157.245.199.151 Threat Intelligence and Host Information

Share on:
May 19, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 157.245.199.151 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: Malicious IP, Port scan, RDP, admin, blacklist, botnet, mirai, scan, tcp, win, windows
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: stopforumspam_180d, stopforumspam_365d

  • Country: Singapore
  • Network: AS14061 digitalocean llc
  • Noticed: 9 times
  • Protcols Attacked: SSH
  • Passive DNS Results: www.ku999.asia www.ku3166.net www.kuvip88.net www.kubetvn.org hku.app www.hku.app kutailoc.com www.thn.ku3166.net thn.ku3166.net www.hu.ku3166.net hu.ku3166.net www.ngn.ku3166.net ngn.ku3166.net va.ku3166.net www.mmo.kiemtienkuonline.net sv11.ku3166.net sv4.ku3166.net th.ku3166.net na.ku3166.net jp.ku3166.net ox.kiemtienkuonline.net ha.ku3166.net ku3265.com tx.ku3166.net sv8.ku3166.net sv9.ku3166.net sv1.ku3166.net al.ku3166.net ku.ku3166.net ki.ku3166.net do.ku3166.net sv1.kubetvn.org hku.ku3166.net km.ku3166.net sv10.ku3166.net sv5.ku3166.net sv2.ku3166.net li.ku3166.net lo.ku3166.net or.ku3166.net wi.ku3166.net sv7.ku3166.net sv6.ku3166.net sv3.ku3166.net tung.ku3166.net dktaikhoan.net km1.ku3166.net www.dk.ku3166.net dk.ku3166.net www.ku888.fun ku888.fun tt.ku3166.net hk.ku3166.net ku777.asia ku999.asia ku-999.com dk.kubetvn.org dangky.kubetvn.org ku6688.asia km.kubetvn.org ku777.info dxt.ku3166.net ku3167.com ku3207.net dk.kuvip88.net emindex.net kuvip88.net dangkyku.org ku3166.net v1.baucuaonline.com sv1.loto188vip.online kubetvn.org loto188bet.com loto188vip.me vn3.loto188vip.online www-thienhabet.org www-thienhabet.com td.ku352.net ku3113.net ku383.net ku388.org ku352.net ku350.net vm886.net kubet-888.com ku1.thienhabet.me kucasino.vn sv1.ku-999.com ku11.ku-999.com sv37.thienhabet.me www.sv37.thienhabet.me 315.kucasino.vn 313.kucasino.vn sv35.thienhabet.me 388.kucasino.vn 352.kucasino.vn 312.kucasino.vn sv33.thienhabet.me sv32.thienhabet.me sv30.thienhabet.me dk.loto188mobile.com vn.loto188mobile.com vn.dangky-loto188.com m.loto188mobile.com s1.thienhabet.me dangky-loto188.com sv26.thienhabet.me baucuaonline.com kucasinovn.app sv23.thienhabet.me sv22.thienhabet.me sv2.thienhabet.me sv4.thienhabet.me thienhabet.me www.ku.ku-casino.biz wm886.net tx.thienha.bet dangky3.thienha.bet dangky2.thienha.bet dangky1.thienha.bet dangky.thienha.bet kucasino.org www.forum.kucasino.vn forum.kucasino.vn

Open Ports Detected

22

Map

Whois Information

  • NetRange: 157.245.0.0 - 157.245.255.255
  • CIDR: 157.245.0.0/16
  • NetName: DIGITALOCEAN-157-245-0-0
  • NetHandle: NET-157-245-0-0-1
  • Parent: NET157 (NET-157-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS14061
  • Organization: DigitalOcean, LLC (DO-13)
  • RegDate: 2019-05-09
  • Updated: 2020-04-03
  • Comment: Routing and Peering Policy can be found at https://www.as14061.net
  • Comment:
  • Ref: https://rdap.arin.net/registry/ip/157.245.0.0
  • OrgName: DigitalOcean, LLC
  • OrgId: DO-13
  • Address: 101 Ave of the Americas
  • Address: FL2
  • City: New York
  • StateProv: NY
  • PostalCode: 10013
  • Country: US
  • RegDate: 2012-05-14
  • Updated: 2022-05-19
  • Ref: https://rdap.arin.net/registry/entity/DO-13
  • OrgTechHandle: NOC32014-ARIN
  • OrgTechName: Network Operations Center
  • OrgTechPhone: +1-347-875-6044
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
  • OrgNOCHandle: NOC32014-ARIN
  • OrgNOCName: Network Operations Center
  • OrgNOCPhone: +1-347-875-6044
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
  • OrgAbuseHandle: ABUSE5232-ARIN
  • OrgAbuseName: Abuse, DigitalOcean
  • OrgAbusePhone: +1-347-875-6044
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5232-ARIN

Links to attack logs

nmap-scanning-list-2022-08-25