104.244.76.70 Threat Intelligence and Host Information

Share on:

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

External Blacklists

  • Check against blacklist: Spamhaus VirusTotal Listed on Spamcop.net

    Host and Network Information

  • Country: Luxembourg
  • Network: AS53667 PONYNET

  • Noticed: 7 times

  • Protcols Attacked: ntp

  • Passive DNS Results: test.practicesexaffilo.xyz www.bestblackfridaystore.com offerte.bestblackfridaystore.com bestblackfridaystore.com staging.hentaianimehub.com www.flyngpress.comediventarebella.com flyngpress.comediventarebella.com comediventarebella.com www.comediventarebella.com practicesexaffilo.xyz www.practicesexaffilo.xyz labaca2e.justinstalledpanel.com ns1.box.financeemiratebankdubai.top ns2.box.financeemiratebankdubai.top financeemiratebankdubai.top autoconfig.financeemiratebankdubai.top autoconfig.box.financeemiratebankdubai.top www.financeemiratebankdubai.top box.financeemiratebankdubai.top

Malware Detected on Host

Count: 1 95ce881d464c5a2a8f4484a502a170d93d1546e2618d04445d33aca055495610

Open Ports Detected

22 80

CVEs Detected

CVE-2017-15906 CVE-2018-15919

Map

Whois Information

  • NetRange: 104.244.72.0 - 104.244.79.255
  • CIDR: 104.244.72.0/21
  • NetName: PONYNET-14
  • NetHandle: NET-104-244-72-0-1
  • Parent: NET104 (NET-104-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS53667
  • Organization: FranTech Solutions (SYNDI-5)
  • RegDate: 2014-11-10
  • Updated: 2014-11-10
  • Ref: https://rdap.arin.net/registry/ip/104.244.72.0
  • OrgName: FranTech Solutions
  • OrgId: SYNDI-5
  • Address: 1621 Central Ave
  • City: Cheyenne
  • StateProv: WY
  • PostalCode: 82001
  • Country: US
  • RegDate: 2010-07-21
  • Updated: 2017-01-28
  • Ref: https://rdap.arin.net/registry/entity/SYNDI-5
  • OrgTechHandle: FDI19-ARIN
  • OrgTechName: Dias, Francisco
  • OrgTechPhone: +1-778-977-8246
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
  • OrgAbuseHandle: FDI19-ARIN
  • OrgAbuseName: Dias, Francisco
  • OrgAbusePhone: +1-778-977-8246
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
  • NetRange: 104.244.72.0 - 104.244.79.255
  • CIDR: 104.244.72.0/21
  • NetName: BUYVM-LUXEMBOURG-01
  • NetHandle: NET-104-244-72-0-2
  • Parent: PONYNET-14 (NET-104-244-72-0-1)
  • NetType: Reallocated
  • OriginAS: AS53667
  • Organization: BuyVM (BUYVM)
  • RegDate: 2017-10-01
  • Updated: 2017-10-01
  • Ref: https://rdap.arin.net/registry/ip/104.244.72.0
  • OrgName: BuyVM
  • OrgId: BUYVM
  • Address: 3, op der Poukewiss
  • City: Roost
  • StateProv:
  • PostalCode: 7795
  • Country: LU
  • RegDate: 2017-10-01
  • Updated: 2017-10-01
  • Ref: https://rdap.arin.net/registry/entity/BUYVM
  • OrgAbuseHandle: FDI19-ARIN
  • OrgAbuseName: Dias, Francisco
  • OrgAbusePhone: +1-778-977-8246
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
  • OrgTechHandle: FDI19-ARIN
  • OrgTechName: Dias, Francisco
  • OrgTechPhone: +1-778-977-8246
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

awsau-ntp-bruteforce-ip-list-2021-09-14 ntp-bruteforce-ip-list-2021-09-15 awsbah-ntp-bruteforce-ip-list-2021-09-14 ntp-bruteforce-ip-list-2021-09-14 awsbah-ntp-bruteforce-ip-list-2021-09-15 ntp-bruteforce-ip-list-2021-09-12 awsau-ntp-bruteforce-ip-list-2021-09-12 ntp-bruteforce-ip-list-2021-09-13 awsau-ntp-bruteforce-ip-list-2021-09-15