157.53.227.1 Threat Intelligence and Host Information
ipinfopage
General
This page contains threat intelligence information for the IPv4 address 157.53.227.1 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
🟡 Low Risk — 40/100
Geographic Location
Host and Network Information
- View other sources: Spamhaus VirusTotal Shodan AbuseIPDB
- Country: United States
- Noticed: 10 times
- Protocols Attacked: SSH
- Countries Attacked: Anguilla, Aruba, Australia, Bahamas, Barbados, Canada, Cayman Islands, Costa Rica, Curaçao, Georgia, Guatemala, Japan, Mexico, Netherlands, Panama, Philippines, Poland, Saint Kitts and Nevis, Saint Martin (French part), Saint Vincent and the Grenadines, Sint Maarten (Dutch part), Tanzania United Republic of, Trinidad and Tobago, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
- Open Ports: 22, 443, 80
- Tor Node: No
- Associated Malware Samples: 1
Tags
- 3px center
- admin
- akamaias
- akamaiasn1
- algorithm
- amazon02
- angielski usa
- as15169
- as16509
- as20940
- as3359
- as8075
- as852
- ascii
- ascii text
- asset
- authentihash
- auto-generated security
- autor
- baza danych
- blob
- bogaty hash
- bvgquf
- cblrxf
- ceidg
- centralna
- centrum usug
- chi2
- cioch adrian
- code signing
- coqbmf
- crlf
- cuba
- cve20149614 apr
- cve20153202 apr
- cve20185407 apr
- cve20200796 may
- cve20201048 apr
- cve cve20010901
- cve cve20021841
- cve cve20054605
- cve cve20060745
- cve cve20070452
- cve cve20070453
- cve cve20070454
- cve cve20071355
- cve cve20071358
- cve cve20071871
- cve cve20113403
- cve cve20151503
- cve cve20152080
- cve cve20157377
- cve cve20160728
- cve cve20161807
- cve cve20170131
- cve cve20175123
- cve cve20201048
- cve cve20201070
- cve cve20203153
- cve cve20211732
- dane archiwum
- data rtcursor
- data rtdialog
- default
- dokument xml
- dostawca
- dufur
- efq78c
- elf binary
- english us
- ewidencja
- filehashmd5
- filehashsha1
- formularze i
- geoip
- ghost
- gkrikb
- guid
- hdvrde
- hlo3ef
- html
- ico rtgroupicon
- ikonagrupyrt
- ikona rt
- imphash
- imphasz
- indonesia
- info
- informacja o
- intel
- izt63
- javascript
- jnoxi
- jnswj
- kg2exe
- kreator
- kropelka
- level3
- md5 chi2
- md5 nazwa
- media
- mexico
- mini
- ms windows
- name sectigo
- narzuta chi2
- nazwa typ
- network capture
- neutral
- neutralny
- nextron
- office
- office open
- oszczdno
- pdf zestawy
- pe32
- pehash
- pejzasz
- plik
- png ikona
- png rticon
- podaj
- proton
- przechwytywanie
- public url
- richhash
- roth
- rsa time
- rt angielski
- rticon english
- rticon maori
- rtmanifest
- saxla
- schema
- sectigo public
- serial number
- seznam
- sha1
- sha256
- sha256 file
- sha256 typ
- sieciowych
- skrt
- smyczki
- sprawd
- ssdeep
- strings
- strona gwna
- system
- telecom
- thumbprint
- type type
- ukraine
- upx compression
- url https
- usugi
- valid
- valid from
- valid usage
- vhash
- wersja
- wersja rt
- whasz
- whasz htm
- wifi
- win32
- win32 exe
- win64
- windows z
- xml document
- xml pakietu
- zarejestruj spk
- zasb manifestu
- zawarte
- zawarte zasoby
- zjloj
- z terminatorami
- z wniosek
MITRE ATT&CK TTPs
- T1027 - Obfuscated Files or Information
- T1140 - Deobfuscate/Decode Files or Information
Passive DNS
- www.janetkanneh.com
Attack Log References
Whois Information
NetRange: 157.53.0.0 - 157.53.255.255
CIDR: 157.53.0.0/16
NetName: NETACTUATE-MDN-04
NetHandle: NET-157-53-0-0-1
Parent: NET157 (NET-157-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: NetActuate, Inc (NETAC-4)
RegDate: 2015-04-01
Updated: 2024-12-30
Comment: -----BEGIN CERTIFICATE-----MIIDfzCCAmegAwIBAgIUEgD1bcm05i5dwBgnaEUyyh1pbJkwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFZhbGVuY2lhMRgwFgYDVQQKDA9OZXRBY3R1YXRlLCBJbmMwHhcNMjQxMjMwMTgyMzUzWhcNMjUxMjMwMTgyMzUzWjBPMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIVmFsZW5jaWExGDAWBgNVBAoMD05ldEFjdHVhdGUsIEluYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK/ph7ftkRY1+rqIbfRzsR7mJipE34u7uQJJZULg6gcQNqEmFb4AfQnepd56BrUdxVFAM71sIrt7YfeHY7X7JVjTLzhweqtUCfTcFhqVlO8/Q+CysO1iH+fPdKKotu1Wczef7cTtMKtSoYICRsMpmG4H/+7CGzGM86ibFJ6s+mS8tACsl+A0BiGf+uFrB4b453GAWtk/dKU5D7a0DOX8+7kT7Vmzr6qS+g1yBABOp1V35on8g3ZXBaWjj2fVxsC8MtYEW2v0lz/UAM2DhwDdp74IlkRvlGS/Q2NXK2lsTqXtHubI+3FtZZ2VAgBrJU4ObTlcl8aE2L/kqqT/HcYIvuMCAwEAAaNTMFEwHQYDVR0OBBYEFKp4kLH8iYVzg2HDW0yYOoJZOyc+MB8GA1UdIwQYMBaAFKp4kLH8iYVzg2HDW0yYOoJZOyc+MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAKRZM01Y1H8XTAoL4+V0gXRNjeeDB2DbHlIM3eX3vlmwdSufdhPdjSggVT3KVrtpo/RKNkjOotBPGL4aUCsZhmnOPCirHpSigoeSNy2JsjRQaq22s1K9IppVy1BGqHVMIdoQAmJ1ZhhwksbSAWkspeeXEObp+D5672luX8/vxyjIpb6l3gAZ8FSeO37y9PbO5rDrS7zZCWBpdwlPQGpnIYwSPIq3LP0nSG6+pD7GwQeex0VtArRqaNxY6y02yFdocGjcvBh1nHUDmTf0iI1q0sILYXyCfNlwsdSUFO3c3tbpYvIe0AAP2u5qlzOXTyrnPN9lhndf6Nvvp5Uoak9KxC4=-----END CERTIFICATE-----
Ref: https://rdap.arin.net/registry/ip/157.53.0.0
OrgName: NetActuate, Inc
OrgId: NETAC-4
Address: PO Box 10713
City: Raleigh
StateProv: NC
PostalCode: 27605
Country: US
RegDate: 2016-02-24
Updated: 2021-11-03
Comment: Believe
Ref: https://rdap.arin.net/registry/entity/NETAC-4
OrgTechHandle: IPADM257-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-877-467-8337
OrgTechEmail: ops@netactuate.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPADM257-ARIN
OrgNOCHandle: IPADM257-ARIN
OrgNOCName: IP Admin
OrgNOCPhone: +1-877-467-8337
OrgNOCEmail: ops@netactuate.com
OrgNOCRef: https://rdap.arin.net/registry/entity/IPADM257-ARIN
OrgAbuseHandle: ABUSE1018-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-877-467-8337
OrgAbuseEmail: abuse@netactuate.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1018-ARIN
NetRange: 157.53.227.0 - 157.53.227.255
CIDR: 157.53.227.0/24
NetName: LANDINGI-ANYCAST
NetHandle: NET-157-53-227-0-1
Parent: NETACTUATE-MDN-04 (NET-157-53-0-0-1)
NetType: Reassigned
OriginAS:
Customer: Landingi Sp. z o. o. (C10861998)
RegDate: 2024-06-03
Updated: 2024-06-03
Comment: Visit us at: https://landingi.com
Comment: Contact us: support@landingi.com
Ref: https://rdap.arin.net/registry/ip/157.53.227.0
CustName: Landingi Sp. z o. o.
Address: ul. Dworcowa 25
City: Gliwice
StateProv: Silesia
PostalCode: 44-100
Country: PL
RegDate: 2024-06-03
Updated: 2024-06-03
Ref: https://rdap.arin.net/registry/entity/C10861998
OrgTechHandle: IPADM257-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-877-467-8337
OrgTechEmail: ops@netactuate.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPADM257-ARIN
OrgNOCHandle: IPADM257-ARIN
OrgNOCName: IP Admin
OrgNOCPhone: +1-877-467-8337
OrgNOCEmail: ops@netactuate.com
OrgNOCRef: https://rdap.arin.net/registry/entity/IPADM257-ARIN
OrgAbuseHandle: ABUSE1018-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-877-467-8337
OrgAbuseEmail: abuse@netactuate.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1018-ARIN