45.95.168.131 Threat Intelligence and Host Information

Aug 26, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.95.168.131 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Mitre ATT&CK IDs: T1547 - Boot or Logon Autostart Execution

  • Tags: arcade, blog, c server, cyber security, ddos, demonbot, developer, dgfa, diseases, first, fuze, hydra, ioc, ’m, malicious, Nextray, overview author, ovh bypass, patch, personal, phishing, revenge, sbidiot, sbidiot iot, SSH, urlhaus

  • View other sources: Spamhaus VirusTotal

  • Country: Croatia
  • Network:
  • Noticed: 32 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: oc.octosquad.live octosquad.live wi.windowgazer.live windowgazer.live minxful.live ny.nyclifee.com se.secureleague.live ltdrediser.host invoicesforyou.live

Malware Detected on Host

Count: 6 d813fc60052f56af0b9565afd97c312291b63da985cc437d8f55fc93e169f8c9 bc37dcce62e48a7b73571fe181415162d125ee5da98f569a431e409b15198752 4a39435509938ef14ce7073463544f066bb1f19d478c3f3e27eede568e378ae5 79fe549b9c1ee7cd7eea62acd63de8b226ca7dd6676fa06159b6a083a65aee0b a384b4a06e3eb22beccb28dac8bddbddb6d227e58da7881b17a55f311bb6cb6e f6ff8ea59993e5f3f8fe3612109a831e66d83aa28fced0e9effe6fe0fc94f78e

Map

Whois Information

  • inetnum: 45.95.168.0 - 45.95.168.255
  • org: ORG-MJ181-RIPE
  • netname: MAXKO
  • country: HR
  • admin-c: DF8797-RIPE
  • tech-c: DF8797-RIPE
  • status: ASSIGNED PA
  • mnt-by: mnt-hr-maxko-1
  • created: 2020-01-15T15:39:32Z
  • last-modified: 2024-04-15T11:06:28Z
  • organisation: ORG-MJ181-RIPE
  • org-name: MAXKO d.o.o.
  • country: HR
  • org-type: LIR
  • address: Skradinska 2
  • address: 44000
  • address: Sisak
  • address: CROATIA
  • phone: +385981373725
  • admin-c: DF8797-RIPE
  • tech-c: DF8797-RIPE
  • abuse-c: AR53781-RIPE
  • mnt-ref: mnt-hr-maxko-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-hr-maxko-1
  • created: 2019-07-09T07:28:51Z
  • last-modified: 2025-03-28T01:57:13Z
  • person: Damir Flekac
  • address: Skradinska 2
  • address: 44000
  • address: Sisak
  • address: CROATIA
  • phone: +385981373725
  • nic-hdl: DF8797-RIPE
  • mnt-by: mnt-hr-maxko-1
  • created: 2019-07-09T07:28:50Z
  • last-modified: 2019-07-09T07:28:50Z
  • route: 45.95.168.0/24
  • origin: AS211619
  • mnt-by: mnt-hr-maxko-1
  • created: 2025-05-19T14:09:49Z
  • last-modified: 2025-05-19T14:09:49Z

Links to attack logs

bruteforce-ip-list-2020-04-29 ****** ****** ******

Share on: