5.104.110.89 Threat Intelligence and Host Information

Share on:
Mar 27, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Tags: Nextray, SSH, TOR, Telnet, VPN, attack, cyber security, ioc, login, malicious, phishing, probing, scanner, scanning, vnc, webscan, webscanner bruteforce web app attack
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh, sblam, stopforumspam, stopforumspam_180d, stopforumspam_365d, stopforumspam_90d, tor_exits, tor_exits_1d, tor_exits_30d, tor_exits_7d

  • Country: Germany
  • Network: AS24961 myloc managed it ag
  • Noticed: 50 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 15 e746ba510b706bc06b084ce84d6cd7e417137efde85bf12e421fdf21fd677943 949c6737d24f301ca7ea79dfd0936614bb3158ca66be70a842e7e0a7510d8616 25837be752586ccedb7da8ab32d563a7baa799d91ca69067f0b8acc14dfc0923 b73eaa192ab95cab8e279d904a301d61ec84be69781b369bd73e538437680bc3 af24c251c58fc2288fbd9a0964e1be40c28616973b53cde677f80caf06dd2eec fe111b6fff9830a29ba03ae1000b15ba4541127d708a8ad33c7e798029453322 a35f9799486b7807384ae44cbb99618a5cbf5cf12279a3120095be36dcac17fd 860d97d305fcbfd03fd39a6784c3257fed4e463260a9a5455cfd72a1d166f074 2e66d07f6dc0aaaa247802ba12be12fc5904b0a23d6118c76718c3f84125b871 010321a94d616733d0564ec1584682a1b359315565db281c008be1f31624be0e

Open Ports Detected

8080

Map

Whois Information

  • inetnum: 5.104.110.0 - 5.104.110.255
  • netname: MYLOC-DE-DUS2-DEDICATED-INFRA
  • descr: dedicated Server by http://www.webtropia.com
  • descr: myLoc managed IT AG
  • country: DE
  • admin-c: MOPS-RIPE
  • tech-c: MOPS-RIPE
  • status: ASSIGNED PA
  • mnt-by: MYLOC-MNT
  • created: 2012-06-29T14:09:04Z
  • last-modified: 2015-10-27T13:15:30Z
  • role: myLoc NOC
  • address: myLoc managed IT AG
  • address: Network Operations & Services
  • address: Am Gatherhof 44
  • address: 40472 Duesseldorf DE
  • admin-c: PHAN
  • tech-c: PHAN
  • tech-c: DDO
  • tech-c: JOH
  • tech-c: NIL
  • tech-c: STH
  • tech-c: KT3550-RIPE
  • nic-hdl: MOPS-RIPE
  • abuse-mailbox: [email protected]
  • mnt-by: MYLOC-MNT
  • created: 2013-02-11T16:38:10Z
  • last-modified: 2022-07-08T14:48:44Z
  • route: 5.104.104.0/21
  • descr: myLoc managed IT AG
  • origin: AS24961
  • mnt-by: MYLOC-MNT
  • created: 2012-06-29T13:46:33Z
  • last-modified: 2015-10-27T13:17:34Z

Links to attack logs

bruteforce-ip-list-2021-05-23 aws-ssh-bruteforce-ip-list-2021-05-31