104.248.29.6 Threat Intelligence and Host Information

Share on:
Jan 11, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 104.248.29.6 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Mitre ATT&CK IDs: T1046 - Network Service Scanning

  • Tags: cyber security, ioc, malicious, Nextray, phishing, SSH, virustotal

  • View other sources: Spamhaus VirusTotal

  • Country: Germany
  • Network: AS14061 digitalocean llc
  • Noticed: 28 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: ms-nipre.com hysteria.blastvpn.store zlatoeldos.com e1d0ox.com winningeldors.com eldcasino.net eldywin.com eldoradozcazinoz.xyz eldoradozvictory.xyz eldo-gamble.org eldaradozwin.com eldaaradzpay.com eldaradizpay.com gamer-coins.xyz coinsactive.xyz eldijoy.com coinsgamble.xyz fly-coins.xyz e1dooradoz.com vulkan24casinoz.com eld0rads.com bet-coins.xyz go2eldorado.com eldaradpay.com moneys-luck.xyz coinsenjoy.xyz eldocpay.com vylkcan24energies.com cazinoscoin.xyz moneyspower.xyz joycoins.xyz gamingcoins.xyz betscoins.xyz 24vul.com winning-coins.xyz e1doradyz.com moneys-gamble.xyz coinspower.xyz coinsluck.xyz coinswin.xyz moneysluck.xyz moneys-enjoy.xyz bets-coins.xyz gamblecoins.xyz moneysactive.xyz eldzgoldyz.com coinsgames.xyz moneysgames.xyz eldiicpay.com funcoins.xyz moneys-active.xyz playeldoz.xyz fart-coins.xyz fun-eldoradoz.xyz cazinozeldoz.xyz eldoradowinning.xyz eldosgamer.xyz moneys-games.xyz edlswin.com eldyplayz.com eldoradoslot.xyz edsrun.xyz goldizeldo.com casheldorz.com eldobankz.com clubeldoradocasino.com casinoscoin.xyz eldospay.com cazinos-bank.com eldcpay.com eldoorpay.com eldosfly.xyz e1dos.com winning-coin.xyz winningcoins.xyz edlsspay.com e1daarado.com eldispay.com e1daar.com e1dooradis.com vlcpower24.com wyl1caim24.com eldorado-diamondy.com 24vulcasino.com casinoeldo.com e1dxx.com e1dorados.com eldooradowin.com eldocwin.com eldoradspay.com eldozdreamz.com eldowinners.org e1dooradyz.com vvlcc24.com wlcc24.com wolk24games.com woylckano24.com wuolccano24.com wyollccano24.com wuylckano24.com wou1ckano24.com e1dorad.com eldfun.com wy0llckano24.com activeeldoradoz.xyz joyeldoradoz.xyz casinoeldoradoz.xyz activeeldoz.xyz gamingeldoz.xyz gamingeldoradoz.xyz eldos-power.xyz 24vlkslots.org e1dooradi.com 24vlkkgames.com eldaaradozpay.com eldaapay.com eldooradzpay.com eldaaradospay.com volk24.com eld00.com eldaaradipay.com vlckgames24.com eldyycpay.com volc24.com eldaradspay.com eldooradispay.com eldxpay.com

Open Ports Detected

22

Map

Whois Information

  • NetRange: 104.248.0.0 - 104.248.255.255
  • CIDR: 104.248.0.0/16
  • NetName: DIGITALOCEAN-104-248-0-0
  • NetHandle: NET-104-248-0-0-1
  • Parent: NET104 (NET-104-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS14061
  • Organization: DigitalOcean, LLC (DO-13)
  • RegDate: 2018-08-06
  • Updated: 2020-04-03
  • Comment: Routing and Peering Policy can be found at https://www.as14061.net
  • Comment:
  • Ref: https://rdap.arin.net/registry/ip/104.248.0.0
  • OrgName: DigitalOcean, LLC
  • OrgId: DO-13
  • Address: 101 Ave of the Americas
  • Address: FL2
  • City: New York
  • StateProv: NY
  • PostalCode: 10013
  • Country: US
  • RegDate: 2012-05-14
  • Updated: 2023-10-23
  • Ref: https://rdap.arin.net/registry/entity/DO-13
  • OrgNOCHandle: NOC32014-ARIN
  • OrgNOCName: Network Operations Center
  • OrgNOCPhone: +1-347-875-6044
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
  • OrgAbuseHandle: ABUSE5232-ARIN
  • OrgAbuseName: Abuse, DigitalOcean
  • OrgAbusePhone: +1-347-875-6044
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5232-ARIN
  • OrgTechHandle: NOC32014-ARIN
  • OrgTechName: Network Operations Center
  • OrgTechPhone: +1-347-875-6044
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-01-20 ** aws-ssh-bruteforce-ip-list-2021-01-16 aws-ssh-bruteforce-ip-list-2021-01-21 aws-ssh-bruteforce-ip-list-2021-01-26 aws-ssh-bruteforce-ip-list-2021-01-17 aws-ssh-bruteforce-ip-list-2021-01-23 ** **