45.153.160.131 Threat Intelligence and Host Information

Share on:
Jun 13, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.153.160.131 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Tags: Nextray, SSH, Scanner, TOR, Telnet, VPN, Webattack, attack, badrequest, bruteforce, cyber security, ioc, login, malicious, phishing, probing, scanner, scanning, smtp, ssh, tcp, webscan, webscanner, webscanner bruteforce web app attack
  • Known tor exit node
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh, sblam, stopforumspam_365d, tor_exits

  • Known TOR node
  • Country: Netherlands
  • Network: AS212906 moneroj s.r.o.
  • Noticed: 1 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 17 4794f9853f35d8bc9792365fe5ee7b959a5020f11692339a15fd2793cbe276e5 2fd353ffcace535b5c0cdd3b70784bcbf1d4e35879a3109ed8825c2f970d22d3 2e1cb6a2cb1b284dbdd0b8d47d53f946ca0b27a196c45600cc656889c2e57623 4bd36c47a55f024278a19f31cc8de05e9a5db7b6309b01ed8ae12a2845ea3641 d643588fd00e7cbb933a634a3a1636e4b789dd7bc22ecf4a83c80f133ab1a849 caa1241730c0dd6844a54bd4ef74d7238c83180e01266ba4f65e5d2cc2855f2f 91e0c268211f9e8d9a28e6d8526188360563e1e57739156c07d4ac3e8617bb23 a7e484d7cdbcb39538cd203c269d39b15d59f1703cf73429ca67128bb66c0a00 90ecb612840e0b192eb719949010a6d6784d180e937ef72005d9f0a4bb2feb0b 5ec5871b702ab135831503398816c6d1572c3371c48531dc3ffee82c4562dc4e

Map

Whois Information

  • inetnum: 45.153.160.0 - 45.153.163.255
  • netname: CZ-MONEROJ-20190913
  • country: NL
  • org: ORG-MS628-RIPE
  • admin-c: MA23751-RIPE
  • tech-c: MA23751-RIPE
  • status: ALLOCATED PA
  • mnt-by: mnt-cz-moneroj-1
  • mnt-by: RIPE-NCC-HM-MNT
  • created: 2019-09-13T10:52:16Z
  • last-modified: 2020-07-23T12:59:25Z
  • organisation: ORG-MS628-RIPE
  • org-name: Moneroj s.r.o.
  • country: CZ
  • org-type: LIR
  • address: Bozetechova 2
  • address: 61200
  • address: Brno
  • address: CZECH REPUBLIC
  • phone: +420910127196
  • admin-c: VV4313-RIPE
  • tech-c: VV4313-RIPE
  • abuse-c: AR55580-RIPE
  • mnt-ref: mnt-cz-moneroj-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-cz-moneroj-1
  • created: 2019-09-12T13:32:34Z
  • last-modified: 2020-12-16T12:54:37Z
  • role: Moneroj Admin
  • address:
  • nic-hdl: MA23751-RIPE
  • mnt-by: MA
  • created: 2020-07-23T12:58:04Z
  • last-modified: 2020-07-23T12:58:04Z
  • route: 45.153.160.0/22
  • origin: AS34549
  • mnt-by: MA
  • created: 2022-07-13T15:49:54Z
  • last-modified: 2022-07-13T15:49:54Z

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-03-27 bruteforce-ip-list-2021-06-28 aws-ssh-bruteforce-ip-list-2021-06-11 bruteforce-ip-list-2021-06-17 bruteforce-ip-list-2022-02-15 aws-ssh-bruteforce-ip-list-2021-06-09 bruteforce-ip-list-2021-06-18 aws-ssh-bruteforce-ip-list-2021-06-20