175.110.112.8
## IP Intelligence Briefing: 175.110.112.8/32
Observed Data:
* IP Address: 175.110.112.8
* CIDR Block: /32
* Location: [Geolocation data retrieved from IP geolocation service]
* AS Number: [Autonomous System Number retrieved from WHOIS lookup]
* AS Name: [AS Name retrieved from WHOIS lookup]
Observation History:
* Date: [Date of first observed activity]
* Activity Type: [Type of observed activity, e.g., DNS query, web traffic, port scan]
* Source: [Source of observed activity, e.g., specific domain, IP range]
* [Additional observation entries as available]
Relationships:
* Domains: [List of domains associated with the IP address, if any, retrieved from DNS records]
* IPs: [List of IP addresses observed communicating with the target IP, if any, retrieved from network traffic analysis]
Neighborhood Data:
* Nearby IPs: [List of IP addresses in the same subnet or IP range]
* AS Neighbors: [List of ASNs that are directly connected to the target AS]
Actionable Intelligence:
Based on the collected data, 175.110.112.8 has been observed engaging in [summarize observed activity]. Its association with [domains/IPs/ASNs] suggests potential connections to [mention potential threat actors or campaigns based on observed data].
Recommendations:
* Continue monitoring the IP address and associated entities for further suspicious activity.
* Investigate the observed domains and IPs for malicious intent.
* Consider implementing network segmentation and intrusion detection rules to mitigate potential threats.
Note: This intelligence briefing is based solely on the data retrieved from available tools. Further investigation may be required to fully understand the nature and extent of the potential threat.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | MNT-WORLDSTREAM |
| ASN | AS49981 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 175-110-112-8.hosted-by-worldstream.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 175-110-112-8.hosted-by-worldstream.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| 8080 | http-alt | tcp | โ |
| Closed Ports | 25, 3389, 8443 (4 open / 7 scanned) | ||
| Server | Apache/2.4.53 (AlmaLinux) OpenSSL/3.0.7 |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.7 |
๐ TLS Certificate
| SANs | *.wayshare.ccwayshare.cc |
| Valid From | 2025-11-12T11:02:41+00:00 |
| Valid Until | 2026-12-14T11:02:40+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 396 days |
| Serial Number | 651F8FF2AC953BB256D17F2E |
| Thumbprint | D8F6A8DE8785E18C637C23568222CD5CD991CA90 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 19% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 21% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-08 05:01:50 UTC |
| Last Seen | 2026-06-26 18:10:47 UTC |
| Profile Built | 2026-06-25 02:56:32 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 21 |
Full dossier details are available via our API.