5.79.66.145 Threat Intelligence and Host Information

Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 5.79.66.145 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: coinbl_hosts, coinbl_ips, hphosts_emd, hphosts_fsa, hphosts_psh

  • Country: Netherlands
  • Network:
  • Noticed: 1 times
  • Protcols Attacked: SSH

Malware Detected on Host

Count: 750 6c909a2e977f4b3e443660d83b666630a98a49b3d6f503bc2a43300288106679 1f48f5e991d7d188d0e81cad2de7bacdf5af0245c8c4c88ede45aee32c21b069 5a90ae55c3525c411d28556b1b80a625f54af8da95e49e4aabcf372297e2313c cfc5ba047ca76d8ae6d1224e6e3050e84d008b534080251d7df1671a8baf91e1 c05d1b9142e0bcd4669adb8046cfe3e2ab21643a52b38346d9da95559e24a9d1 4793bf44a2b8f5fd63e2b1d2118a7c8af592c6a1f94dc231cf576cb7595b4f7d 395da303997a388a2d89e8157490e18d06a13587c4a64bdea4f0a94cdd4339be 898e843eb5cd854e9c53a86d2580da29bbfe6d0f6c42a2dd489931423c58cd99 abefceafcf523eefa54d0dcbf7911bd1d1e4245d223ed43297a862b3d0d78a90 d4972e632408d130ac20c21fff113636a07cee0fbb133c713222167e37a661a0

Open Ports Detected

110 123 21 25 3306 443 465 4949 53 587 80 8001 993 995

Map

Whois Information

  • inetnum: 5.79.64.0 - 5.79.127.255
  • netname: NL-LEASEWEB-20120614
  • country: NL
  • org: ORG-OB3-RIPE
  • admin-c: lswn1-RIPE
  • tech-c: lswn1-RIPE
  • status: ALLOCATED PA
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: LEASEWEB-NL-MNT
  • mnt-lower: LEASEWEB-NL-MNT
  • mnt-domains: LEASEWEB-NL-MNT
  • mnt-routes: LEASEWEB-NL-MNT
  • created: 2012-06-14T07:52:30Z
  • last-modified: 2017-11-16T10:10:08Z
  • organisation: ORG-OB3-RIPE
  • org-name: LeaseWeb Netherlands B.V.
  • country: NL
  • org-type: LIR
  • address: Postbus 93054
  • address: 1090BB
  • address: Amsterdam
  • address: NETHERLANDS
  • phone: +31203162880
  • fax-no: +31203162890
  • admin-c: lswn1-RIPE
  • abuse-c: LWAD-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: LEASEWEB-NL-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2004-04-17T11:42:05Z
  • last-modified: 2020-12-16T12:49:01Z
  • role: Leaseweb NL NOC
  • address: Hessenbergweg 95, 1101 CX. Amsterdam
  • admin-c: SPW1-RIPE
  • nic-hdl: lswn1-RIPE
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2017-11-16T10:05:00Z
  • last-modified: 2022-07-05T12:59:36Z
  • route: 5.79.64.0/18
  • descr: LEASEWEB
  • origin: AS60781
  • mnt-by: LEASEWEB-NL-MNT
  • created: 2014-03-10T12:46:38Z
  • last-modified: 2015-09-30T23:00:01Z
Share on: