104.168.44.52 Threat Intelligence and Host Information

Share on:
May 10, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.168.44.52 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: Nextray, SSH, Telnet, agenttesla, anapa, asec, asec blog, attack, avemaria, bruteforce, cyber security, digital ocean, formbook, gmail, infostealer, ioc, k1llerni2x, kill4rnix, kirpich, la, lafusioncenter, lilocc, login, lokibot, louisiana, malicious, mniami, phishing, prophef6, qmashton, rapit, redline, rspich, scanner, sha1, sha256, size, telnet, tool, valhalla

  • View other sources: Spamhaus VirusTotal

  • Country: Netherlands
  • Network: AS36352 colocrossing
  • Noticed: 19 times
  • Protcols Attacked: telnet
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 38 21bf52fcec35b53e930968e35c62efb4d11087547d4c427b7337b6c77375a48a 1e81ab25297df0db7a4bf99fec854251bd3771ca804c22bb3f6d029b5195f0ce 1402412a17bb1f4a8461db38cb6f5956f8b708e101fa7481c1a056157f88ce68 5e5b680829d0ee8716021b5b22e881db3936b32049f3eb1a062012f35277f911 17db552360f584fc68469354bd2662310655725878be0ca29422b0f7d1760c43 2416bce41988c822b1c2be0626e3e66a96e4839e00389f485a23a361bb6a3d74 d46d5ddfe96bffe832a65d71940d98b3d7a06c0e9b054f2df2f086abbb49cc1b 6769c22a9c8bcc863d713d7a588f4edaa23b4c44d082ee06fd200022bb242da2 148e0e3a32f4e4fa38f170fcf8543177ec8aef1ab75d79821446482618e00b1b 363dbd49b083d4b8e4ea47866b709bb8726d67ba0a1d32fc653e815c5ba0f080

Map

Whois Information

  • NetRange: 107.172.0.0 - 107.175.255.255
  • CIDR: 107.172.0.0/14
  • NetName: CC-17
  • NetHandle: NET-107-172-0-0-1
  • Parent: NET107 (NET-107-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS36352
  • Organization: ColoCrossing (VGS-9)
  • RegDate: 2013-12-27
  • Updated: 2013-12-27
  • Ref: https://rdap.arin.net/registry/ip/107.172.0.0
  • OrgName: ColoCrossing
  • OrgId: VGS-9
  • Address: 325 Delaware Avenue
  • Address: Suite 300
  • City: Buffalo
  • StateProv: NY
  • PostalCode: 14202
  • Country: US
  • RegDate: 2005-06-20
  • Updated: 2019-10-17
  • Ref: https://rdap.arin.net/registry/entity/VGS-9
  • OrgAbuseHandle: ABUSE3246-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-800-518-9716
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3246-ARIN
  • OrgTechHandle: NETWO882-ARIN
  • OrgTechName: Network Operations
  • OrgTechPhone: +1-800-518-9716
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NETWO882-ARIN
  • OrgNOCHandle: NETWO882-ARIN
  • OrgNOCName: Network Operations
  • OrgNOCPhone: +1-800-518-9716
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO882-ARIN