185.239.242.158 Threat Intelligence and Host Information

Share on:

General

This page contains threat intelligence information for the IPv4 address 185.239.242.158 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Bruteforce, C&C, Nextray, Telnet, bruteforce, cowrie, cyber security, ioc, malicious, phishing, telnet
  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: haley_ssh

  • Country: Netherlands
  • Network: AS64425 skb enterprise b.v.
  • Noticed: 21 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: rushstar.sa.com ideabat.shop leadaccident.shop titlelend.icu performabnormal.co charterruin.bar tracemoon.rest treefur.bar payplug.ru

Malware Detected on Host

Count: 14 38c440ee115897a835b2b265704c274474072c2f55eeed1aa7f7600adbf5448b 38c440ee115897a835b2b265704c274474072c2f55eeed1aa7f7600adbf5448b c19845a1542762418a12765b6c5a0916048d5976497e907a10d085f4a606dfb2 e6a422a27ce7e4e7136b67a174f51889692f23e04429d09310b97108d70d47d1 e6bfa5c608c626fb5487afa5bf423db8757266aa266486a131b62dcf2fdb60f4 f0a867c2e28e3194e6cab3489879a6d47ffdc93baae57ff255ffecd22cdf690f 95a4849dd189574ddae247e40c5e4bdc5a70353d2a95f8d75cff7933257e8a79 b4bf9479e72b9c791dc2b88f9a30e6c1342be91546c75e9e123fcb3bd32246c7 a6753e8a69c4d6ae3beeb97605eb61dc303bec5e7694f910b73c4eee9de77377 614facf197ae9e8f15182a3b200ddfa6db5a0808a63692ec8fb63df04c4102d0 38c440ee115897a835b2b265704c274474072c2f55eeed1aa7f7600adbf5448b 38c440ee115897a835b2b265704c274474072c2f55eeed1aa7f7600adbf5448b c19845a1542762418a12765b6c5a0916048d5976497e907a10d085f4a606dfb2 e6a422a27ce7e4e7136b67a174f51889692f23e04429d09310b97108d70d47d1 e6bfa5c608c626fb5487afa5bf423db8757266aa266486a131b62dcf2fdb60f4 f0a867c2e28e3194e6cab3489879a6d47ffdc93baae57ff255ffecd22cdf690f 95a4849dd189574ddae247e40c5e4bdc5a70353d2a95f8d75cff7933257e8a79 b4bf9479e72b9c791dc2b88f9a30e6c1342be91546c75e9e123fcb3bd32246c7 a6753e8a69c4d6ae3beeb97605eb61dc303bec5e7694f910b73c4eee9de77377 614facf197ae9e8f15182a3b200ddfa6db5a0808a63692ec8fb63df04c4102d0

Map

Whois Information

  • inetnum: 185.244.39.0 - 185.244.39.255
  • netname: SKB-Enterprise
  • descr: SKB Enterprise B.V.
  • country: NL
  • geoloc: 52.4949 4.7973
  • admin-c: SE4295-RIPE
  • tech-c: SE4295-RIPE
  • abuse-c: AR44935-RIPE
  • org: ORG-SE92-RIPE
  • mnt-domains: skbenterprise
  • mnt-routes: skbenterprise
  • mnt-routes: SpectraIP
  • status: ASSIGNED PA
  • mnt-by: SpectraIP
  • created: 2018-01-31T14:42:31Z
  • last-modified: 2020-12-24T15:33:23Z
  • organisation: ORG-SE92-RIPE
  • org-name: SKB Enterprise B.V.
  • country: NL
  • org-type: OTHER
  • address: Kingsfordweg 151
  • address: 1043 GR Amsterdam
  • address: The Netherlands
  • abuse-c: SE4341-RIPE
  • mnt-ref: skbenterprise
  • mnt-ref: IPXO-MNT
  • mnt-ref: SpectraIP
  • mnt-by: skbenterprise
  • created: 2016-07-28T14:36:56Z
  • last-modified: 2022-12-01T17:25:32Z
  • role: SKB Enterprise B.V.
  • address: Kingsfordweg 151
  • address: 1043 GR Amsterdam
  • address: The Netherlands
  • abuse-mailbox: [email protected]
  • phone: +31852018594
  • nic-hdl: SE4295-RIPE
  • mnt-by: skbenterprise
  • created: 2016-06-01T08:52:20Z
  • last-modified: 2021-09-20T13:47:20Z
  • route: 185.244.39.0/24
  • descr: SKB Enterprise B.V.
  • origin: AS64425
  • mnt-by: SPECTRAIP-MNT
  • created: 2021-11-03T21:53:52Z
  • last-modified: 2021-11-03T21:54:06Z