45.95.168.138 Threat Intelligence and Host Information

Share on:
Jun 25, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.95.168.138 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: C&C, DNS, Malicious IP, Nextray, SSH, awsbah, awsjap, blacklist, botnet, bruteforce, cowrie, cyber security, dnsserver, fail2ban, ioc, iocs ip, la, lafusioncenter, louisiana, malicious, mirai, nmap, ntp, phishing, portscan, pos960, probe, scan, scanner, scanners, ssh, tcp, udp

  • View other sources: Spamhaus VirusTotal

  • Country: Croatia
  • Network: AS211619 maxko j.d.o.o.
  • Noticed: 1 times
  • Protcols Attacked: ntp
  • Countries Attacked: Bahrain, Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: zasegotboats.com ometintd.com undeliv.fun gresa.120v.ac www.gresa.120v.ac yxgkmpso.cybertecno.com.ar www.yxgkmpso.cybertecno.com.ar www.icepirs.ghost-pvp.ml icepirs.ghost-pvp.ml stickx.home.kg www.stickx.home.kg wqarc.localghost.org janimser.pro zahirtrade.co

Malware Detected on Host

Count: 25 f7e374f479296d08a98d549c93433ec13ddeaf6835ea9d76d0bf33c23ff24682 3be8fb4e6da97f9ae99c7cba4ebce4f4e302b3fa877973e650253ae4d2b67699 594a6b2c1e9beac3ad5f84458b71c1b7ec05ee0239808c9a63bc901040e413a3 6ce1739788b286cc539a9f24ef8c6488e11f42606189a7aa267742db90f7b18d 8d486531a26862775b65f0e405889e3abd5ecd37b958d821382be5792911781c 132948bef56cc5b4d0e435f33e26632264d27ce7d61eba85cf3830fdf7cb8056 5059873b3348b97b748434458bd5e5fdd7fffab960b80e4c8b1f44aec2b1ddd3 f2c855ff6acbf4782f0bf58e628e7feda10bb3aff3e76eec2e7dea544fcf6f87 71f6dca0d4689932f4a8bb776ce0f04564b2210e340fbfbf63d04586318fd162 85fef3536a0041c87372f8957cf20297d0962e00564d47b0130af46880e99fb0

Map

Whois Information

  • inetnum: 45.95.168.0 - 45.95.168.255
  • org: ORG-MJ181-RIPE
  • abuse-c: AR53781-RIPE
  • netname: MAXKO
  • country: HR
  • admin-c: DF7795-RIPE
  • tech-c: DF7795-RIPE
  • status: ASSIGNED PA
  • mnt-by: mnt-hr-maxko-1
  • created: 2020-01-15T15:39:32Z
  • last-modified: 2020-07-03T13:00:12Z
  • organisation: ORG-MJ181-RIPE
  • org-name: MAXKO d.o.o.
  • country: HR
  • org-type: LIR
  • address: Skradinska 2
  • address: 44000
  • address: Sisak
  • address: CROATIA
  • phone: +385981373725
  • admin-c: DF8797-RIPE
  • tech-c: DF8797-RIPE
  • abuse-c: AR53781-RIPE
  • mnt-ref: mnt-hr-maxko-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-hr-maxko-1
  • created: 2019-07-09T07:28:51Z
  • last-modified: 2023-03-16T11:07:25Z
  • person: Damir Flekac
  • address: Skradinska 2, HR 44000 Sisak
  • phone: +385981373725
  • nic-hdl: DF7795-RIPE
  • mnt-by: HPT-MNT
  • created: 2017-06-28T10:15:36Z
  • last-modified: 2017-06-28T10:15:36Z
  • route: 45.95.168.0/22
  • origin: AS211619
  • mnt-by: mnt-hr-maxko-1
  • created: 2021-03-17T10:40:49Z
  • last-modified: 2021-03-17T10:44:16Z
  • org: ORG-MJ181-RIPE
  • organisation: ORG-MJ181-RIPE
  • org-name: MAXKO d.o.o.
  • country: HR
  • org-type: LIR
  • address: Skradinska 2
  • address: 44000
  • address: Sisak
  • address: CROATIA
  • phone: +385981373725
  • admin-c: DF8797-RIPE
  • tech-c: DF8797-RIPE
  • abuse-c: AR53781-RIPE
  • mnt-ref: mnt-hr-maxko-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-hr-maxko-1
  • created: 2019-07-09T07:28:51Z
  • last-modified: 2023-03-16T11:07:25Z

Links to attack logs

awsbah-ntp-bruteforce-ip-list-2021-01-06 awsjap-ntp-bruteforce-ip-list-2021-01-06