159.223.194.165 Threat Intelligence and Host Information

Sep 02, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 159.223.194.165 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: Bruteforce, Brute-Force, cyber security, ioc, malicious, Nextray, phishing, SSH

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Malaysia, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: angry.ormhca.com e2e-dbaas-mongodb-xdg0k-dafdefcc.mongo.ondigitalocean.com

Open Ports Detected

101 102 1023 1024 1029 104 106 110 111 113 119 1200 122 1234 1311 1337 135 1400 1414 1433 1443 1515 1521 1604 1605 1723 1741 1800 1801 1820 1901 1911 1925 1926 1935 2000 2002 2003 2006 2008 2010 2016 2020 2021 2031 2101 2103 2108 2121 2134 22 221 2210 2211 2222 2224 2226 23 2323 2332 234 24 2404 2423 25 26 2601 2602 2626 2628 3001 3006 3010 3018 3020 3030 3042 3105 3108 311 3110 3111 3114 3116 3119 3121 3125 3128 3130 3131 3135 3136 3138 3140 3141 3200 3301 3305 3307 3310 3333 3342 3403 3404 3410 3500 3521 3523 3540 3541 3542 3622 3838 3910 400 4000 4002 4022 4023 4040 4103 4104 4118 4242 427 4321 440 4400 441 4430 4431 4433 4434 4435 4436 4437 45000 45006 4506 4523 4524 4528 4840 4911 5000 5001 5004 5005 5006 5007 5009 5010 502 5025 503 5123 513 5135 515 5201 522 5222 5224 5226 5229 5230 5234 5237 5240 5241 541 5432 5435 5500 5542 5601 5605 5620 5640 5800 5801 5900 5901 5902 5903 5915 5916 5917 5920 5938 6000 6001 6002 6006 6007 602 6036 6100 6308 631 632 636 6433 6440 6500 6503 6512 6600 6601 6602 6622 6633 6700 700 7000 7001 7002 7004 7005 7007 7011 7014 7016 7218 7302 7401 7403 7415 7433 7434 7500 7634 7700 7801 800 8000 8001 8002 8004 8005 8006 8008 8009 8010 8011 8012 8017 8021 8024 8025 8028 8030 8031 8035 8039 8042 8080 8101 8102 8104 8105 811 8110 8112 8113 8116 8122 8123 8126 8127 8128 8130 8132 8136 8137 8138 8140 8142 8200 8241 8300 8315 8333 8334 8340 8401 8402 8404 8408 8409 8410 8419 8420 8421 8426 8427 8428 8432 8433 8435 8436 8440 8441 8506 8514 8520 8525 8526 8529 8532 8533 8607 8621 8637 8641 8706 8708 8709 8733 88 8800 8805 8821 8833 8834 8835 8838 8841 8902 8906 8907 8911 8935 9000 9002 9003 9008 9009 9013 9014 9015 9016 9017 9018 902 9020 9021 9024 9025 9029 9030 9033 9034 9036 9037 9041 9042 9100 9103 9104 9106 9108 9112 9115 9116 9117 9121 9123 9127 9133 9200 9206 9213 9215 9218 9220 9222 9242 9300 9301 9305 9306 9307 9308 9309 9333 9410 9418 9515 9527 9530 9600 9606 9611 9633 9711 9734 9800 9802 9804 9901 9902 9908 9922 9930 9939

Map

Whois Information

Links to attack logs

dotoronto-ssh-bruteforce-ip-list-2023-01-13 ****** ****** ******

Share on: