96.66.15.152 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 96.66.15.152 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 70/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing, scanners, ssh, TOR, vnc, VPN, vultr

• Known tor exit node

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: bitcoin_nodes_1d, bitcoin_nodes_30d, bitcoin_nodes_7d, bitcoin_nodes, blocklist_net_ua, dm_tor, et_tor, haley_ssh, stopforumspam_180d, stopforumspam_365d, tor_exits_1d, tor_exits_30d, tor_exits_7d, tor_exits

• Known TOR node
• Country: United States
• Network: AS7922 comcast
• Noticed: 50 times
• Protocols Attacked: ssh
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: seed.bitcoinstats.com seed.bitcoin.sipa.be meet.centerfortlc.com

Malware Detected on Host

Count: 60 11037bc7fb50948db17e9e6ff075961767d882a16747f4e57bc4cf3eeec46820 b11e614cdd02aecb8d6ae65bf67bfac8cbefd68830065217e2cb48922743bb12 b766a3cfa7c0ecac53477857ad5e995f6a63c2c28e225e74062b71c6d9d646a6 ce6d61128b7d0982aa6470e446a7a7c457098bd178a3bfe62fab5c85581e6ae6 d546b638bdf64d706760ab5595c98cfeefc1bcec98d10259074896f68a3e21b1 f48ab806bc6b2399a1a6e2df13509186a41cbea047994f06b1340eac06fcae62 beffac69805c6c9136a97617c62cf3022a3f896744357eb1259a9150918cacef dc2aba2ded7ceadd9c9d4337f7a2c6159afcf4a3eeafd363ad5f916fa4fe77bc 065f7d2c4cfbbc774d08b22926501898707d7f78a3e6d982b22408654289047f 4bcd8947025c20fcd7e118b54eaf04fc6c7fcfa72782a2292087a2a233891f97

Open Ports Detected

80 8333 9001

Map

Whois Information

• NetRange: 96.64.0.0 - 96.124.255.255
• CIDR: 96.124.0.0/16, 96.112.0.0/13, 96.120.0.0/14, 96.64.0.0/11, 96.96.0.0/12
• NetName: CABLE-1
• NetHandle: NET-96-64-0-0-1
• Parent: NET96 (NET-96-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS7922
• Organization: Comcast Cable Communications, LLC (CCCS)
• RegDate: 2008-02-21
• Updated: 2021-01-25
• Ref: https://rdap.arin.net/registry/ip/96.64.0.0
• OrgName: Comcast Cable Communications, LLC
• OrgId: CCCS
• Address: 1800 Bishops Gate Blvd
• City: Mt Laurel
• StateProv: NJ
• PostalCode: 08054
• Country: US
• RegDate: 2001-09-18
• Updated: 2020-11-18
• Ref: https://rdap.arin.net/registry/entity/CCCS
• OrgAbuseHandle: NAPO-ARIN
• OrgAbuseName: Network Abuse and Policy Observance
• OrgAbusePhone: +1-888-565-4329
• OrgAbuseEmail: abuse@comcast.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NAPO-ARIN
• OrgTechHandle: IC161-ARIN
• OrgTechName: Comcast Cable Communications Inc
• OrgTechPhone: +1-856-792-2300
• OrgTechEmail: CNIPEO-Ip-registration@cable.comcast.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IC161-ARIN
• OrgRoutingHandle: ROUTI25-ARIN
• OrgRoutingName: Routing
• OrgRoutingPhone: +1-856-792-2300
• OrgRoutingEmail: routing@comcast.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ROUTI25-ARIN
• NetRange: 96.66.0.0 - 96.66.63.255
• CIDR: 96.66.0.0/18
• NetName: MICHIGAN-CCCS-36
• NetHandle: NET-96-66-0-0-1
• Parent: CABLE-1 (NET-96-64-0-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: Comcast Cable Communications, LLC (CCCS)
• RegDate: 2016-11-29
• Updated: 2016-11-29
• Ref: https://rdap.arin.net/registry/ip/96.66.0.0
• OrgName: Comcast Cable Communications, LLC
• OrgId: CCCS
• Address: 1800 Bishops Gate Blvd
• City: Mt Laurel
• StateProv: NJ
• PostalCode: 08054
• Country: US
• RegDate: 2001-09-18
• Updated: 2020-11-18
• Ref: https://rdap.arin.net/registry/entity/CCCS
• OrgAbuseHandle: NAPO-ARIN
• OrgAbuseName: Network Abuse and Policy Observance
• OrgAbusePhone: +1-888-565-4329
• OrgAbuseEmail: abuse@comcast.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NAPO-ARIN
• OrgTechHandle: IC161-ARIN
• OrgTechName: Comcast Cable Communications Inc
• OrgTechPhone: +1-856-792-2300
• OrgTechEmail: CNIPEO-Ip-registration@cable.comcast.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IC161-ARIN
• OrgRoutingHandle: ROUTI25-ARIN
• OrgRoutingName: Routing
• OrgRoutingPhone: +1-856-792-2300
• OrgRoutingEmail: routing@comcast.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ROUTI25-ARIN

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2024-02-21 vultrparis-ssh-bruteforce-ip-list-2024-02-09