172.104.130.145 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 172.104.130.145 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 34/100

Host and Network Information

• Mitre ATT&CK IDs: T1595 - Active Scanning

• Tags: scan, sip, sipvicious, ssh

• View other sources: Spamhaus VirusTotal

• Country: Germany
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Countries Attacked: Australia
• Passive DNS Results: viajarasia.info n8dj10o40.dol09slc42ocm16.xyz b8os02pay5w21.jkw02mslwpqa13.xyz g7eodls0p23.eo9m03psla73s4.xyz

Open Ports Detected

10000 10001 10002 10005 10013 10026 10027 10032 10035 10036 10050 10051 10087 10106 1013 10134 10180 10201 1023 1024 10243 1028 10302 10348 10397 10443 10444 10554 1080 10909 10911 11000 11110 11112 11184 11210 11211 11288 11300 11434 11480 1153 11602 1177 1181 12000 12084 12101 12103 12123 12134 12138 12140 12142 12150 12151 12157 12158 12160 12168 12173 12177 12180 12181 12182 12188 12189 12199 122 12210 12216 12219 12220 12235 12236 12273 12275 12289 12292 12293 12295 12296 12316 12318 12329 12339 1234 12340 12342 12345 12347 12349 12352 12359 12361 12372 12383 12385 12393 12396 12397 12406 12407 12414 12439 12446 12455 12466 12471 12472 12474 12475 12479 12484 12486 12487 12497 12511 12530 12534 12536 12547 12550 12551 12561 12563 12564 12573 12576 12580 12584 12902 1292 13001 13082 131 1311 13128 1337 1343 13579 1387 1400 14130 1414 14147 14265 143 1433 14344 14404 1443 14443 1446 1457 1458 1471 14896 14897 1494 15001 1521 15443 15503 15588 1588 1599 16003 16005 16010 16019 16027 16028 16029 16032 16033 1604 16048 1605 16050 16053 16054 16057 16068 16070 16088 16093 16102 16104 16400 16401 16403 16404 16443 16464 1660 16667 16800 16992 16993 17000 17100 1723 1741 175 17773 17777 180 1800 18008 1801 18011 18014 18016 18018 18019 18021 18027 18028 18029 18031 18034 18040 18046 18050 18052 18060 18063 18066 18069 18080 18081 18092 18094 18100 18106 18108 18109 18182 18245 18553 18765 1883 19000 19071 19100 19222 19233 1925 1926 1935 1953 1956 1962 1965 1980 1986 199 19930 2000 20000 2002 2003 2006 2008 20080 20090 20106 20121 20151 2020 20201 20256 20443 2062 2063 2067 2068 2079 2081 2082 2083 2086 2087 20880 21025 21081 21082 2121 21230 2126 21260 21270 21271 21273 21297 21299 21300 21307 21309 21316 21318 21379 2154 2181 22 221 2220 22206 2221 2222 22556 23023 23084 2323 23424 2351 2375 2376 2404 24084 24181 24245 24442 2480 2549 2551 2555 2556 2560 2626 264 2701 2762 3000 3001 3004 3008 3009 3013 3014 3015 3018 3019 3020 3047 3049 3050 3062 3066 3067 3076 3091 3095 3098 3105 3108 311 3120 31210 3122 3132 3135 3136 3148 3150 3151 3155 3159 3177 3183 3190 3195 3256 3260 3269 3301 3306 3311 3333 3342 3388 3389 3401 3403 3409 3410 3460 3541 3542 3548 3550 3551 3554 3555 3559 3560 3566 3567 3570 3572 3622 3689 3749 3790 3794 385 389 3951 4000 4002 4022 4040 4043 4063 4064 4080 4085 4095 4150 4155 427 4282 4321 4369 4401 4430 4433 4434 4437 444 4443 4444 4447 4449 445 4477 451 4510 4528 4543 4567 4646 465 4664 4747 4782 4786 4840 4848 4899 4949 5001 5005 5006 5007 5010 5022 5025 503 5051 5053 5122 513 5201 522 5222 5223 5227 5228 5232 5234 5239 5240 5242 5253 5260 5267 5269 5270 5277 5357 541 5432 5435 5440 5454 5456 5552 5555 5560 5569 5592 5601 5602 5604 5605 5608 5660 5672 5698 5800 5801 5822 587 5900 5901 591 5914 5917 593 5938 5984 5985 5986 5989 5992 5998 6000 6001 6002 6004 6007 6011 602 6331 6352 636 6363 6379 6400 6443 6514 6550 6560 6565 6590 6605 6633 6653 666 6664 6667 6668 6697 6700 6755 6775 689 7001 7005 7016 7025 7071 7084 7090 7102 7171 7172 7173 7218 7415 7434 7474 7547 7548 7657 7687 7700 771 7775 7777 7782 785 789 7900 7989 80 8001 8003 8009 8010 8014 8017 8023 8024 8029 8030 8037 8038 8041 8042 8046 8048 8050 8060 8064 8069 8072 8079 8080 8081 8085 8086 8087 8105 8112 8115 8117 8120 8123 8127 8128 8133 8136 8139 8140 8142 8143 8147 8152 8153 8159 8161 8162 8165 8170 8171 8177 8180 8181 8188 8194 8200 8248 8249 8252 8291 831 8315 8318 8333 8334 8408 8413 8414 8415 8419 8429 8430 8441 8442 8449 8454 8455 8473 8482 8502 8513 8515 853 8530 8532 8544 8545 8548 8554 8563 8568 8573 8575 8583 8586 8598 8599 8640 8643 8649 8702 8705 8706 8723 8728 873 8784 8789 8800 8801 8811 8815 8816 8819 8821 8832 8834 8835 8855 8857 8859 8865 8867 8870 8871 8872 8875 8879 8899 8902 8908 8913 8980 9000 9001 9002 9005 9006 9009 9016 9018 9023 9027 9030 9031 9039 9042 9046 9051 9056 9057 9067 9070 9072 9078 9080 9083 9085 9092 9095 9100 9105 9106 9111 9116 9122 9129 9139 9143 9150 9151 9155 9157 9158 9159 9161 9171 9174 9176 9177 9187 9191 9192 9206 9219 9220 9223 9241 9242 9253 9257 9300 9309 9333 9351 9353 9399 9410 9418 9454 9458 9488 9595 9600 9663 9761 9773 9800 9869 9876 9885 9908 992 9928 993 9943 9944 995 9977 9994 9998 9999

CVEs Detected

CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2016-1247 CVE-2016-4450 CVE-2017-20005 CVE-2017-7529 CVE-2018-16845 CVE-2019-20372 CVE-2021-23017 CVE-2021-3618

Map

Whois Information

• NetRange: 172.104.0.0 - 172.105.255.255
• CIDR: 172.104.0.0/15
• NetName: LINODE-US
• NetHandle: NET-172-104-0-0-1
• Parent: NET172 (NET-172-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS63949, AS48337
• Organization: Akamai Technologies, Inc. (AKAMAI)
• RegDate: 2015-06-19
• Updated: 2023-09-18
• Comment: Geofeed https://ipgeo.akamai.com/linode-geofeed.csv
• Ref: https://rdap.arin.net/registry/ip/172.104.0.0
• OrgName: Akamai Technologies, Inc.
• OrgId: AKAMAI
• Address: 145 Broadway
• City: Cambridge
• StateProv: MA
• PostalCode: 02142
• Country: US
• RegDate: 1999-01-21
• Updated: 2023-10-24
• Ref: https://rdap.arin.net/registry/entity/AKAMAI
• OrgTechHandle: SJS98-ARIN
• OrgTechName: Schecter, Steven Jay
• OrgTechPhone: +1-617-274-7134
• OrgTechEmail: ip-admin@akamai.com
• OrgTechRef: https://rdap.arin.net/registry/entity/SJS98-ARIN
• OrgTechHandle: IPADM11-ARIN
• OrgTechName: ipadmin
• OrgTechPhone: +1-617-444-0017
• OrgTechEmail: ip-admin@akamai.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPADM11-ARIN
• OrgAbuseHandle: NUS-ARIN
• OrgAbuseName: NOC United States
• OrgAbusePhone: +1-617-444-2535
• OrgAbuseEmail: abuse@akamai.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NUS-ARIN
• RNOCHandle: LNO21-ARIN
• RNOCName: Linode Network Operations
• RNOCPhone: +1-609-380-7100
• RNOCEmail: support@linode.com
• RNOCRef: https://rdap.arin.net/registry/entity/LNO21-ARIN
• RAbuseHandle: LAS12-ARIN
• RAbuseName: Linode Abuse Support
• RAbusePhone: +1-609-380-7100
• RAbuseEmail: abuse@linode.com
• RAbuseRef: https://rdap.arin.net/registry/entity/LAS12-ARIN
• RTechHandle: LNO21-ARIN
• RTechName: Linode Network Operations
• RTechPhone: +1-609-380-7100
• RTechEmail: support@linode.com
• RTechRef: https://rdap.arin.net/registry/entity/LNO21-ARIN
• NetRange: 172.104.0.0 - 172.105.146.255
• CIDR: 172.104.0.0/16, 172.105.144.0/23, 172.105.0.0/17, 172.105.128.0/20, 172.105.146.0/24
• NetName: LINODE
• NetHandle: NET-172-104-0-0-2
• Parent: LINODE-US (NET-172-104-0-0-1)
• NetType: Reassigned
• OriginAS: AS63949, AS48337
• Organization: Linode (LINOD)
• RegDate: 2022-12-21
• Updated: 2023-09-18
• Comment: Geofeed https://ipgeo.akamai.com/linode-geofeed.csv
• Ref: https://rdap.arin.net/registry/ip/172.104.0.0
• OrgName: Linode
• OrgId: LINOD
• Address: 249 Arch St
• City: Philadelphia
• StateProv: PA
• PostalCode: 19106
• Country: US
• RegDate: 2008-04-24
• Updated: 2022-12-15
• Comment: http://www.linode.com
• Ref: https://rdap.arin.net/registry/entity/LINOD
• OrgAbuseHandle: LAS12-ARIN
• OrgAbuseName: Linode Abuse Support
• OrgAbusePhone: +1-609-380-7100
• OrgAbuseEmail: abuse@linode.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/LAS12-ARIN
• OrgTechHandle: LNO21-ARIN
• OrgTechName: Linode Network Operations
• OrgTechPhone: +1-609-380-7100
• OrgTechEmail: support@linode.com
• OrgTechRef: https://rdap.arin.net/registry/entity/LNO21-ARIN
• OrgTechHandle: IPADM11-ARIN
• OrgTechName: ipadmin
• OrgTechPhone: +1-617-444-0017
• OrgTechEmail: ip-admin@akamai.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPADM11-ARIN
• OrgNOCHandle: LNO21-ARIN
• OrgNOCName: Linode Network Operations
• OrgNOCPhone: +1-609-380-7100
• OrgNOCEmail: support@linode.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/LNO21-ARIN

Links to attack logs

bruteforce-ip-list-2025-02-22