46.48.132.54 Threat Intelligence and Host Information

Share on:
Jul 22, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 46.48.132.54 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
  • Tags: Brute-Force, Bruteforce, Nextray, SSH, brute-force, bruteforce, cowrie, cyber security, digital ocean, ioc, malicious, phishing, scanners, ssh, tcp, vultr

  • JARM: 3fd3fd15d3fd3fd21c3fd3fd3fd3fdc110bab2c0a19e5d4e587c17ce497b15

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua

  • Country: Russia
  • Network: AS21487 pjsc rostelecom
  • Noticed: 1 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Spain, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: hatds.nur.detsad.center ald.sakha.education rtip.ykt.sakha.college grn.sakha.education ole.sakha.education srk.sakha.education dsmich.nur.detsad.center kusds.bul.detsad.center lasds.srk.detsad.center sosh3.ykt.sakha.school ual.sakha.education michds.srk.detsad.center usm.sakha.education sakha.college tat.sakha.education sar.vrh.detsad.center chu.sakha.education toisosh.sun.sakha.school ver2.vrh.detsad.center vil.sakha.education borsosh.bul.sakha.school alh.sakha.education nurds.nur.detsad.center borul.vrh.detsad.center tullds.srk.detsad.center mrn.sakha.education anb.sakha.education lnk.sakha.education kolds.srk.detsad.center sun.sakha.education tab.vrh.detsad.center han.sakha.education zhg.sakha.education serge.lnk.sakha.school nur.sakha.education nrg.sakha.education ver1.vrh.detsad.center vrv.sakha.education mom.sakha.education spektr.srk.sakha.school sds23.oym.detsad.center kaz.usy.detsad.center vrh.sakha.education usy.sakha.education svasosh.srk.sakha.school tom.sakha.education oym.sakha.education evb.sakha.education sads.srk.detsad.center ady.vrh.detsad.center mks.sakha.education sakha.education sakha.school hatsosh.srk.sakha.school homdshi.nam.sakha.school hayasosh.chu.sakha.school hatnosh.mks.sakha.school hatdshi.nam.sakha.school hasosh.ole.sakha.school hasosh.nam.sakha.school harssosh.mks.sakha.school hamsosh.vil.sakha.school hamsosh.nam.sakha.school hamsfl.nam.sakha.school etp.sakha.education hagsosh.vil.sakha.school hadsosh.sun.sakha.school hadsosh.chu.sakha.school hadshi.nam.sakha.school gym2.nrg.sakha.school gym.sun.sakha.school gkg.ykt.sakha.school ftl.ykt.sakha.school esosh.srk.sakha.school egisosh.vrh.sakha.school eshnshds.vrh.sakha.school ersosh.grn.sakha.school elsosh.usm.sakha.school elg.vrh.detsad.center elesshi.mks.sakha.school elc.nrg.sakha.school eisosh.ole.sakha.school egososh.nur.sakha.school edsosh.han.sakha.school egi.vrh.detsad.center eds3.sun.detsad.center eds1.sun.detsad.center edesosh.nam.sakha.school ededs.nur.detsad.center dyssh.srk.sakha.school dyssh.chu.sakha.school dylsosh.vrv.sakha.school dussh.ual.sakha.school dulsosh.vrh.sakha.school dul.vrh.detsad.center dssve.nur.detsad.center dssar.nur.detsad.center dsrom.nur.detsad.center dsovch.nur.detsad.center dsnrg.nur.detsad.center dskes.nur.detsad.center dsken.nur.detsad.center dsgab.nur.detsad.center dschech.nur.detsad.center ds9.ykt.detsad.center ds9.nur.detsad.center ds8.ual.detsad.center ds6.ual.detsad.center ds5.ual.detsad.center ds5.sun.detsad.center ds5.nur.detsad.center ds4.nur.detsad.center ds35.ual.detsad.center ds34.ual.detsad.center ds31.ual.detsad.center ds30.ykt.detsad.center ds30.ual.detsad.center ds3.ual.detsad.center ds3.nur.detsad.center ds28.ual.detsad.center ds27.ual.detsad.center ds25.ual.detsad.center ds24.ual.detsad.center ds22.ual.detsad.center ds21.ual.detsad.center ds20.ual.detsad.center ds2.sun.detsad.center ds2.nur.detsad.center ds18.ual.detsad.center ds16.ual.detsad.center ds13.ykt.detsad.center ds12.ual.detsad.center ds11.ual.detsad.center ds10.ual.detsad.center ds10.nur.detsad.center ds1.ual.detsad.center djsosh.grn.sakha.school dirsosh.chu.sakha.school dhsosh.tom.sakha.school chusosh.nur.sakha.school detsad.center desosh.usy.sakha.school dasosh.olk.sakha.school ctt.ual.sakha.school crr.ykt.detsad.center co.ykt.sakha.school co.nam.sakha.school cikds.bul.detsad.center byroosh.vrv.sakha.school chursosh.chu.sakha.school chupk.chu.sakha.school chuords.srk.detsad.center chuo.nur.detsad.center chukds.nur.detsad.center chososh.vil.sakha.school chososh.alh.sakha.school chonosh.alh.sakha.school chesosh.vil.sakha.school chesosh.nkm.sakha.school chersosh.ual.sakha.school cheroosh.vrh.sakha.school chechds.srk.detsad.center chdshi.chu.sakha.school charsosh.ual.sakha.school chasosh.lnk.sakha.school chaksosh.chu.sakha.school cdoumnik.ykt.detsad.center cdntt.nam.sakha.school bynosh.alh.sakha.school bydoosh.ual.sakha.school byarsosh.ual.sakha.school butsosh.mks.sakha.school busosh.han.sakha.school bsosh.sun.sakha.school borusosh.vrh.sakha.school borun.vrh.detsad.center borososh.vrh.sakha.school bolsosh.chu.sakha.school bknshds.olk.sakha.school biroosh.mks.sakha.school beysosh.ual.sakha.school betsosh.nam.sakha.school besosh.han.sakha.school besosh.grn.sakha.school besosh.aby.sakha.school beoosh.usm.sakha.school bemoosh.zhg.sakha.school begym.aby.sakha.school batsosh.vrh.sakha.school batsosh.ual.sakha.school batsosh.mks.sakha.school bat5.vrh.detsad.center bat3.vrh.detsad.center bat2.vrh.detsad.center barnshds.vrh.sakha.school banshds.ual.sakha.school baloosh.vrv.sakha.school bahsosh.chu.sakha.school atsosh.grn.sakha.school atoosh.tom.sakha.school arisosh.sun.sakha.school atnshds.ual.sakha.school arysosh.vrh.sakha.school arysosh.chu.sakha.school ary.vrh.detsad.center ark.bul.sakha.college arctic.bul.sakha.school arbsosh.nam.sakha.school aososh.olk.sakha.school amsbg.ual.sakha.school altsosh.mks.sakha.school allsosh.sun.sakha.school allds.sun.detsad.center alic.ald.sakha.school algym.ald.sakha.school akasosh.nur.sakha.school agrteh.chu.sakha.school absosh.olk.sakha.school abnshds.olk.sakha.school

Open Ports Detected

22 443 80

CVEs Detected

CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618

Map

Whois Information

  • inetnum: 46.48.128.0 - 46.48.160.255
  • netname: SAKHA
  • descr: Sakhatelecom, Kurashova Street, 22
  • descr: 677000 Yakutsk City
  • country: RU
  • admin-c: AEN1-RIPE
  • admin-c: dykt-ripe
  • tech-c: AEN1-RIPE
  • tech-c: dykt-ripe
  • status: ASSIGNED PA
  • mnt-by: SAKHA-MNT
  • created: 2010-06-27T11:58:55Z
  • last-modified: 2018-10-04T08:06:09Z
  • person: Alexey E Nespanov
  • address: 22, Kurashova str., 677000 Yakutsk City
  • phone: +7 4112 244032
  • phone: +7 4112 423008
  • fax-no: +7 4112 241077
  • nic-hdl: AEN1-RIPE
  • created: 2001-12-18T08:25:26Z
  • last-modified: 2020-06-04T10:24:06Z
  • mnt-by: ROSTELECOM-MNT
  • person: Fedorov Dmitry Valeryevich
  • address: 677000 Yakutsk city, Kurashova str., 22
  • phone: +7 4112 407257
  • nic-hdl: dykt-ripe
  • mnt-by: SAKHA-MNT
  • created: 2017-09-07T03:36:05Z
  • last-modified: 2017-09-07T03:50:37Z
  • route: 46.48.132.0/24
  • descr: Sakhatelecom
  • origin: AS21487
  • mnt-by: SAKHA-MNT
  • created: 2010-09-17T01:47:57Z
  • last-modified: 2010-09-17T01:47:57Z

Links to attack logs

dotoronto-ssh-bruteforce-ip-list-2022-10-24 bruteforce-ip-list-2022-11-07 bruteforce-ip-list-2022-09-20 dofrank-ssh-bruteforce-ip-list-2022-11-03 dofrank-ssh-bruteforce-ip-list-2022-10-24 vultrwarsaw-ssh-bruteforce-ip-list-2022-11-02 dolondon-ssh-bruteforce-ip-list-2022-09-23 vultrmadrid-ssh-bruteforce-ip-list-2022-10-08 vultrwarsaw-ssh-bruteforce-ip-list-2022-11-07 vultrmadrid-ssh-bruteforce-ip-list-2022-10-01