69.49.247.85 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 69.49.247.85 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

• Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

• Tags: brute force, Bruteforce, Brute-Force, cowrie, ssh, SSH

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS46606 unified layer
• Noticed: 5 times
• Protocols Attacked: ssh
• Countries Attacked: Australia
• Passive DNS Results: repositorio.eesppjjbtacna.edu.pe squarebottombag.com packagingsacks.com www.saya-sukaebol.duckdns.org saya-sukaebol.duckdns.org www.semoga-diterima.duckdns.org semoga-diterima.duckdns.org sol-sepatu.duckdns.org www.sol-sepatu.duckdns.org batagor-garut.duckdns.org www.batagor-garut.duckdns.org donat-madu.duckdns.org www.donat-madu.duckdns.org hindari-dirinya.duckdns.org www.hindari-dirinya.duckdns.org www.keripik-kentang.duckdns.org keripik-kentang.duckdns.org www.kokod-monongeun.duckdns.org kokod-monongeun.duckdns.org www.pulang-anting.duckdns.org pulang-anting.duckdns.org www.pergi-kebulan.duckdns.org pergi-kebulan.duckdns.org pengen-pergijauh.duckdns.org www.pengen-pergijauh.duckdns.org mancing-mania.duckdns.org www.mancing-mania.duckdns.org payuh-huluayam.duckdns.org www.payuh-huluayam.duckdns.org www.gatel-pantat.duckdns.org gatel-pantat.duckdns.org www.lumpia-basahh.duckdns.org lumpia-basahh.duckdns.org www.abi-resepkadidinya.duckdns.org abi-resepkadidinya.duckdns.org www.kulub-jagong.duckdns.org kulub-jagong.duckdns.org konon-katanya.duckdns.org www.konon-katanya.duckdns.org www.gege-panjaitan.duckdns.org gege-panjaitan.duckdns.org banyakin-amalbaik.duckdns.org www.banyakin-amalbaik.duckdns.org kacang-permen.duckdns.org www.kacang-permen.duckdns.org www.gulali-kacang.duckdns.org gulali-kacang.duckdns.org www.kulub-sampeu.duckdns.org kulub-sampeu.duckdns.org kacang-kuacipermen.duckdns.org www.kacang-kuacipermen.duckdns.org www.hidup-adalahcobaan.duckdns.org hidup-adalahcobaan.duckdns.org akusuka-kamuga.duckdns.org www.akusuka-kamuga.duckdns.org www.ikan-tenggiri.duckdns.org ikan-tenggiri.duckdns.org yumari-buka.duckdns.org www.yumari-buka.duckdns.org yatimsukra-ssa.duckdns.org www.yatimsukra-ssa.duckdns.org ngantuk-menghantui.duckdns.org www.ngantuk-menghantui.duckdns.org patilasan-kidar.duckdns.org www.patilasan-kidar.duckdns.org www.keluarga-cemara.duckdns.org keluarga-cemara.duckdns.org sampo-antiketombe.duckdns.org www.sampo-antiketombe.duckdns.org sambel-teri.duckdns.org www.sambel-teri.duckdns.org www.sobbuah-itilkambing.duckdns.org sobbuah-itilkambing.duckdns.org kalosuka-yabilang.duckdns.org www.kalosuka-yabilang.duckdns.org kakapemain-persip.duckdns.org www.kakapemain-persip.duckdns.org www.jangujang-soto.duckdns.org jangujang-soto.duckdns.org jalmi-doclo.duckdns.org www.jalmi-doclo.duckdns.org coklat-nanas.duckdns.org www.coklat-nanas.duckdns.org www.markisa-sirsak.duckdns.org markisa-sirsak.duckdns.org jarum-pentul.duckdns.org www.jarum-pentul.duckdns.org dengan-jagung.duckdns.org www.dengan-jagung.duckdns.org lnternai.revenue.srvice.sgn-5.online www.lnternai.revenue.srvice.sgn-5.online www.lobakacentang-rudet.duckdns.org lobakacentang-rudet.duckdns.org beaktikusruk-tarang.duckdns.org www.beaktikusruk-tarang.duckdns.org www.sideung-teuingmak.duckdns.org sideung-teuingmak.duckdns.org www.cooansi-emangiska.duckdns.org cooansi-emangiska.duckdns.org belostopa-keumaha.duckdns.org www.belostopa-keumaha.duckdns.org www.jarambe-raruntah.duckdns.org jarambe-raruntah.duckdns.org www.walacentang-yeri.duckdns.org walacentang-yeri.duckdns.org www.palakeun-pikasio.duckdns.org palakeun-pikasio.duckdns.org jorang-waesimoto.duckdns.org www.jorang-waesimoto.duckdns.org jurig-kalagondang.duckdns.org www.jurig-kalagondang.duckdns.org www.semut-merah.duckdns.org semut-merah.duckdns.org struk-ringan.duckdns.org www.struk-ringan.duckdns.org selai-alami.duckdns.org www.selai-alami.duckdns.org www.surabi-oncom.duckdns.org surabi-oncom.duckdns.org www.neftlix-sign.in.sgn-5.online neftlix-sign.in.sgn-5.online delokompri-kenan.duckdns.org www.delokompri-kenan.duckdns.org www.ggl-7.com sgn-8.online www.sgn-8.online www.erakutatangga.duckdns.org erakutatangga.duckdns.org ayuatuh-yatim.duckdns.org www.ayuatuh-yatim.duckdns.org kolek-pelernaga.duckdns.org www.kolek-pelernaga.duckdns.org rokosurya-punyasapa.duckdns.org www.rokosurya-punyasapa.duckdns.org ludanilsz.duckdns.org www.ludanilsz.duckdns.org www.blakdong.duckdns.org blakdong.duckdns.org www.marikita-mainitit.duckdns.org marikita-mainitit.duckdns.org sukasusu-emakeamak.duckdns.org www.sukasusu-emakeamak.duckdns.org sayursop-tae.duckdns.org www.sayursop-tae.duckdns.org www.racun-rumput.duckdns.org racun-rumput.duckdns.org esteh-pocijeruk.duckdns.org www.esteh-pocijeruk.duckdns.org basmut-celeng.duckdns.org www.basmut-celeng.duckdns.org baso-ikanmaskuy.duckdns.org www.baso-ikanmaskuy.duckdns.org sign-in.amazn.ssl.sgn-3.com www.sign-in.amazn.ssl.sgn-3.com nasi-gorengsosis.duckdns.org www.nasi-gorengsosis.duckdns.org sign-in.amazn.ssl.sgn-2.com sgn-2.com www.sign-in.amazn.ssl.sgn-2.com www.sgn-2.com mengandung-micin.duckdns.org www.mengandung-micin.duckdns.org buka-sitikjos.duckdns.org www.buka-sitikjos.duckdns.org biji-bapakau.duckdns.org www.biji-bapakau.duckdns.org cerutu-kulit.duckdns.org www.cerutu-kulit.duckdns.org www.sate-celeng.duckdns.org sate-celeng.duckdns.org kerupuk-kulit.duckdns.org www.kerupuk-kulit.duckdns.org bebek-asammanis.duckdns.org www.bebek-asammanis.duckdns.org roko-membunuhmu.duckdns.org www.roko-membunuhmu.duckdns.org tisu-wajah.duckdns.org www.tisu-wajah.duckdns.org tisu-basah.duckdns.org www.tisu-basah.duckdns.org asam-aminong.duckdns.org www.asam-aminong.duckdns.org test.south.cloudns.ph asam-lambung.duckdns.org www.asam-lambung.duckdns.org citi.north1.cloudns.ph nyong-orasudi.duckdns.org www.nyong-orasudi.duckdns.org www.cimol-kering.duckdns.org cimol-kering.duckdns.org www.kopi-susuabc.duckdns.org kopi-susuabc.duckdns.org www.bandrek-bajigurr.duckdns.org bandrek-bajigurr.duckdns.org mengandung-kuaci.duckdns.org www.mengandung-kuaci.duckdns.org telor-ceplokk.duckdns.org www.telor-ceplokk.duckdns.org www.cireng-gehuliat.duckdns.org cireng-gehuliat.duckdns.org kuharus-bernafas.duckdns.org www.kuharus-bernafas.duckdns.org martabak-ciki.duckdns.org www.martabak-ciki.duckdns.org www.sampurna-keretek.duckdns.org sampurna-keretek.duckdns.org www.sangat-bermatabat.duckdns.org sangat-bermatabat.duckdns.org ec4-compute-engine.north1.cloudns.ph www.keruouk-cireng.duckdns.org keruouk-cireng.duckdns.org tahu-gejrot.duckdns.org www.tahu-gejrot.duckdns.org www.anak-durhaka.duckdns.org anak-durhaka.duckdns.org gehu-liat.duckdns.org www.gehu-liat.duckdns.org seblak-cokor.duckdns.org www.seblak-cokor.duckdns.org www.tak-pernahsama.duckdns.org tak-pernahsama.duckdns.org www.gamau-sekolah.duckdns.org gamau-sekolah.duckdns.org www.sikamu-lobaceta.duckdns.org sikamu-lobaceta.duckdns.org kopi-kapalapi.duckdns.org www.kopi-kapalapi.duckdns.org konco-kacentrang.duckdns.org www.konco-kacentrang.duckdns.org www.nyeri-hulu.duckdns.org nyeri-hulu.duckdns.org kemanapun-dimanapun.duckdns.org www.kemanapun-dimanapun.duckdns.org www.obat-sakitperut.duckdns.org obat-sakitperut.duckdns.org www.lupakan-diriku.duckdns.org lupakan-diriku.duckdns.org www.aku-sayangkamu.duckdns.org aku-sayangkamu.duckdns.org seblak-ceker.duckdns.org www.seblak-ceker.duckdns.org kapal-api.duckdns.org www.kapal-api.duckdns.org makaroni-balado.duckdns.org www.makaroni-balado.duckdns.org basreng-balado.duckdns.org www.basreng-balado.duckdns.org pentol-baksoceker.duckdns.org www.pentol-baksoceker.duckdns.org www.goyobod-segar.duckdns.org goyobod-segar.duckdns.org kerupuk-udang.duckdns.org www.kerupuk-udang.duckdns.org keripik-jagung.duckdns.org www.keripik-jagung.duckdns.org www.semur-jengkol.duckdns.org semur-jengkol.duckdns.org www.hutan-belantara.duckdns.org hutan-belantara.duckdns.org suster-ngesot.duckdns.org www.suster-ngesot.duckdns.org hantu-mukarata.duckdns.org www.hantu-mukarata.duckdns.org mesat-ngapungluhur.duckdns.org www.mesat-ngapungluhur.duckdns.org pindang-teri.duckdns.org www.pindang-teri.duckdns.org www.bintang-sobo.duckdns.org bintang-sobo.duckdns.org www.africanitelife.com africanitelife.com

Open Ports Detected

22 443 80

Map

Whois Information

• NetRange: 69.49.224.0 - 69.49.255.255
• CIDR: 69.49.224.0/19
• NetName: OPENTRANSFER-ECOMMERCE
• NetHandle: NET-69-49-224-0-1
• Parent: NET69 (NET-69-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS32392
• Organization: Newfold Digital, Inc. (EIG-12)
• RegDate: 2003-05-27
• Updated: 2017-10-23
• Ref: https://rdap.arin.net/registry/ip/69.49.224.0
• OrgName: Newfold Digital, Inc.
• OrgId: EIG-12
• Address: 5535 Gate Parkway
• City: Jacksonville
• StateProv: FL
• PostalCode: 32256
• Country: US
• RegDate: 2005-02-07
• Updated: 2023-11-16
• Ref: https://rdap.arin.net/registry/entity/EIG-12
• OrgNOCHandle: ENO74-ARIN
• OrgNOCName: EIG Network Operations
• OrgNOCPhone: +1-877-659-6181
• OrgNOCEmail: eig-net-team@endurance.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
• OrgTechHandle: ENO74-ARIN
• OrgTechName: EIG Network Operations
• OrgTechPhone: +1-877-659-6181
• OrgTechEmail: eig-net-team@endurance.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
• OrgAbuseHandle: EIGAB-ARIN
• OrgAbuseName: eig-abuse
• OrgAbusePhone: +1-781-852-3200
• OrgAbuseEmail: eig-abuse@endurance.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/EIGAB-ARIN

Links to attack logs

vultrmadrid-ssh-bruteforce-ip-list-2024-07-19 vultrparis-ssh-bruteforce-ip-list-2024-07-17 vultrmadrid-ssh-bruteforce-ip-list-2024-08-12 digitaloceanlondon-ssh-bruteforce-ip-list-2024-08-11