104.219.248.45 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.219.248.45 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

• Tags: agenttesla, agentteslaexe, arkeistealer, azorult, azorultexe, danabot, darkrat, dridex, dridexopendir, emotetheodo, formbook, gandcrab, gozi, hancitor, hawkeye, heodo, icedid, kpot, kpotstealer, loader, loki, luminositylink, nanocore, nemty, netwire, phorpiex, pony, qakbot, qealler, quasarrat, raccoonstealer, remcos, remcosrat, servhelper, stealer, systembc, trickbot, troldesh, zloader

• JARM: 3fd3fd15d3fd3fd00042d42d000000038eaaf490bec8dc33757f165ce01762

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS22612 namecheap inc.
• Noticed: 2 times
• Protcols Attacked: SSH
• Passive DNS Results: makunorganics.com 5amotivation.com unifit.sa sojservicesllc.com masterscarriers.com modibbokawu.com first-ally.com vitaliahealing.com enact.com.ng redal-ng.com propertyvilleng.com www.propertyvilleng.com www.jackbrosports.com jackbrosports.com www.beatrinidad.com www.beautykink.com beautykink.com freegrantz.com boxxdesign.online www.boxxdesign.online odevisarl.com pintafabrics.com spicyandwild.online spicyandwild.com thetroyhistoricalsociety.org www.thetroyhistoricalsociety.org yolarenewalfoundation.org ellavinapharmacy.com movilidadvial.com www.au.photo4life.art au.photo4life.art www.benut-ng.com benut-ng.com promoterlo-services.com www.photo4life.art photo4life.art www.iamrotimi.com iamrotimi.com www.amiboisland.com www.100years.vc 100years.vc www.japan-arts.com www.ginfocom.com ginfocom.com givemeinfo.ng www.givemeinfo.ng www.fide.or.tz fide.or.tz www.nappskogi.com www.oziomanaka.com www.naijagospelmusic.com naijagospelmusic.com healthylifestyletips.net www.healthylifestyletips.net www.betaukraine.org betaukraine.org www.copeinc.org www.transformyourbodystore.com www.olandoenterprise.com olandoenterprise.com accessmega.com www.lpinova.com e-shopgames.com superfungames.com.au www.superfungames.com.au www.mailwizz.transformyourbodystore.com mailwizz.transformyourbodystore.com test.amparoajudareservir.casa www.test.amparoajudareservir.casa www.divesafe.amparoajudareservir.casa divesafe.amparoajudareservir.casa wfnbgroup.com www.wfnbgroup.com foreigncity.lk www.foreigncity.lk www.umuhuzanews.com nestecmedia.com australiansleepscoring.com.au www.australiansleepscoring.com.au www.bkagency.co www.sycario.com sycario.com yussuftennisacademy.com www.yussuftennisacademy.com unifit.com.sa www.unifit.com.sa scribexperts.com www.sabry.xyz sabry.xyz ichigotradingcompany.com www.ichigotradingcompany.com brightcontrolsystem.com medsmart.adpediadigital.com www.medsmart.adpediadigital.com ocelis.co www.ocelis.co oregongrown.net www.oregongrown.net presta.blossombuy.com www.presta.blossombuy.com www.megento.blossombuy.com megento.blossombuy.com opencart.blossombuy.com www.opencart.blossombuy.com www.ideascompol.com www.incrediblebanky.pineland.consulting incrediblebanky.pineland.consulting www.ascii.ai ascii.ai directanythingz.com www.directanythingz.com www.tracking.parcels.ng tracking.parcels.ng parcels.ng www.parcels.ng www.app.accessmega.com app.accessmega.com www.olroxgraphics.com www.track.hasumsports.com track.hasumsports.com olroxgraphics.com modell.pro www.mannarasala.org www.tvanigeria.org flutter-trade.net www.shedbids.com www.makeyourfreemoney.xyz makeyourfreemoney.xyz obgynnorman.com www.obgynnorman.com www.goverify.click bdobankfdics.online www.hivewriters.com amigopharm.com timberwalds.com www.trial.hasumsports.com trial.hasumsports.com catandlionlife.com idlebrain.org bamscorner.in www.bamscorner.in cozymadeshop.com www.nduanya.com healthsolgh.com kaykusi.com bestnotess.com fakenoteshop.com www.michael.j12bet.com michael.j12bet.com mithra.agency www.mithra.agency www.zemdaa.com zemdaa.com feral.photos www.feral.photos www.knsurveying.com www.beta.taxiaayo.com beta.taxiaayo.com alwaysops.com www.bestsubnig.com www.bfctech.io bestsubnig.com www.passive-investment.ltd passive-investment.ltd dev.beautykink.com www.dev.beautykink.com climaxfinances.com outsourcecityconsult.com aestheticsbydrtomi.com www.aestheticsbydrtomi.com www.clubhouseve.com www.flutter-trades.net flutter-trades.net www.foundersafrica.com foundersafrica.com www.lisahaynes.com lisahaynes.com www.grindlaysimmigration.com greendot-fx.com www.greendot-fx.com www.minishope.com www.peacereempowermentfoundation.org www.naijabionet.com clubhouseve.com www.adpediadigital.com exoticsbuds.com www.exoticsbuds.com www.myhealthsource.info myhealthsource.info www.tastyworksinvestment.com tastyworksinvestment.com minishope.com www.verifyby.click www.thesportsng.com www.friskexp.com aspirately.com www.aspirately.com pohtzeyun.dev www.pohtzeyun.dev elegantty.com www.elegantty.com wardialer.wareznet.us certsrv.wareznet.us web.app.mufctoken.xyz www.web.app.mufctoken.xyz wareznet.us www.yvonnekubitza.com nou.taxi ellipsisweb.live verifyby.click tweeter.web3gap.com www.tweeter.web3gap.com v1.blossombuy.com www.v1.blossombuy.com www.carconversionspecialist.com carconversionspecialist.com www.movittingenieria.com.co movittingenieria.com.co www.demo.rechargecard.com.ng demo.rechargecard.com.ng boldit.co www.boldit.co www.agremgas.kinqo.com agremgas.kinqo.com best4channelamp.com www.best4channelamp.com api.rechargecard.com.ng www.api.rechargecard.com.ng sexsect.com www.sexsect.com noutaxi.simplylife-mu.com www.noutaxi.simplylife-mu.com dev.supribitex.com www.dev.supribitex.com www.bernadettesanchezcontigo.com antelopemall.com www.rechargecard.com.ng rechargecard.com.ng print.rechargecard.com.ng www.print.rechargecard.com.ng blossombuy.com www.blossombuy.com www.bestdatanig.com www.theboiliebois.com theboiliebois.com www.kvkenterprises.lk kvkenterprises.lk ectalentagency.com www.ectalentagency.com systements.com brandators.com www.systements.com www.brandators.com rehobothsafaris.com www.rehobothsafaris.com www.nook.charm.lol nook.charm.lol www.kv.j12bet.com kv.j12bet.com www.bodyandmind.wp-designs.co.uk bodyandmind.wp-designs.co.uk www.throneofvalor.com throneofvalor.com shutdown-this-site.xyz www.shutdown-this-site.xyz www.dogzshelter.wp-designs.co.uk dogzshelter.wp-designs.co.uk www.bestpsychedelichome.com bestpsychedelichome.com www.buydacweedonline.com www.enlighteg.com dashboard.8gb.com.ng www.dashboard.8gb.com.ng www.ocordride.com ocordride.com 5.wp-designs.co.uk www.5.wp-designs.co.uk www.3.wp-designs.co.uk 3.wp-designs.co.uk www.vodkyte.wp-designs.co.uk vodkyte.com www.vodkyte.com ssltest.isaaceversong.com www.ssltest.isaaceversong.com www.capitalnaturalextracts.com capitalnaturalextracts.com vantage-finance.net www.vantage-finance.net goverify.click www.osil.com.ng osil.com.ng www.developersol.com 6amotivation.com www.6amotivation.com www.capitalknife.com capitalknife.com test.wp-designs.co.uk www.test.wp-designs.co.uk trial.wp-designs.co.uk www.trial.wp-designs.co.uk ntonyson.com www.ntonyson.com www.safarijournaltz.com www.foryo.store aahdcconstruction.com www.aahdcconstruction.com furrybears.io www.furrybears.io www.mining-extract.com mining-extract.com www.hearthyemoji.com hearthyemoji.com www.web3gap.com web3gap.com www.foxwebdesignstudio.com greenpeakes.com gopho.safarijournaltz.com www.gopho.safarijournaltz.com partydjspaceclub.com cn.enlighteg.com www.cn.enlighteg.com tuboosthub.com www.tuboosthub.com www.boisestump.com azeezco.ng www.azeezco.ng www.tadd.wp-designs.co.uk tadd.wp-designs.co.uk www.powellcolorbox.com techng.digital www.hasumsports.com guaranteedfbk.com www.referrals.xeeru.com referrals.xeeru.com access.guaranteedfbk.com www.access.guaranteedfbk.com www.driftlogisticservice.com www.onnorokombd.com ap.8gb.com.ng www.cansphilinc.online bestdatanig.com liftglobalservice.com www.liftglobalservice.com livrariabompastor.com www.livrariabompastor.com www.polls.xeeru.com polls.xeeru.com www.dandallc.com dandallc.com www.thewriteforce.com thewriteforce.com www.lisahaynes.net benchuks.com www.benchuks.com www.fisb.in fisb.in erumtasports.com kitaminsshop.com www.kitaminsshop.com prop-point.com www.prop-point.com www.mjojk.bayerischelb.com mjojk.bayerischelb.com www.connect.bayerischelb.com connect.bayerischelb.com www.digitooladvisor.com digitooladvisor.com www.tarimsports.com tarimsports.com www.tennisbykhan.com www.averolbank.com bonus.jayrngr.com www.bonus.jayrngr.com www.omobeempire.jayrngr.com omobeempire.jayrngr.com www.notariopizarrobravo.com www.brandonpropertyexplorer.com demo.simbalandmagictours.com www.demo.simbalandmagictours.com mint.straightcircle.org www.mint.straightcircle.org www.3darcheryhub.com 3darcheryhub.com www.xeeru.com xeeru.com pineland.consulting www.pineland.consulting www.transceandrillings.com www.tmrecords.net tmrecords.net malaria.kinqo.com www.supribitex.com www.liu.edu.mr rickandailbhe.wedding handmade.wp-designs.co.uk www.handmade.wp-designs.co.uk skateboard.wp-designs.co.uk www.skateboard.wp-designs.co.uk travel.wp-designs.co.uk www.travel.wp-designs.co.uk www.emirates-national.com www.tuyo-mio.com www.printerink.ec www.trust-financefx.com persiankittenworld.com www.persiankittenworld.com bstproductlist.com www.bstproductlist.com www.dessertswap.finance www.bygollyorganics.com bygollyorganics.com www.digitaluproot.com www.ttagpc.com www.awfco.net straightcircle.org www.techsplashers.com www.dhomesinteriors.com dhomesinteriors.com indies.straightcircle.org www.indies.straightcircle.org www.reddotinvestor.com www.blog.kozlinski.com blog.kozlinski.com www.aerohawks.com www.alwaysfeelingfit.com www.vanrooimeatbv.com phuketconciergeservices.com www.skypixelmedia.com www.tripdance.org www.elmagna.ng elmagna.ng www.gbi-properties.com www.thereeldealcharters.com driedpallets.com braun-silk.com www.bestelectrictanklesswaterheater.com rose.dogue.work www.rose.dogue.work bineta.dogue.work www.bineta.dogue.work rassol.dogue.work www.rassol.dogue.work www.caf-prime.com caf-prime.com hasumsports.com mufctoken.xyz www.fahmidafoundation.org www.earlstrade.org www.devcorptrans.com msareef.ly trendingdepot.net www.trendingdepot.net www.carnetvacunacionminsa.cn-sac.com carnetvacunacionminsa.cn-sac.com www.carnetvacunacionminsagobpepublicocertificado.cn-sac.com carnetvacunacionminsagobpepublicocertificado.cn-sac.com www.balancenaturetruly.com blackbricktrade.com www.blackbricktrade.com www.dispatching.me autoglasstinter.com www.test.sheddashboard.com test.sheddashboard.com www.api.sheddashboard.com api.sheddashboard.com dakarmoowoor.dogue.work www.dakarmoowoor.dogue.work 1.wp-designs.co.uk www.1.wp-designs.co.uk 2.wp-designs.co.uk www.2.wp-designs.co.uk www.4.wp-designs.co.uk 4.wp-designs.co.uk www.raulalcocer.com raulalcocer.com i.charm.lol www.i.charm.lol www.yogastudiobliss.org www.allocation-familiale.com allocation-familiale.com www.vaccec.dogue.work vaccec.dogue.work www.butterflyvegan.com butterflyvegan.com caf-allocations-familiales.com www.shop.hasumimpex.com www.bitkoinas.eu www.globalperfectexpress.com www.shashankk.io dogue.work careerpakistani.com www.careerpakistani.com dogue.news www.dogue.news sabinayeasmeen.com speedyprimers.com www.example.imageazy.com example.imageazy.com www.thirstyandthirty.club www.jardinpardes.com

Malware Detected on Host

Count: 4 ea3db8f3bc6a78c6ddfee2668f61f94f7eedb2125c6480fe4af685951a873ded c4d6d963cf7f0dc28b29315b205cfd21ee783a8fa74e391089ba5cd9937847e1 150f883f1a99dea83e3391920107220fd9794bdaacfb7dc482b44d00e7603023 ae254ab021632cb583071079b2be8af62ccfc232c687a515a716ea17bfa0db9b

Open Ports Detected

110 143 2082 2083 21 443 465 53 587 80 993 995

CVEs Detected

CVE-2022-31628 CVE-2022-31629 CVE-2022-37454

Map

Whois Information

• NetRange: 104.219.248.0 - 104.219.251.255
• CIDR: 104.219.248.0/22
• NetName: NCNET-6
• NetHandle: NET-104-219-248-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS16626, AS174, AS4323, AS3356, AS22612, AS32421
• Organization: Namecheap, Inc. (NAMEC-4)
• RegDate: 2014-11-03
• Updated: 2015-03-24
• Comment: http://namecheap.com
• Comment: for any abuse please use: abuse@namecheap.com
• Ref: https://rdap.arin.net/registry/ip/104.219.248.0
• OrgName: Namecheap, Inc.
• OrgId: NAMEC-4
• Address: 11400 W. Olympic Blvd. Suite 200
• City: Los Angeles
• StateProv: CA
• PostalCode: 90064
• Country: US
• RegDate: 2011-01-28
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/NAMEC-4
• OrgTechHandle: EFIME-ARIN
• OrgTechName: Efimenko, Igor
• OrgTechPhone: +1-323-375-2822
• OrgTechEmail: igor.e@namecheap.com
• OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN
• OrgAbuseHandle: ABUSE2885-ARIN
• OrgAbuseName: Abuse team
• OrgAbusePhone: +1-323-375-2822
• OrgAbuseEmail: abuse@namecheaphosting.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN
• OrgTechHandle: TECHT4-ARIN
• OrgTechName: Tech team
• OrgTechPhone: +1-323-375-2822
• OrgTechEmail: tech@namecheaphosting.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN
• network:Class-Name:network
• network:Auth-Area:104.219.248.0/25
• network:ID:NET-91247.104.219.248.45
• network:IP-Network:104.219.248.45
• network:IP-Network-Block:104.219.248.45
• network:Org-Name:Web-hosting.com
• network:Street-Address:3402 East University Drive
• network:City:Phoenix
• network:State:AZ
• network:Postal-Code:85034
• network:Country-Code:US
• network:Tech-Contact:MAINT-91247.104.219.248.45
• network:Created:20191010121021000
• network:Updated:20191010122724000
• network:Updated-By:net-admin@namecheap.com
• contact:POC-Name:Network team
• contact:POC-Email:net-admin@namecheap.com
• contact:POC-Phone:
• contact:Tech-Name:Network team
• contact:Tech-Email:net-admin@namecheap.com
• contact:Tech-Phone:
• contact:Abuse-Name:Abuse team
• contact:Abuse-Email:abuse@namecheaphosting.com

Links to attack logs

****** ****** ******