45.148.10.193 Threat Intelligence and Host Information

Share on:
Jun 13, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.148.10.193 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force, T1595 - Active Scanning
  • Tags: Bruteforce, IDS, IPS, Malicious IP, Nextray, UPnP, WAF, ac9e88, accept ineth4, address state, assured, blacklist, botnet, close, core, cyber security, e647, error, established, faupgrade, finwait, ioc, len60 tos0x18, malicious, mirai, out maca85e45, phishing, prec0x20 ttl54, probing, protect, proto nated, res0x00 syn, scan, scanning, successful, synrecv, tcp, timewait, udp, unreplied, urgp0 opt, webscan, webscanner bruteforce web app attack, write

  • View other sources: Spamhaus VirusTotal

  • Country: Netherlands
  • Network: AS48090 pptechnology limited
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Spain, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: asok.top xn–80afdp5b.club narkotik.club

Malware Detected on Host

Count: 4 a190759c8ffdbabf4fbea29ae5dcde2e65663f174166774f67599ef1d89de757 27196b8761cd187945847c4b06d1908801508c1044d3d57d8d847bc6f6099b4e 1439fe0ce95eb374f50e5925c63e30c87ffdf685363ffd8e3ef6e9c64e64bb39 a24614699e35e08ed32c60ea0a8e28fda012b7dc2f501d8ff1c646b423142073

Map

Whois Information

  • inetnum: 45.148.10.0 - 45.148.10.255
  • org: ORG-PA1232-RIPE
  • mnt-domains: CYBR-DMZ
  • mnt-domains: CYBR-DMZ
  • netname: DMZHOST-LIMITED
  • descr: https://dmzhost.co
  • country: AD
  • admin-c: ACRO26775-RIPE
  • tech-c: ACRO26775-RIPE
  • status: ASSIGNED PA
  • mnt-by: CYBR-DMZ
  • mnt-by: pptechnology
  • created: 2019-09-02T15:08:45Z
  • last-modified: 2022-12-21T16:42:05Z
  • organisation: ORG-PA1232-RIPE
  • org-name: PPTECHNOLOGY LIMITED
  • country: GB
  • org-type: OTHER
  • address: 35 Firs Avenue, London, England, N11 3NE
  • abuse-c: ACRO26775-RIPE
  • mnt-ref: pptechnology
  • mnt-by: pptechnology
  • created: 2019-09-02T14:59:13Z
  • last-modified: 2022-12-01T17:22:22Z
  • role: Abuse contact role object
  • address: 35 Firs Avenue, London, England, N11 3NE
  • abuse-mailbox: [email protected]
  • nic-hdl: ACRO26775-RIPE
  • mnt-by: pptechnology
  • created: 2019-09-02T14:58:45Z
  • last-modified: 2022-10-03T17:04:32Z
  • route: 45.148.10.0/24
  • origin: AS48090
  • mnt-by: CYBR-DMZ
  • created: 2019-09-05T14:32:45Z
  • last-modified: 2019-09-21T13:21:51Z

Links to attack logs

ntp-bruteforce-ip-list-2022-09-23 ntp-bruteforce-ip-list-2022-09-20 ntp-bruteforce-ip-list-2022-09-02 ntp-bruteforce-ip-list-2022-09-08 ntp-bruteforce-ip-list-2022-08-09 ntp-bruteforce-ip-list-2022-08-13 ntp-bruteforce-ip-list-2022-08-23 ntp-bruteforce-ip-list-2022-08-11