45.95.168.82 Threat Intelligence and Host Information

Share on:

Jun 25, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.95.168.82 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

Mitre ATT&CK IDs: T1110 - Brute Force
Tags: Bruteforce, C&C, Nextray, SSH, Telnet, awsbah, bruteforce, cowrie, cyber security, ioc, malicious, ntp, phishing, scanners, sensor2, site2, ssh, telnet, tsec
View other sources: Spamhaus VirusTotal
Country: Croatia
Network: AS211619 maxko j.d.o.o.
Noticed: 1 times
Protcols Attacked: ntp telnet
Countries Attacked: Bahrain, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: sn.snapdata.live snapdata.live smarterania.live sm.smarterania.live defenseflow.live de.defenseflow.live panel.hostinghaven.org

Malware Detected on Host

Count: 10 f39718adfffadce2c6f81ccd7133e4b6faf37f0e99d0b7562e4d7084c381bb8f 612a2fd09364c3b49838f9648f052d884ab06c2b21316521f034240538982195 700ccedf83bc7abcb346c3ade87963c0604846ae487c171a3ed98cf337a02992 2193d10d467652863f73953e99698bf2896ea605592b40a6d040deabe7ed666b 8502d2de15ace4927f42087eec8e4c726c546e7be5c538a365b3842e58313b06 b6b0597611031206f04268864730611c7758c2d6fc9afc99cbbbaa4fafbadfae 4f9842045026eb4fb5f3e11516621378f5ea3f80e2ac2db05e10ef77fb3b9769 f722d8b5b3cf63a7dcb98848cb12d973ebf71e28730980e132adfcdf267cd81b 25c76f2b7644ac816a868169a0bccc830301f4efac490db6c82a016ed0d2d59a 7998b2f63820faa41798dbc1a51703b69c4a347cce876b6728a233de5f65cf55

Map

Whois Information

inetnum: 45.95.168.0 - 45.95.168.255
org: ORG-MJ181-RIPE
abuse-c: AR53781-RIPE
netname: MAXKO
country: HR
admin-c: DF7795-RIPE
tech-c: DF7795-RIPE
status: ASSIGNED PA
mnt-by: mnt-hr-maxko-1
created: 2020-01-15T15:39:32Z
last-modified: 2020-07-03T13:00:12Z
organisation: ORG-MJ181-RIPE
org-name: MAXKO d.o.o.
country: HR
org-type: LIR
address: Skradinska 2
address: 44000
address: Sisak
address: CROATIA
phone: +385981373725
admin-c: DF8797-RIPE
tech-c: DF8797-RIPE
abuse-c: AR53781-RIPE
mnt-ref: mnt-hr-maxko-1
mnt-by: RIPE-NCC-HM-MNT
mnt-by: mnt-hr-maxko-1
created: 2019-07-09T07:28:51Z
last-modified: 2023-03-16T11:07:25Z
person: Damir Flekac
address: Skradinska 2, HR 44000 Sisak
phone: +385981373725
nic-hdl: DF7795-RIPE
mnt-by: HPT-MNT
created: 2017-06-28T10:15:36Z
last-modified: 2017-06-28T10:15:36Z
route: 45.95.168.0/22
origin: AS211619
mnt-by: mnt-hr-maxko-1
created: 2021-03-17T10:40:49Z
last-modified: 2021-03-17T10:44:16Z
org: ORG-MJ181-RIPE
organisation: ORG-MJ181-RIPE
org-name: MAXKO d.o.o.
country: HR
org-type: LIR
address: Skradinska 2
address: 44000
address: Sisak
address: CROATIA
phone: +385981373725
admin-c: DF8797-RIPE
tech-c: DF8797-RIPE
abuse-c: AR53781-RIPE
mnt-ref: mnt-hr-maxko-1
mnt-by: RIPE-NCC-HM-MNT
mnt-by: mnt-hr-maxko-1
created: 2019-07-09T07:28:51Z
last-modified: 2023-03-16T11:07:25Z

Links to attack logs

azureus-telnet-bruteforce-ip-list-2020-08-27 awsbah-ntp-bruteforce-ip-list-2020-10-30 bruteforce-ip-list-2020-07-04