104.37.214.236 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 104.37.214.236 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 13/100

Host and Network Information

• Tags: tsec

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS399195 peg tech inc
• Noticed: 4 times
• Protcols Attacked: SSH
• Passive DNS Results: 9966560.com 7755630.com www.955366.vip 955366.vip 955166.vip 955366.cc www.955166.vip www.955366.cc 6x1055.vip 6x205.cc www.6x605.cc www.6x505.cc www.6x305.cc 6x505.cc www.6x1055.com 6x1055.com 6x605.cc www.6x205.cc 6x305.cc 759701.vip 493466275.com www.1615797.com 1615797.com 972666.co www.972666.co 885708.vip www.885708.vip 977515.vip www.8857086.com 8857086.com 7597029.com www.7597019.com www.7597059.com www.7597099.com www.7597088.com www.7597029.com 7597019.com 7597059.com 7597088.com 7597099.com www.gfzqa.cc gfzqa.com gfzqa.cc www.gfzqa.com 7597011.com www.7597066.com 7597033.com www.7597033.com www.7597022.com 7597066.com 7597022.com www.7597011.com 7597055.com www.7597055.com www.7597077.com www.759707.cc 759707.cc 7597077.com bcd1008.com www.bcd1008.com www.bcd1008.cc bcd1008.cc zghj.vip gjhj.vip 358877.vip www.358877.vip 336555.cc www.331666.cc www.336555.cc 331666.cc 9766588.com 9866588.com 3365550.com www.885727.vip 885717.vip www.885715.cc www.8857077.com www.8857075.com www.885717.vip 8857077.com 885727.vip 8857075.com 885715.cc 8857088.com www.8857088.com www.8857099.com 8857099.com www.8857011.com 8857011.com www.8857022.com 8857033.com www.8857055.com 8857066.com www.8857066.com 8857055.com 8857022.com www.8857033.com www.917815.vip 917815.vip www.gt56452.cc www.gt77384.cc gt77384.cc gt56452.cc gt88994.cc www.gt88994.cc gt66732.cc www.gt66732.cc gt1478.cc gt88342.cc www.gt1478.cc www.gt88342.cc 9976000.com www.gt0018.cc gt0018.cc www.zhongxin9966.com zhongxin9966.com www.zhongxin6699.com zhongxin6699.com www.9972000.com 9973000.com www.9973000.com 9972000.com 9971000.com www.9971000.com gt1212.cc www.gt1212.cc www.gt1011.cc gt1011.cc www.gt1336.cc www.gt4784.cc gt1254.cc www.gt1254.cc gt1934.cc gt1336.cc gt4784.cc www.gt1934.cc gt1633.cc www.gt1633.cc www.917800.cc www.gt4655.cc gt4655.cc 917800.cc 917818.cc www.gt5656.cc www.917818.cc gt5656.cc 922628.cc 922618.cc www.922618.cc www.9226000.com www.922628.cc 9276018.com 9176000.com 9276028.com 9175000.com 9275000.com 9279000.com 9173000.com 9226000.com www.9178000.com 9178000.com 9271000.com www.9271000.com www.9273000.com 9273000.com 9276000.com www.9276000.com 9171000.com www.9171000.com www.9172000.com 9172000.com www.9278000.com 927800.cc www.927800.cc 9278000.com www.coinbase128.com coinbase128.com www.9775100.com 9775100.com 922718.cc www.9227000.com 9227000.com www.922718.cc 9223000.com www.9223000.com

Malware Detected on Host

Count: 1 547b68831689771e584da93e53219f49762896d1d215e718dcf4b254b4275a39

Open Ports Detected

21 80

Map

Whois Information

• NetRange: 104.37.212.0 - 104.37.215.255
• CIDR: 104.37.212.0/22
• NetName: EASYS-8
• NetHandle: NET-104-37-212-0-1
• Parent: NET104 (NET-104-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS399195
• Organization: Dignitas Technology Inc (EASYS-8)
• RegDate: 2014-06-20
• Updated: 2021-06-02
• Ref: https://rdap.arin.net/registry/ip/104.37.212.0
• OrgName: Dignitas Technology Inc
• OrgId: EASYS-8
• Address: PO BOX 3665
• Address: LOS ALTOS CA 94024
• City: Los Altos
• StateProv: CA
• PostalCode: 94024
• Country: US
• RegDate: 2014-04-29
• Updated: 2014-08-15
• Ref: https://rdap.arin.net/registry/entity/EASYS-8
• OrgNOCHandle: NOC31834-ARIN
• OrgNOCName: Network Operation Center
• OrgNOCPhone: +1-657-206-5036
• OrgNOCEmail: abuse@petaexpress.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC31834-ARIN
• OrgTechHandle: NOC31834-ARIN
• OrgTechName: Network Operation Center
• OrgTechPhone: +1-657-206-5036
• OrgTechEmail: abuse@petaexpress.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC31834-ARIN
• OrgAbuseHandle: NOC31834-ARIN
• OrgAbuseName: Network Operation Center
• OrgAbusePhone: +1-657-206-5036
• OrgAbuseEmail: abuse@petaexpress.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC31834-ARIN
• NetRange: 104.37.214.0 - 104.37.215.255
• CIDR: 104.37.214.0/23
• NetName: PEG-KR2
• NetHandle: NET-104-37-214-0-1
• Parent: EASYS-8 (NET-104-37-212-0-1)
• NetType: Reassigned
• OriginAS: AS399195
• Customer: PEG-KR (C07951958)
• RegDate: 2021-07-09
• Updated: 2021-07-09
• Ref: https://rdap.arin.net/registry/ip/104.37.214.0
• CustName: PEG-KR
• Address: MOACK 6F 85,Yonggu-daero 2771beon-gil, Suji-gu
• City: Yongin-si
• StateProv: GYEONGGI-DO
• PostalCode: 16865
• Country: KP
• RegDate: 2021-07-09
• Updated: 2021-07-09
• Ref: https://rdap.arin.net/registry/entity/C07951958
• OrgNOCHandle: NOC31834-ARIN
• OrgNOCName: Network Operation Center
• OrgNOCPhone: +1-657-206-5036
• OrgNOCEmail: abuse@petaexpress.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC31834-ARIN
• OrgTechHandle: NOC31834-ARIN
• OrgTechName: Network Operation Center
• OrgTechPhone: +1-657-206-5036
• OrgTechEmail: abuse@petaexpress.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC31834-ARIN
• OrgAbuseHandle: NOC31834-ARIN
• OrgAbuseName: Network Operation Center
• OrgAbusePhone: +1-657-206-5036
• OrgAbuseEmail: abuse@petaexpress.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC31834-ARIN

Links to attack logs

****** ****** ******