45.153.160.2 Threat Intelligence and Host Information

Share on:
Jun 13, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.153.160.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Nextray, SSH, Scanner, TOR, Telnet, VPN, Webattack, attack, badrequest, brute-force, bruteforce, cyber security, ioc, login, malicious, phishing, probing, scanner, scanning, smtp, ssh, tcp, webscan, webscanner, webscanner bruteforce web app attack
  • Known tor exit node
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh, sblam, stopforumspam_365d, tor_exits, tor_exits_1d, tor_exits_30d, tor_exits_7d

  • Known TOR node
  • Country: Netherlands
  • Network: AS212906 moneroj s.r.o.
  • Noticed: 1 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 14 a4a63515b6bd2562e94430e10629c0c9e69309b2281dc857628cd537909c0352 7cf34eadb163afa46e8936bc8a37c38d51a646079d39897397ab6bd3fd527f9a f2d2ac74db5bbbb4afb1818bf345019c15a5688b574e53c5f93aa41b1df353c4 a7e484d7cdbcb39538cd203c269d39b15d59f1703cf73429ca67128bb66c0a00 4b9c21d9da89c399832f18b4c9a2b4a32788937070b5494404a6e5b3d601a74b 90db512a30aa82bf5a3f800bd1c5c26861b592bc7841b43f800eef31cec6a081 5dca574173ec29eab508ab797c6af88456d9960cc56f42d7b86a06eae0cee317 fe111b6fff9830a29ba03ae1000b15ba4541127d708a8ad33c7e798029453322 860d97d305fcbfd03fd39a6784c3257fed4e463260a9a5455cfd72a1d166f074 9252f925624c20c767255925e123d84a03147c872e5af71cb145ac34411f42fb

Map

Whois Information

  • inetnum: 45.153.160.0 - 45.153.163.255
  • netname: CZ-MONEROJ-20190913
  • country: NL
  • org: ORG-MS628-RIPE
  • admin-c: MA23751-RIPE
  • tech-c: MA23751-RIPE
  • status: ALLOCATED PA
  • mnt-by: mnt-cz-moneroj-1
  • mnt-by: RIPE-NCC-HM-MNT
  • created: 2019-09-13T10:52:16Z
  • last-modified: 2020-07-23T12:59:25Z
  • organisation: ORG-MS628-RIPE
  • org-name: Moneroj s.r.o.
  • country: CZ
  • org-type: LIR
  • address: Bozetechova 2
  • address: 61200
  • address: Brno
  • address: CZECH REPUBLIC
  • phone: +420910127196
  • admin-c: VV4313-RIPE
  • tech-c: VV4313-RIPE
  • abuse-c: AR55580-RIPE
  • mnt-ref: mnt-cz-moneroj-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-cz-moneroj-1
  • created: 2019-09-12T13:32:34Z
  • last-modified: 2020-12-16T12:54:37Z
  • role: Moneroj Admin
  • address:
  • nic-hdl: MA23751-RIPE
  • mnt-by: MA
  • created: 2020-07-23T12:58:04Z
  • last-modified: 2020-07-23T12:58:04Z
  • route: 45.153.160.0/22
  • origin: AS34549
  • mnt-by: MA
  • created: 2022-07-13T15:49:54Z
  • last-modified: 2022-07-13T15:49:54Z

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-06-15 aws-ssh-bruteforce-ip-list-2021-05-04 bruteforce-ip-list-2021-06-18