45.95.168.105 Threat Intelligence and Host Information

Share on:

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 50/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Bruteforce, C&C, Nextray, SSH, Telnet, bruteforce, cowrie, cyber security, fail2ban, ioc, malicious, phishing, scanning, ssh
  • View other sources: Spamhaus VirusTotal

  • Country: Croatia
  • Network: AS211619 maxko j.d.o.o.
  • Noticed: 49 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 16 897be1aa8f34a6f7d225cdbb639b59188177af9645bb52a7a835ae2a6474543b e4482f477efc722d3be9e4ea9fb3377148439e12e7c118cb178c9932a6c2a169 c2e1d277f7db6f039afaf7057f789f62a4115fcf73853dfaae7ca58ed7ce07b5 82f15694f4f6f9b8622d1d7ce348ef5c8124f05cb8206e33f89d69df2539df29 ca68e94d5fa0b151838e537863c5539c7856015b46850660876e814909d6fa58 fc453a0319c794e5976fa937918be3665effaf6641d52fd5e44be460afbd2948 4f7e2666a4a836a6891837ef85555a0be6d7fa430782fd4cf6a5747794eaa2f3 4f7e2666a4a836a6891837ef85555a0be6d7fa430782fd4cf6a5747794eaa2f3 3cee5908f81cea9d89aef990a3ade49609fc47f127f17dc72217d3fb5933a7b4 3cee5908f81cea9d89aef990a3ade49609fc47f127f17dc72217d3fb5933a7b4

Open Ports Detected

22 80

CVEs Detected

CVE-2006-20001 CVE-2019-17567 CVE-2020-11984 CVE-2020-11993 CVE-2020-13938 CVE-2020-13950 CVE-2020-1927 CVE-2020-1934 CVE-2020-35452 CVE-2020-9490 CVE-2021-26690 CVE-2021-26691 CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690 CVE-2023-27522

Map

Whois Information

  • inetnum: 45.95.168.0 - 45.95.168.255
  • org: ORG-MJ181-RIPE
  • abuse-c: AR53781-RIPE
  • netname: MAXKO
  • country: HR
  • admin-c: DF7795-RIPE
  • tech-c: DF7795-RIPE
  • status: ASSIGNED PA
  • mnt-by: mnt-hr-maxko-1
  • created: 2020-01-15T15:39:32Z
  • last-modified: 2020-07-03T13:00:12Z
  • organisation: ORG-MJ181-RIPE
  • org-name: MAXKO d.o.o.
  • country: HR
  • org-type: LIR
  • address: Skradinska 2
  • address: 44000
  • address: Sisak
  • address: CROATIA
  • phone: +385981373725
  • admin-c: DF8797-RIPE
  • tech-c: DF8797-RIPE
  • abuse-c: AR53781-RIPE
  • mnt-ref: mnt-hr-maxko-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-hr-maxko-1
  • created: 2019-07-09T07:28:51Z
  • last-modified: 2023-03-16T11:07:25Z
  • person: Damir Flekac
  • address: Skradinska 2, HR 44000 Sisak
  • phone: +385981373725
  • nic-hdl: DF7795-RIPE
  • mnt-by: HPT-MNT
  • created: 2017-06-28T10:15:36Z
  • last-modified: 2017-06-28T10:15:36Z
  • route: 45.95.168.0/22
  • origin: AS211619
  • mnt-by: mnt-hr-maxko-1
  • created: 2021-03-17T10:40:49Z
  • last-modified: 2021-03-17T10:44:16Z
  • org: ORG-MJ181-RIPE
  • organisation: ORG-MJ181-RIPE
  • org-name: MAXKO d.o.o.
  • country: HR
  • org-type: LIR
  • address: Skradinska 2
  • address: 44000
  • address: Sisak
  • address: CROATIA
  • phone: +385981373725
  • admin-c: DF8797-RIPE
  • tech-c: DF8797-RIPE
  • abuse-c: AR53781-RIPE
  • mnt-ref: mnt-hr-maxko-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-hr-maxko-1
  • created: 2019-07-09T07:28:51Z
  • last-modified: 2023-03-16T11:07:25Z

Links to attack logs

bruteforce-ip-list-2019-12-10 bruteforce-ip-list-2019-12-07 bruteforce-ip-list-2020-01-04 bruteforce-ip-list-2019-12-24 bruteforce-ip-list-2020-02-05 bruteforce-ip-list-2019-12-31