8.26.21.195 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 8.26.21.195 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: hphosts_emd

• Country: United States
• Network: AS15083 infolink global corporation
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: ladreamcdonald.com pclogicsecurity.com shawnimarie.net passmethehookahsis.com brandiandbrianna.com briannabrandianddad.com maxsempire.com www.asrsupport.com asrsupport.net www.asrsupport.net www.get.advancedsystemrepair.com get.advancedsystemrepair.com bluetechav.com www.bluetechtc.com bluetechtc.com advancedpcrepairs.com www.user.advancedsystemrepair.com user.advancedsystemrepair.com angelwilliams.net asrbilling.com victoriamyricks.com www.victoriamyricks.com shawnijill.com www.maxsempire.com www.shawniandjill.com shawniandjill.com asrsupport.com www.shawnimyricks.com shawnimyricks.com www.safelockvpn.net www.stripe.advancedsystemrepair.com stripe.advancedsystemrepair.com www.advancedsystemrepair-affilates.com maximillianvirrey.com stacydobbins.com www.stacydobbins.com www.advancedpcrepairpro.com www.safelockvpn.com www.advancedvpn-affilates.com safelockvpn.net www.isync.net isync.net www.masonsgame.com www.maxsgamer.com www.masonstoys.com webdisk.advancedvpn.com safelockvpn.com www.advanceddriverupdates-affilates.com www.iguardvpn.com iguardvpn.com www.ifancoins.com masonsgame.com maxsgamer.com www.maxsbillions.com maxsbillions.com www.maxcashgames.com maxcashgames.com masonstoys.com advanceddriverupdates-affilates.com advancedsystemrepair-affilates.com advancedvpn-affilates.com ifancoins.com ifanstokens.com www.ifanstokens.com www.sportscryptoz.com sportscryptoz.com advanceddriverupdates.com www.advanceddriverupdates.com www.shwtmmemotorsports.com www.justmecat.com www.advancesystemcarepro.com www.safersecured.com shwtmmemotorsports.com www.get-apg.com www.gorilladevlopers.com www.thewhaletanks.com www.pclogic.com www.myshopperz.com www.advancedpccarepro.com www.isync.com www.safepay1.com www.advancedsystemrepair.com www.gorilladevs.com www.asrpros.com www.advancedsystemcarepro.com www.myasrpro.com www.vpnwinner.com www.winthrusterpro.com www.vpnreports.org www.advancedtotalcare.com www.topcomputerrepairshops.com www.advancedvpn.com www.advancedprivacyguard.com www.vpnreports.net www.pccleanerinc.com www.advancedsystemrepairpro.com www.advancedmacrepair.com www.advancedavpro.com www.cashawni.com www.advanceddriversupdater.com www.safensecured.com get-apg.com www.privacywebbrowser.com www.advanceddriverssupport.com thewhaletanks.com gorilladevlopers.com gorilladevs.com justmecat.com cpcontacts.cashmyricks.com cpcalendars.cashmyricks.com cpcalendars.cashiermyricks.info cpcontacts.cashiermyricks.info server1.pclogic.com privacywebbrowser.com cpcontacts.privacywebbrowser.com cpcalendars.privacywebbrowser.com cashiermyricks.com cashmyricks.com cpcontacts.cashiermyricks.net cpcalendars.cashiermyricks.net cashiermyricks.net cashmyricks.net cpcontacts.cashmyricks.net cpcalendars.cashmyricks.net www.cashmyricks.cashiermyricks.com cashmyricks.cashiermyricks.com cpcontacts.safersecured.com cpcalendars.safersecured.com support.advancedsystemrepair.com www.support.advancedsystemrepair.com cpcontacts.advancesystemcarepro.com cpcalendars.advancesystemcarepro.com safensecured.com cpcalendars.safensecured.com cpcontacts.safensecured.com cpcontacts.safepay1.com cpcalendars.safepay1.com safepay1.com safersecured.com cpcalendars.isync.com cpcontacts.isync.com cpcalendars.cashawni.com cpcontacts.cashawni.com cpcalendars.advancedavpro.com cpcontacts.advancedavpro.com cpcontacts.vpnreports.org cpcalendars.vpnreports.org cpcontacts.advancedvpn.com cpcalendars.advancedvpn.com cpcontacts.vpnwinner.com cpcalendars.vpnwinner.com cpcontacts.advancedprivacyguard.com cpcalendars.advancedprivacyguard.com cpcalendars.winthrusterpro.com cpcontacts.winthrusterpro.com cpcontacts.advanceddriverssupport.com cpcalendars.advanceddriverssupport.com cpcontacts.asrpros.com cpcalendars.asrpros.com cpcontacts.advancedsystemrepairpro.com cpcalendars.advancedsystemrepairpro.com cpcontacts.advanceddriversupdater.com cpcalendars.advanceddriversupdater.com cpcalendars.advancedmacrepair.com cpcontacts.advancedmacrepair.com cpcontacts.advancedviewerpro.com cpcalendars.advancedviewerpro.com cpcontacts.advancedtotalcare.com cpcalendars.advancedtotalcare.com cpcontacts.advancedsystemcarepro.com cpcalendars.advancedsystemcarepro.com cpcontacts.myasrpro.com cpcalendars.myasrpro.com cpcontacts.advancedpccarepro.com cpcalendars.advancedpccarepro.com cpcalendars.myshopperz.com cpcontacts.myshopperz.com cpcontacts.pccleanerinc.com cpcalendars.pccleanerinc.com cpcontacts.supportexpert.com cpcalendars.supportexpert.com cpcontacts.advancedpcrepairpro.com cpcalendars.advancedpcrepairpro.com cpcontacts.topcomputerrepairshops.com cpcalendars.topcomputerrepairshops.com cpcalendars.remoteviewerpro.com cpcontacts.remoteviewerpro.com cpcalendars.vpnreports.net cpcontacts.vpnreports.net cpcontacts.pclogic.com cpcalendars.pclogic.com cpcalendars.busibmanagement.com cpcontacts.busibmanagement.com cashawni.com advancesystemcarepro.com webdisk.advanceddriversupdater.com advancedsystemrepairpro.com busibmanagement.com myshopperz.com advancedpccarepro.com myasrpro.com asrpros.com advanceddriverssupport.com advancedtotalcare.com advancedavpro.com supportexpert.com ns1.pclogic.com advancedviewerpro.com winthrusterpro.com advancedsystemcarepro.com www.lp.advancedsystemrepair.com lp.advancedsystemrepair.com advancedprivacyguard.com advanceddriversupdater.com vpnreports.org vpnreports.net checkout.advancedsystemrepair.com www.checkout.advancedsystemrepair.com vpnwinner.com www.track.advancedsystemrepair.com track.advancedsystemrepair.com advancedpcrepairpro.com topcomputerrepairshops.com advancedvpn.com remoteviewerpro.com advancedmacrepair.com pclogic.com isync.com pccleanerinc.com advancedsystemrepair.com

Malware Detected on Host

Count: 10 1ae10a07beac2cf4ed6f3a685da50eabe4ac24c81af3fb883756e103ce1a97f1 195206d9375f23353895ce121af5cb9a98bdc9505f3508e1226f0e4a0b127154 37b31fd615b0ccb9332b00e27130b071af4533263402973030b768c2e1dafd6c b7687af90512b62c4be4c91fc816653e6a4c8fe8c06d2ad87dcc5afd8fb8e7f2 dbec418886aefcf898fd12baad9ef786feba0cd2d29a05e3653b758882cb9307 27bbff80da31934b2a324a3a05da9da18a650093149d3052e45b99e2e7f0a17f 154deda62881b0bf5324a6a4be697dac13633ff5843d63f5ef3037781ae6fc9a cf92ba7da1b0028c34c3156506d82693c3156db446d5b8c8c00048dd151950ff f0322330463a26a37b9702857baa8ca448d8b31b873e5a72a7718e5ab623e40e a3259430b6e33ce9dcb0dcfdfc3294937c75707b9750aa6c122093442d2e0ea4

Open Ports Detected

110 143 2082 2083 2086 2087 21 22 3306 443 465 53 587 80 993 995

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

• NetRange: 8.0.0.0 - 8.127.255.255
• CIDR: 8.0.0.0/9
• NetName: LVLT-ORG-8-8
• NetHandle: NET-8-0-0-0-1
• Parent: NET8 (NET-8-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Level 3 Parent, LLC (LPL-141)
• RegDate: 1992-12-01
• Updated: 2018-04-23
• Ref: https://rdap.arin.net/registry/ip/8.0.0.0
• OrgName: Level 3 Parent, LLC
• OrgId: LPL-141
• Address: 100 CenturyLink Drive
• City: Monroe
• StateProv: LA
• PostalCode: 71203
• Country: US
• RegDate: 2018-02-06
• Updated: 2023-08-10
• Comment: USAGE OF IP SPACE MUST COMPLY WITH OUR ACCEPTABLE USE POLICY:
• Comment: https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
• Comment:
• Comment:
• Comment: 1. You are permitted to route the Lumen IP prefixes listed via Public BGP to your alternate ISP from the designated ASN. Any other ASN originating the prefix listed is forbidden.
• Comment: 2. The Lumen IP prefixes listed can be routed via Public BGP to your alternate ISP as long as you remain an active customer with Lumen and continue to route the prefixes over at least one Lumen Internet circuit without significant traffic engineering.
• Comment: 3. Should your Internet services with Lumen be discontinued, Lumen reserves the right to have your alternate ISP terminate the routing of the Lumen IP prefixes without advanced notification, should you fail to do so.
• Comment: 4. All IP Addresses assigned or allocated by Lumen to an end-user (customer or ISP) shall be considered non-portable and will be reclaimed by Lumen upon service termination.
• Comment: 5. Lumen reserves the right to conduct audits to ensure the LOA conditions are being met.
• Comment: 6. Usage of IP space must comply with our AUP https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
• Comment:
• Comment: Our looking glass is located at: https://lookingglass.centurylink.com/
• Comment:
• Comment: For subpoena or court order please fax 844.254.5800 or refer to our Trust & Safety page:
• Comment: https://www.lumen.com/en-us/about/legal/trust-center/trust-and-safety.html
• Comment:
• Comment: For abuse issues, please email abuse@aup.lumen.com
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email)
• Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/LPL-141
• OrgTechHandle: APL7-ARIN
• OrgTechName: ADMIN POC LVLT
• OrgTechPhone: +1-877-453-8353
• OrgTechEmail: ipadmin@centurylink.com
• OrgTechRef: https://rdap.arin.net/registry/entity/APL7-ARIN
• OrgAbuseHandle: LAC56-ARIN
• OrgAbuseName: L3 Abuse Contact
• OrgAbusePhone: +1-877-453-8353
• OrgAbuseEmail: abuse@level3.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/LAC56-ARIN

Links to attack logs

****** ****** ******