45.83.65.238 Threat Intelligence and Host Information

Share on:

General

This page contains threat intelligence information for the IPv4 address 45.83.65.238 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

  • Tags: CVE-2021-44228, Log4j Scanning Hosts, Nextray, alpha strike, anna paula, apache log4j, aravinda, associated, badrequest, billgates, blocklist, bruteforce, certagid, cia triad, coinminer, company, contabo gmbh, contact, copy, curatedintel, curl, currc3adculo, cve202144228, cyber security, date, digitaloceanasn, elknot, elknot intel, feed, feed log4jci, files, from email, germany, github, gmbh, headers, hetzner online, high, host, hydra, indicatori, indonesia, ioc, ioc acquisiti, ioc feed, ips url, jump, kinsing, labs gmbh, level3, linode, log4j, log4j azure, log4j craiu, log4j crowdsec, log4j greynoise, log4j threatfox, log4j urlhaus, log4jci, log4jci log4jci, log4shell, log4shelliocs, malicious, malspam email, msi file, netherlands, new jersey, orcusrat, orcusrat zip, osint e, ovh sas, phishing, ponynet, probing, public, rce attempt, security llc, sentinel ioc, service, shenal, sign, star, strong, telecom, tuesday, ukraine, united, utf8, varspoolcron, webscan, webscanner, x x86, x x8664, x x86g, x41me m3wtf, zip archive

  • View other sources: Spamhaus VirusTotal

  • Country: Germany
  • Network: AS208843 alpha strike labs gmbh
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

179

Map

Whois Information

  • inetnum: 45.83.64.1 - 45.83.67.255
  • descr: Internet Security Research Project - For exclude requests mail to [email protected]
  • netname: INTERNET-RESEARCH-NET
  • country: DE
  • admin-c: JK14422-RIPE
  • tech-c: SL13095-RIPE
  • status: ASSIGNED PA
  • mnt-by: mnt-de-alpha-1
  • created: 2019-06-03T12:02:31Z
  • last-modified: 2022-05-03T08:33:27Z
  • person: Alpha Strike Labs GmbH
  • address: Albert-Einstein-Straße 14
  • address: 12489
  • address: Berlin
  • address: GERMANY
  • phone: +4930120877420
  • nic-hdl: JK14422-RIPE
  • mnt-by: mnt-de-alpha-1
  • created: 2019-05-20T06:30:07Z
  • last-modified: 2019-06-03T12:09:33Z
  • person: Alpha Strike Labs GmbH
  • address: Albert-Einstein-Straße 14
  • address: 12489
  • address: Berlin
  • address: GERMANY
  • phone: +4930120877420
  • nic-hdl: SL13095-RIPE
  • mnt-by: mnt-de-alpha-1
  • created: 2019-05-20T06:30:07Z
  • last-modified: 2019-06-03T12:17:57Z
  • route: 45.83.64.0/22
  • origin: AS208843
  • mnt-by: mnt-de-alpha-1
  • created: 2021-01-22T12:15:51Z
  • last-modified: 2021-01-22T12:16:20Z

Links to attack logs

ntp-bruteforce-ip-list-2021-02-01