Keys / Startup Folder, T1071.001 - Web Protocols, T1071.004 - DNS, T1102 - Web Service, T1105 - Ingress Tool Transfer, T1110.002 - Password Cracking, T1114.001 - Local Email Collection, T1140 - Deobfuscate/Decode Files or Information, T1185 - Man in the Browser, T1204.001 - Malicious Link, T1204.002 - Malicious File, T1204.003 - Malicious Image, T1204 - User Execution, T1447 - Delete Device Data, T1457 - Malicious Media Content, T1512 - Capture Camera, T1523 - Evade Analysis Environment, T1560 - Archive Collected Data, T1578.003 - Delete Cloud Instance, T1583.001 - Domains, T1588.001 - Malware, T1610 - Deploy Container

  • Tags: 2nd corintnthians 4:8-9, 707713, acint, active related, active threat, activity dns, adblock pro, added active, addtopayload, adload, admin city, a domains, aes256gcm, agent, agent tesla, alexa, alexa top, algorithm, alina, all octoseek, all scoreblue, all txt, amadey, america asn, analyze, andromeda, anomalous_deletefile, anomalous file, antidebug_guardpages, antivm_generic_disk, a nxdomain, api blog, appdata, apple ios, applicunwnt, april, artemis, as133618, as134175 unit, as16509, as29066 host, as38365 beijing, as393601 state, as397241, as47846, as4837 china, as63949 linode, as6461 zayo, asnone, asyncrat, athena, attack, attention, august, awful, aws, azorult, backdoor, bambernek, bambernek gen, bambernek simda, banco, bandoo, bank, banker, behav, betabot, beta version, blacklist, blacklist http, blacklist https, body, body length, bradesco, brian sabey, brontok, business, bypass_firewall, C2, ca1 odigicert, cellbrite, certificate, certsentry, chaos, check in, china unknown, cins active, cisco umbrella, citadel, cleaner, click, cmstp, cname, cnc, cobalt strike, code, coinminer, command_and_control, commerce, communicating, components, compromised websites, conduit, contacted, contact phone, cookie, copy, copyright, core, country, crack, creation date, critical, crlf line, cryptowall, csc corporate, cus cndigicert, cus olet, cyber security, cyber stalking, cyber threat, daisy coleman, dalles, dark, data, database, date, dcom, deepscan, default, de indicators, delete, delete c, delphi, desktop, detection list, dev, dexter, dirtsearch, disables_windowsupdate, dns, dns lookup, dns replication, dns resolutions, docs pricing, domain, domain privacy, domains, domain status, downldr, download, downloader, dropped, dropper, dynamic, dynamic_function_loading, dynamicloader, email, emails, emotet, emotet malware, emotet trojan, emotet virus, encrypt, encrypt cnr11, engineering, entity, entries, error, et cins, eternalblue, eva reimer, evilnum, execution, expiration, expiration date, exploit, facebook, fakealert, fake net, falcon sandbox, false, february, fexp24007246, file execution, filehashmd5, filehashsha1, filehashsha256, filerepmetagen, files, filetour, firehol, first, flawedammyy, floxif, full name, gecko, general full, genkryptik, germany unknown, get h2, get http, get na, global g2, gmbh version, gmt content, google, graph summary, guard, hacktool, hallrender, hash, hashes, hawkeye, heur, high, historical, historical ssl, hong kong, hostname, hostnames, house.mo.gov, http get, http_request, https://lawlink.com/documents/10935/blackbag-technologies-announ, huge domains, ieudinit, iframe, indicator role, info, infy, injection_create_remote_thread, injection_inter_process, inmortal, installcore, internet storm, ioc, iocs, ip address, ip reputation, ip summary, ip tcp, ipv4, jackpos, june, kb body, keepaliveyes, key identifier, keylogger, khtml, known infection source, kraken, learn more, linkid252669, local, location united, lockbit, login, loki, main, malicious, malicious site, malicious url, maltiverse, malvertizing, malware, malware infection, malware service, malware site, malware sites, mas, matsnu, maze, media center, media sharing, medium, metro, mhkz, microsoft, midia-4, million, mirai, missouri, modify_proxy infostealer_cookies, mon jul, ms17010, msie, mtb feb, mvi2, name servers, name verdict, nanocore, nat32, network_http, neutrino, next, Nextray, nircmd, njrat, no data, no expiration, november, nsyt, number, nxdomain, nymaim, observed dns, october, opencandy, open ports, organization, parallax rat, parent domain, parking crew, passive dns, paste, patcher, pcap, pdf report, pegasus, persistence_autorun, phase, phishing, phishing site, phishtank, pjp3sltkz, plasma, playgame, please, pony, poor reputation, postal code, post http, powershell, powershell code, powershell_download, powershell_request, presenoker, privacy admin, privateloader, probe ms17010, problems, procmem_yara, protocol h2, pulse pulses, pulses, pulse submit, push, pykspa, qakbot, qbot, quasar, query, ramnit, ransom, ransomexx, ransomware, real estate, record type, record value, redacted for, redir, redline stealer, referrer, registrar, registrar abuse, registrar iana, registrar url, registry domain, related pulses, remcos, remcos rat, replication, reputation ip, resolutions, resolved ips, resource, reverse dns, rgba, riskware, roundup, safebae, safe site, sample, samples, scan endpoints, search, search live, security tls, september, server, servers, service, sha256, show, showing, simda, site, slcc2, slingshot, smsspy, software, spitmo, spyeye, spyware, ssl certificate, startpage, state, stateprovince, status, status code, stealer, steam, subject public, summary, suppobox, swrort, systweak, tactics, tag count, target, targeting, taskscheduler, team, threat, threat network, threat report, threat roundup, threats et, tiggre, title added, tls rsa, tracking, trojan, trojandropper, trojanspy, tsara brashears, ttl value, type name, typosquatting, ua71173394, unicode text, union, united, unknown, unruy, unsafe, url analysis, url http, url https, urls, urls http, urls https, url summary, ursnif, utf8, v3 serial, validity, vawtrak, vba code, veryhigh, virgin islands, virut, vskimmer, wacatac, wannacry, warbot, wc3 rpg, wcry, webtoolbar, whois record, whois whois, win32, win32 exe, win64, windows nt, wininit, win.trojan, wow64, write, x509v3 subject, xpcegvo2adsnq, xrat, xtrat, xtreme, yara detections, yara rule, zbot, zeus

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: bambenek_banjori, hphosts_emd, hphosts_fsa, hphosts_psh

  • Country: Netherlands
  • Network:
  • Noticed: 38 times
  • Protocols Attacked: SSH
  • Countries Attacked: Australia, Canada, China, Czechia, Denmark, Estonia, France, Germany, Hong Kong, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: yfinance.download tncountyclerl.com federareservebenefits.org laddders.com ascensiopress.com factsmgnt.com livestreameast.live llandaffsurgery.co.uk pegmatite.co.uk myibxtbenefits.com citaconsularquatemala.com helllosmart.com sportcardspro.com myeifiext.com 24kbeautysupply.com thehartfordmybenefits.com lifeflightnetwork.org virgniamanagedcare.com dev.enfamil.coupons m.americafirstcu.org ww4.applfcu.org gamemagus.com udlwheel.mdonlinegrants.org angeloleottaautorepair.com targetsolutios.com samsbluc.com patifinich.com ubereatsdriver.com wwwlhotmail.com tone.house jpchicken.com allstateprotectoionplans.com ww2.coincatch.io icoonoo.com ennegramtest.net adaparkinson.org bugerkinguniversity.com sterlingsoap.com hearourvoicesstore.com arrestt.org bedsdivan.co.uk homefinders.org.uk boatingus.org focalpointrepointing.co.uk walmartproection.com desidp.com handrblovk.com equip-portal.rocstac.com insuranclaimcheck.com paysocialmediajobs.com mellonjuggler.com nclhelp.com sthereanydeal.com bathrooms.blue www.os.telechargercdn.com wwwwgoole.com findmyiohone.com thrivecausemedics.com arethereanydeals.com villagekitchenbillinge.co.uk pvp.tips acdelcodts.com workdaybsmhealth.org gimkitit.com josephespositojewelry.com freedcafe.com arcourts.org lancasterautocare.com amyadp.com malubustrings.com ronstattoos.com talksapce.com mandmusedtire.com wellcaremybenefitscenter.com thinggivers.com withoutfearofthefuture.com ozempic.uk careepilot.org.uk flyingelephants.co.uk 1-800flowes.com fanduelsportbook.com www.zing.jewelersmututal.com boxedbar.co.uk stubhop.com onlyfancs.com hickberry.com btruist.com chilpotlefeedback.com speouts.com l1v1.lol communites.win ourwordindata.org sdarothd.party myofficialinjuryclaim.org.uk digitalcookiegirlscouts.org thceshop.com thernanest.com glenceintuit.com comhewy.com claimab.com snazymaps.com erothos.co ceramicsartsnetwork.org noplaystation.com monstersteriods.net hendrickcareer.com stocktwots.com robloxcondo.xyz protecttheartic.org oneuabmedicine.com curiositystreams.com perfecteamaker.com o0utlook.com spencerloa.com barkboxx.com sansfight.com samsujng.com dogwoodhillsgc.com gtownwineandspirits.com oldtownstainedglass.com aandmsupply.com cobratecknifes.com ericmataxas.com pollyandbark.com infitecampus.org mychartnyulangone.org quilzlet.live 597mm.org download4djs.co.in launchpadhumana.com mightnetworks.com berlingtonenglish.com raisinfcanes.com kingwaypharmacy.co.uk honbbylobby.com webrestrant.com paymentmyhealthbill.com parcelasapp.com ealgreen.com pdfhere.top openvbp.com mail01.elq.card.photos leakedvids.com liululemon.com blookiet.com listclawer.com coachmanowners.com csquaredscuba.com habine.tv joystickcinema.com streamies.live hopkinsusfhp.com indestructableshoes.com completeglazingservices.co.uk acehatdware.com drillbit.me qulzlet.live frostyjob.com maesgwynkennels.co.uk eastwindsorcarservicelimo.com wyattguest.co.uk zerihedge.com govsalary.org policereportlexisnexis.com billieeilishstore.uk hedgoal.com shopfirstlinebenifits.com usbankrrliacard.com 1freemoviesfull.com hineywell.com norseair.co.uk pacheckplus.com kdpbenefits.com ronaldo.news cresswindptchoa.com mlbballpark.com johnreynoldsbuilders.co.uk kidsz-z.com londonchinesemassage.co.uk dogwoodanimalrescue.com constantconctact.com clublunagreenville.com ptrpaidgiftbalance.com pressofatlanticity.com flypitparking.com creadrs.net ozzysautos.com al-support-apple.com craftcube36.anternos.me wennnnnik312.anternos.me mp3baseball.com www.chocgox.com nunnlife.com chewy.comhewy.com informeddlivery.com fullproofme.org funretrospective.com teamhealthokta.com cafeapliances.com elansalonnj.com wortpoint.com greatereriefcu.com hhveincenter.com sockjunk.com fffnhelp.com trviamaker.com ststefsrm.com thefriendlyflowershop.com cellularmatch.com microcwnter.com wamsrt.com managabuddy.com whatisinfo.com aciatormastercard.com spiritosewingcenter.com immortalscans.com wedwardjones.com myhealthbofa.com centralpiedmont.panapto.com caesaars.com biokibg.com okta.gitlba.com development.everyplates.com www.wtpammunition.com questdiagonastics.com www.ment1.com my314538.vlabc4c.ondemad.com shaffer-law.glfpage.com www.onlineflipbuilder.com swingindoorlasvegas.com natruallife.com bkpizzaria.com deltawms.com selfservicev12finance.com bohhoo.com inkscap.org anternos.me blessingsdaycare.org.uk pleatssoftfurnishings.co.uk mydisneyexoerience.com securebswift.com uniquewheelsrental.net follybeachparkingauthority.com keystonecollecs.com nbcspoorts.com cumberlandpatriots.com prisomhr.com peachsecureeu.com lincarecloud.com entaff.com corvebeerwine.com softdurroundings.com roguemonz.com flashyranny.com amrticanexpress.com mountsaini.org aaretire.com businessexpertstaffing.com banburygardenservices.co.uk mybbnchealthplan.com rwgasandheatingltd.co.uk neardeathmeditation.com zoetispetcaterewards.com webstaurent.com chemistrywithmsdana.org bestevermassage.club arthendas.co.uk portalcliente.online mountainhomeyogaandfitness.com criminalmods.com captital.one digccmixter.org dawnsigh.com jcpcarrers.com andedot.com jeoprdy.com shopmyexcgange.com polishedblowoutandbeautybar.com keeptruking.com routeonecinemapub.com banded.video tor.sale zoomembership.org sitemaps.ssphomedepot.com amamandeve.com meijercoupondeals.com calvarychandler.com servicefinanceco.com pararmount.com eviedence.com nbcsporta.com sandbox.fwzhushou.com hacksplining.com mane-iacbarbershop.com zarapemexicanrestaurant.com bellibacibakery.com bellissimopizza.net askdfas.com theshitme.com sump.me brunswickcare.org businessdebtline.org.uk cafescompany.xyz patientgateaway.org dekmartmotors.co.uk fabulouspromdressesmiltonkeynes.co.uk itplanthire.co.uk eireannrecruitment.co.uk sheffieldbicycle.co.uk inteletavel.com kendallgray1.shop cricketstream.me ladyglory.co.uk mycheat.club bluecareexpress.com horntysonyoder.com t-girl.club hindacars.com brotherspizzapastaandsubs.com masstrialcourts.org remotecarrollk12.org haileonard.com oschners.org snhulogin.com bannerhealth.company ww01.directtv.stream tardes.me iclickprint.net pennstatehealh.org abcenews.com nychealthandhosptials.org redcrossleaningcenter.org myhumanaaccount.com rubraitings.com jcjenney.com chethamadvice.org.uk qbcombine.com ancientnutrician.com creativeshirtprinting.com iusxm.com indigiocard.com powerbyefi.org siboinfo.org enchildrenslibrary.org applemassagecenter.club easystretch.me.uk blowupthephone.co.uk hookchiro.co.uk mapnewea.org prevmom.me naoussa.restaurant xiptv.me taazasweets.co.uk sandendcaravanpark.co.uk crossstitchsubscriptonbox.co.uk lymphdemaproducts.com alliantcredituion.org look.movie shoreexcursioneers.com lenderlist.co.uk carrieronestop.org areyt.top visitpennmedicine.org commercialdishwasherservice.co.uk exopolotics.org blackforestdecore.com jernaforend.xyz growfinancil.org crazygrails.club handbasketproductions.biz bcbssepdental.com tome.zone twobirdsgame.com retrojordansforsale.com anbnb.me correctspelling.icu instacreen.net ilovesugar.studio fluxion.biz delawareimagingneteork.com aliveboys.com breakfastineaston.com monstersubsgpt.com ambuilding.info newharbringer.com ailseplanner.com vipleauge.me thequinnverse.com cardinalmedicalpractise.co.uk mzpentecostal.org bradfirdexchange.com smasun.com paireyeyewear.com alatagrenewals.com champaignaviation.com oversight.house showtimeaanytime.com echelonfit.co.uk steamray.help propofers.com thelistinglab.com treasurehouseofstmarks.com perrennialgardensbedford.com ronaldo.wiki nbccconvention.org moonriders.xyz shortlab.co foxstitch.co.uk blackwaterseafood.co.uk nceer.org dirtyanna.com johnaldersonphotography.co.uk freemagamovies.com lsendingtree.com wgfamilypractice.com shaftesburytaxis.uk marcoislandgardencenter.com virgen.media lovedontlivehere.com myfessy.com teqderacademy.com ervsequipmentrental.com erorpfile.com estateagentin.uk foxnenws.com goojera.com mypaymdlz.com arktimberbuildings.co.uk mobilitythebigevent.co.uk millbridgegallery.uk skecheres.com healthscents.info doublelisst.com playstatioin.com movies2joy.com atlanticbeachseafood.com teaccherspayteachers.com northfqce.com absolute-dog.com dentalameritas.com royal10bbc.com indofool.com aarrpmedicare.com vmarketa.com londonmarketplace.uk cottageshade.com kindacapital.com generationsobgyntucson.com moviecora.com amazonprimeamzn.com drterrywahls.com myaccountacce.com boireference.com knightgroupproperties.com cyfuncraft.com mypaydoctor.com fiscord.com miscertified.com howwmfg.com graptree.com qjuickbooks.com h-flash.net smileeducationrecruitment.co.uk aderstein.info asvabpracticetest.co savercityrewards.co.uk goexploremotorhomehire.co.uk kangenshop.co.uk haynesmarine.co.uk apsenergysolutions.co.uk goodshepardrehab.org palladium.shoes walthamchasevillagestore.co.uk alexandranicolebeauty.co.uk polambproducts.uk thehealthyanswer.review snexplore.org vanessaangel02.xyz hightide.video hoe2recycle.info iaptportalco.uk chestersestates.co.uk howorthairtech.co.uk gardenbuildingsuk.co.uk volunteercentresandwell.org.uk icorg.uk clarkecountyfairgrounds.org julesreyroeber.co.uk everydaypuzzles.co.uk paraleadharness.com sheaandlarocque.com southcroydonswimmingclub.co.uk naybursroofing.co.uk picagg.com mercedescarrera.net nsaacct.org govermnetjobs.com jkim.fun caseycareer.com mytmetroclaim.com

Malware Detected on Host

Count: 2845 69fc6f1446c717069fd17b570f8153dbbbf52d74a03d6c62e0621cfc82f00a6b e3410dbb1744a9ab115f7652be1ff8a1ed11eb60155559b3f3c937ee2d16cbb5 51df1d1441439a330cf1a6aff245bb441d970bcafa8f7216918fbf272a1afdd9 f6b249d9c404820f60b2fd9f1473f5b4c01b682fe90b769633a0b470ebd3dcf8 0a5dcefaf833aff2ed1e754a4fe50c9347c6bd82e748542fa5cc8f2dcd402236 7d619c7f054e0e0e6fd32e8a2e713e60c6ddbc72fe5db5419a5931968e10ba75 68ecfc6a7073c55be5f1e55f7dfba9972ec2a04efc58af13d72c11a361672ac2 d0a5c795beccb89ca6238ec045fe0577da7ef3f6a9767e268b45ef2b8b1aaf18 43d2315764f28770b1b8be41e46d79da43de446f764a7f11710d972035f1f699 2e0dfb2f3a17fb03b9cc6ba5b94b32c3f354ba568c00a305e9804984d65b71cf

Open Ports Detected

443 53 80 8080

Map

Whois Information

  • inetnum: 5.79.64.0 - 5.79.127.255
  • netname: NL-LEASEWEB-20120614
  • country: NL
  • org: ORG-OB3-RIPE
  • admin-c: lswn1-RIPE
  • tech-c: lswn1-RIPE
  • status: ALLOCATED PA
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: LEASEWEB-NL-MNT
  • mnt-lower: LEASEWEB-NL-MNT
  • mnt-domains: LEASEWEB-NL-MNT
  • mnt-routes: LEASEWEB-NL-MNT
  • created: 2012-06-14T07:52:30Z
  • last-modified: 2017-11-16T10:10:08Z
  • organisation: ORG-OB3-RIPE
  • org-name: LeaseWeb Netherlands B.V.
  • country: NL
  • org-type: LIR
  • address: Postbus 93054
  • address: 1090BB
  • address: Amsterdam
  • address: NETHERLANDS
  • phone: +31203162880
  • fax-no: +31203162890
  • admin-c: lswn1-RIPE
  • abuse-c: LWAD-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: LEASEWEB-NL-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2004-04-17T11:42:05Z
  • last-modified: 2020-12-16T12:49:01Z
  • role: Leaseweb NL NOC
  • address: Hessenbergweg 95, 1101 CX. Amsterdam
  • admin-c: SPW1-RIPE
  • nic-hdl: lswn1-RIPE
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2017-11-16T10:05:00Z
  • last-modified: 2022-07-05T12:59:36Z
  • route: 5.79.64.0/18
  • descr: LEASEWEB
  • origin: AS60781
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2014-03-10T12:46:38Z
  • last-modified: 2015-09-30T23:00:01Z
Share on: