157.245.67.249 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 157.245.67.249 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Netherlands
• Network:
• Noticed: 1 times
• Protocols Attacked: ssh
• Passive DNS Results: thankyougod2023.com lxgfc.com www.lxgfc.com e2e-dbaas-mongodb-lf99i-ec2b4974.mongo.ondigitalocean.com app.lavaboard.io lavaboard.io api.vidmia.com www.vidmia.com vidmia.com antelope.carto.host

Malware Detected on Host

Count: 1 9d4bea208f2906051038d7dbb450c36af4d77b8bb5aa0a4cac9d7049e063c5ae

Open Ports Detected

10000 10001 1002 10021 10028 10034 10035 10038 10046 10106 10134 102 1023 1024 10243 104 10909 10911 10935 110 11007 111 113 11701 119 131 135 139 1400 1443 1444 1515 1604 1700 1741 1911 1925 1947 2000 2002 2008 2016 21 2109 2121 2133 22 221 2222 2345 24 2404 243 25 2628 3009 3013 3104 3117 3119 3128 3134 3333 3341 3403 3412 3500 3503 3523 3541 3542 4022 4120 4242 4244 427 4321 4343 4344 440 4430 444 445 446 4506 5000 5003 5010 502 5025 513 5222 5223 5231 5245 541 5432 5435 5446 5542 5605 5613 5801 5900 5901 5905 5911 5915 5938 6001 6440 6603 7001 7002 7007 7100 7218 7401 7415 7443 7445 7547 7634 8000 8001 8002 8008 8010 8013 8038 8040 809 8100 8112 8123 8139 8200 8315 8333 8429 8442 8446 8505 8545 8703 8708 8724 8731 8800 8801 8804 8823 8827 8834 8846 8911 8912 9000 9011 9012 902 9022 9040 9042 9047 9101 9107 9124 9142 9145 9200 9208 9212 9215 9219 9222 9306 9600 9606 9633 9700 9900 9943

Map

Whois Information

• NetRange: 157.245.0.0 - 157.245.255.255
• CIDR: 157.245.0.0/16
• NetName: DIGITALOCEAN-157-245-0-0
• NetHandle: NET-157-245-0-0-1
• Parent: NET157 (NET-157-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: DigitalOcean, LLC (DO-13)
• RegDate: 2019-05-09
• Updated: 2020-04-03
• Comment: Routing and Peering Policy can be found at https://www.as14061.net
• Comment:
• Ref: https://rdap.arin.net/registry/ip/157.245.0.0
• OrgName: DigitalOcean, LLC
• OrgId: DO-13
• Address: 105 Edgeview Drive, Suite 425
• City: Broomfield
• StateProv: CO
• PostalCode: 80021
• Country: US
• RegDate: 2012-05-14
• Updated: 2025-04-11
• Ref: https://rdap.arin.net/registry/entity/DO-13
• OrgAbuseHandle: DIGIT19-ARIN
• OrgAbuseName: DigitalOcean Abuse
• OrgAbusePhone: +1-646-827-4366
• OrgAbuseEmail: abuse@digitalocean.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
• OrgNOCHandle: NOC32014-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-646-827-4366
• OrgNOCEmail: noc@digitalocean.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgTechHandle: NOC32014-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-646-827-4366
• OrgTechEmail: noc@digitalocean.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2025-11-27