104.208.108.166 Threat Intelligence and Host Information
Dec 28, 2023
ipinfopage
General
This page contains threat intelligence information for the IPv4 address 104.208.108.166 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
Possibly Malicious Host 🟢 10/100
Host and Network Information
-
Tags: Bruteforce, Brute-Force, SSH
-
JARM: 3fd21c20d3fd3fd21c43d21c21c43d1ec49a4b64df0a9e9f328abd60285841
-
View other sources: Spamhaus VirusTotal
- Country: Hong Kong
- Network: AS8075 microsoft corporation
- Noticed: 1 times
- Protcols Attacked: ssh
- Passive DNS Results: lebo1818.com lebo2929.com www.lebo2929.com 20233656.cc 734178.com 723278.com 734195.com 723280.com 723279.com 734180.com 751172.com 751162.com 751233.com 751178.com k365g.com vip6980.com www.vip6980.com www.20233656.cc 751323.com 751352.com 751363.com 751361.com 751372.com 751329.com 751362.com 751335.com 751332.com 76638.cc 76256.cc www.76256.cc 76617.cc www.76617.cc 75395.cc www.715598.com 715598.com 3656ik.vip 73976.cc www.058zy.com www.056zy.com www.zb188168.com zb188168.com 715561.com 715672.com 715582.com 715523.com 715591.com 715396.com 715563.com 715638.com 715622.com 056zy.com 058zy.com www.36562022.com www.45668444.com www.45668666.com www.45668777.com www.ls259.com ls259.com www.45668222.com 713919.com www.vip6970.com vip6890.com www.vip6890.com 026zy.com www.026zy.com 709878.com 933944.com 320878.com www.320878.com www.zb69558.com 3000119.com www.3000119.com lebo3535.com www.lebo3535.com www.lebo8000.com www.lebo1212.com www.lebo3030.com 18543.com www.18543.com 19654.com www.19654.com www.064878.com 064878.com www.205878.com 205878.com www.358878.com 358878.com 712826.com 712795.com 712797.com 712796.com 712881.com 712868.com vip6970.com 45668555.com zb71599.com zb69558.com 22wb999.com www.22wb999.com 11wb999.com www.11wb999.com www.44wb999.com 44wb999.com www.55wb999.com 55wb999.com www.5622999.com 5622999.com lebo9000.com www.33wb999.com 33wb999.com www.3656h.vip ls253.com www.ls253.com ls252.com www.ls252.com www.45668333.com 45668333.com 45668888.com www.45668888.com www.45668111.com 45668111.com 68655f.com www.68655f.com www.68655b.com www.68655g.com 68655g.com www.ls257.com ls257.com 36562022.com 3656h.vip 20223656.cc www.304443.com 304443.com 324245.com www.324245.com www.3656i.vip 3656i.vip www.3656k.vip www.3656j.vip 3656j.vip 36562022.net 36562022.cc 68655b.com lebo3030.com 3656k.vip lebo8000.com 20223656.net zbo212.com www.zbo212.com 45668777.com 45668444.com 45668666.com lebo1212.com www.20223656.cc cluster3e15e1f3.hysjs168.com www.3000118.com 3000118.com www.3000001.com 3000001.com www.3000009.com 3000009.com 3000116.com www.3000116.com www.059zy.com 059zy.com 057zy.com www.057zy.com www.zbo6866.com zbo6866.com 344462.com 45668222.com quanfayinshua.com
Open Ports Detected
Map
Whois Information
- NetRange: 104.208.0.0 - 104.215.255.255
- CIDR: 104.208.0.0/13
- NetName: MSFT
- NetHandle: NET-104-208-0-0-1
- Parent: NET104 (NET-104-0-0-0-0)
- NetType: Direct Allocation
- OriginAS: AS8075
- Organization: Microsoft Corporation (MSFT)
- RegDate: 2014-10-01
- Updated: 2021-12-14
- Ref: https://rdap.arin.net/registry/ip/104.208.0.0
- OrgName: Microsoft Corporation
- OrgId: MSFT
- Address: One Microsoft Way
- City: Redmond
- StateProv: WA
- PostalCode: 98052
- Country: US
- RegDate: 1998-07-10
- Updated: 2023-11-17
- Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
- Comment: * https://cert.microsoft.com.
- Comment:
- Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
- Comment: * abuse@microsoft.com.
- Comment:
- Comment: To report security vulnerabilities in Microsoft products and services, please contact:
- Comment: * secure@microsoft.com.
- Comment:
- Comment: For legal and law enforcement-related requests, please contact:
- Comment: * msndcc@microsoft.com
- Comment:
- Comment: For routing, peering or DNS issues, please
- Comment: contact:
- Comment: * IOC@microsoft.com
- Ref: https://rdap.arin.net/registry/entity/MSFT
- OrgTechHandle: MRPD-ARIN
- OrgTechName: Microsoft Routing, Peering, and DNS
- OrgTechPhone: +1-425-882-8080
- OrgTechEmail: IOC@microsoft.com
- OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
- OrgTechHandle: SINGH683-ARIN
- OrgTechName: Singh, Prachi
- OrgTechPhone: +1-425-707-5601
- OrgTechEmail: pracsin@microsoft.com
- OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
- OrgAbuseHandle: MAC74-ARIN
- OrgAbuseName: Microsoft Abuse Contact
- OrgAbusePhone: +1-425-882-8080
- OrgAbuseEmail: abuse@microsoft.com
- OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
- OrgTechHandle: IPHOS5-ARIN
- OrgTechName: IPHostmaster, IPHostmaster
- OrgTechPhone: +1-425-538-6637
- OrgTechEmail: iphostmaster@microsoft.com
- OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
- OrgRoutingHandle: CHATU3-ARIN
- OrgRoutingName: Chaturmohta, Somesh
- OrgRoutingPhone: +1-425-882-8080
- OrgRoutingEmail: someshch@microsoft.com
- OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
- OrgTechHandle: BEDAR6-ARIN
- OrgTechName: Bedard, Dawn
- OrgTechPhone: +1-425-538-6637
- OrgTechEmail: dabedard@microsoft.com
- OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
Links to attack logs
digitaloceantoronto-ssh-bruteforce-ip-list-2023-12-28
Share on: