45.5.10.100 Threat Intelligence and Host Information

Aug 08, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.5.10.100 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Tags: attack, Bruteforce, Brute-Force, cowrie, cyber security, ioc, login, malicious, Nextray, phishing, scanner, ssh, SSH, Telnet
View other sources: Spamhaus VirusTotal

Country: Dominican Republic
Network:
Noticed: 50 times
Protocols Attacked: ssh
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

123 80

CVEs Detected

CVE-2007-4723 CVE-2009-0796 CVE-2009-2299 CVE-2011-1176 CVE-2011-2688 CVE-2012-3526 CVE-2012-4001 CVE-2012-4360 CVE-2013-0941 CVE-2013-0942 CVE-2013-2765 CVE-2013-4365 CVE-2024-36387 CVE-2024-38472 CVE-2024-38473 CVE-2024-38474 CVE-2024-38475 CVE-2024-38476 CVE-2024-38477 CVE-2024-39573 CVE-2024-40898 CVE-2024-42516 CVE-2024-43204 CVE-2024-43394 CVE-2024-47252 CVE-2025-23048 CVE-2025-49630 CVE-2025-49812 CVE-2025-53020

Map

Whois Information

inetnum: 45.5.8.0/22
status: allocated
aut-num: AS265695
owner: ELIAS COMUNICACIONES, SRL
ownerid: DO-ECSR-LACNIC
responsible: Victor Jimenez
address: CARRETERA PRESA DE TAVERAS KM 1 LA TORRE, LA VEGA, 0, 0
address: 41000 - LA VEGA -
country: DO
phone: +1 18092761919 [103]
owner-c: VIJ8
tech-c: VIJ8
abuse-c: VIJ8
inetrev: 45.5.8.0/24
nserver: NS2.ELIASCOMUNICACIONES.COM
nsstat: 20250807 AA
nslastaa: 20250807
inetrev: 45.5.9.0/24
nserver: NS2.ELIASCOMUNICACIONES.COM
nsstat: 20250807 AA
nslastaa: 20250807
inetrev: 45.5.10.0/24
nserver: NS2.ELIASCOMUNICACIONES.COM
nsstat: 20250807 AA
nslastaa: 20250807
inetrev: 45.5.11.0/24
nserver: NS2.ELIASCOMUNICACIONES.COM
nsstat: 20250807 AA
nslastaa: 20250807
dszone: 10.5.45.in-addr.arpa
dsrecord: 8914 RSASHA1 5058AB782E75E1566B3D5744E7AB6A735640DAA5DB6718B4ADF3AEF9094CF87C
dsstatus: 20250807 KEY NOT FOUND
dslastok: 20250514
dszone: 11.5.45.in-addr.arpa
dsrecord: 13058 RSASHA1 F6B116706F0D2CAB7498CB797EBA1A6EE39F40F44E3E178A2BF5741E8418136C
dsstatus: 20250807 KEY NOT FOUND
dslastok: 20250514
dszone: 8.5.45.in-addr.arpa
dsrecord: 12758 RSASHA1 E77891FDD7D9EB57625F0C3BC55F32ECF63D568068BDF88FE7AECB949D9565A6
dsstatus: 20250807 KEY NOT FOUND
dslastok: 20250514
dszone: 9.5.45.in-addr.arpa
dsrecord: 1199 RSASHA1 C21B987D1C14E8DDF56AE4D2BF5F130054B9B14A2FE064BB69036A8B301DEBDB
dsstatus: 20250807 KEY NOT FOUND
dslastok: 20250514
created: 20170403
changed: 20191001
nic-hdl: VIJ8
person: Victor Jimenez
e-mail: elias@ecom.net.do
address: Carrtera Presa de Tavera, 17, km 2
address: 41000 - la vega - La vega
country: DO
phone: +1809 3413000 [0000]
created: 20170227
changed: 20240917

Links to attack logs

Share on: