45.95.168.115 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 45.95.168.115 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

• Mitre ATT&CK IDs: T1110 - Brute Force

• Tags: Bruteforce, Malicious IP, Nextray, Telnet, aws, blacklist, botnet, bruteforce, cowrie, cyber security, ioc, malicious, mirai, nmap, phishing, portscan, probe, scan, scanners, ssh, tcp, telnet, tsec

• View other sources: Spamhaus VirusTotal

• Country: Croatia
• Network: AS211619 maxko j.d.o.o.
• Noticed: 1 times
• Protcols Attacked: ssh
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: www.komkomina.tech komkomina.tech fx-payment.email

Malware Detected on Host

Count: 28 f3a4e1bafd950a7cf9d59f0e88d089d7188cda46b5425c35551df17a29c6f904 940917f00f18a8d55685f2cc60ac584a5e80c6b14d2c00ecd16b7c5adb255d57 7f462ec720f4673571c92181bc3b4c91d46c73ac042d787fb79b76b946ed1d19 85e78af23ca2b78b5371f9867ec5b7e6acb6db7cf781fdf8470c73097c2a3383 4216b96c5f2f6211e0aae6eb5e4f0cfe46bbfc098817d5cc4f7e9cc116fa058f 467ea8fb74ea465ccf66bc5094a4961f8995d71a8284c4d7de54de3c2b54c8f3 233389474698e89af17d66ed1ad2961f7a5cc83ab34f1ea8bbfabd94fcb49d06 e14af2d5245fb36c90db50a70563c4b0ac306201832c8d5da6ea7fc866295a49 52536a8e3b9386784c00c833672082a1838f606e6512e0c38c44af2643f9d77e a6dfb2fb87e84c26ca4ca6e97f0fbb40b37ed50af7dd8275b6c88246c8fcd994

Map

Whois Information

• inetnum: 45.95.168.0 - 45.95.168.255
• org: ORG-MJ181-RIPE
• abuse-c: AR53781-RIPE
• netname: MAXKO
• country: HR
• admin-c: DF7795-RIPE
• tech-c: DF7795-RIPE
• status: ASSIGNED PA
• mnt-by: mnt-hr-maxko-1
• created: 2020-01-15T15:39:32Z
• last-modified: 2020-07-03T13:00:12Z
• organisation: ORG-MJ181-RIPE
• org-name: MAXKO d.o.o.
• country: HR
• org-type: LIR
• address: Skradinska 2
• address: 44000
• address: Sisak
• address: CROATIA
• phone: +385981373725
• admin-c: DF8797-RIPE
• tech-c: DF8797-RIPE
• abuse-c: AR53781-RIPE
• mnt-ref: mnt-hr-maxko-1
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: mnt-hr-maxko-1
• created: 2019-07-09T07:28:51Z
• last-modified: 2023-03-16T11:07:25Z
• person: Damir Flekac
• address: Skradinska 2, HR 44000 Sisak
• phone: +385981373725
• nic-hdl: DF7795-RIPE
• mnt-by: HPT-MNT
• created: 2017-06-28T10:15:36Z
• last-modified: 2017-06-28T10:15:36Z
• route: 45.95.168.0/22
• origin: AS211619
• mnt-by: mnt-hr-maxko-1
• created: 2021-03-17T10:40:49Z
• last-modified: 2021-03-17T10:44:16Z
• org: ORG-MJ181-RIPE
• organisation: ORG-MJ181-RIPE
• org-name: MAXKO d.o.o.
• country: HR
• org-type: LIR
• address: Skradinska 2
• address: 44000
• address: Sisak
• address: CROATIA
• phone: +385981373725
• admin-c: DF8797-RIPE
• tech-c: DF8797-RIPE
• abuse-c: AR53781-RIPE
• mnt-ref: mnt-hr-maxko-1
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: mnt-hr-maxko-1
• created: 2019-07-09T07:28:51Z
• last-modified: 2023-03-16T11:07:25Z

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-01-11