IPMediumSignal 75/100
45.125.66.29
Location
LithuaniaKaunas, KU
ASN
AS133398
UAB Host Baltic
First Seen
Mar 5, 2021
Last Seen
May 1, 2026
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
75%
Signal Score
75 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryLithuania
LithuaniaRegionKaunas, KU
ASNAS133398
OrganizationUAB Host Baltic
Feed Intelligence Summary
21 reports75% confidence
21
Source reports
75%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningafricaagent teslaamadeyaptasyncratattackauthentication abuseauthentication brute forceavemariaratbad reputationbelgiumbotnetbotnet activitybrute forcebrute force attackbrute force attemptbruteforcec2c2 communicationcobalt-strikecobaltstrikecodecode executioncode injectioncoinminercommand & controlcommand and controlcommand executioncommunication protocolcommunication technologiescredential accesscredential harvestingcredential stuffingcredential theftcryptocurrencycryptocurrency threatscryptojackingctacvssdata exfiltrationdata store exposuredcratddosddos attacksdecoy systemdistributed attacksenterprise securityeuropeeurope/asiaexfiltrationexploitation activityfinancegermanygodfather androidgrokgroupgroupedguloaderhackinghak5_cloud_c2havochookbothttp scanneridentity & access exploitationindicatorinformation stealerinformation stealinginfostealerinfrastructure acquisitionreconnaissanceingram microingress tool transferinitial accessinjection activityinsurance carriers and related activitiesinternet of thingsintrusion detectioniociocsiot botnetiot securityiot/ics attackitalylateral movementlazaruslithuanialoginlogin attacklogin attemptltmalicious activitymalicious ipmalicious linksmalicious softwaremalicious tool usagemalicious urlsmalwaremalware campaignmalware campaign activitymalware distributionmalware urlmanualmd5mexicomiraimirai botnetmobile carriersmobile networksmobile threatmozimozi linknanocore linknetsupport linknetsupportratnetworknetwork attacksnetwork discoverynetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service exploitationnetwork service scanningnorth americapassword attackspatch managementpegasusphishingphishing attackpoliceprocess injectionprotocol exploitationransomwareransomware potentialratreconnaissanceremcosremcos trojanremote accessremote access trojanremote serviceremote servicesresearchedresource hijackingrussiascams & fraudscanscannerscanning activitysecurity operationssecurity policyserviceservice scanservice: telnetsha valuessingle ip sourcesliverslovakiasocial engineeringsoftware vulnerabilitiessouth africaspamspynotesshssh attackstealcsteamsubmit datesupershellt1003t1005t1016t1021t1021.001t1021.002t1021.004t1027t1040t1041t1046t1047t1053t1055t1059t1059.001t1059.003t1068t1071t1071.001t1078t1078.001t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1195t1204t1204.001t1204.002t1486t1496t1499.001t1499.002t1499.003t1547t1550t1550.003t1555t1555.004t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1583t1587.001t1588t1589t1590.001t1592t1595t1595.001t1595.002t1595.003tagstcptcp protocoltelecomtelecom servicestelecommunicationstelnettelnet threatthreat actorthreat groupthreat intelligencethreat preventiontor nodetrojan malwareunited statesurlhausurlsurls httpurls httpsus ip addressus sourceus source ipvulnerabilityvulnerability scanweb securityweb trafficweek
Activity Timeline
May 1May 1
Threat Activity Heatmap
· Peak: 2026-05-01LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
75
SIGNAL
Signal Score
75%
Confidence
21
Reports
First seenMar 5, 2021
Last seenMay 1, 2026
GeolocationLT
CountryLithuania
LocationKaunas, KU
ASNAS133398
OrgUAB Host Baltic
Coords54.9038, 23.8924
VirusTotal
Not checked
WHOIS
- description
- These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools.
- raw
- NetRange: 45.124.98.0 - 45.126.35.255 CIDR: 45.124.100.0/22, 45.124.98.0/23, 45.124.128.0/17, 45.124.104.0/21, 45.126.32.0/22, 45.125.0.0/16, 45.126.0.0/19, 45.124.112.0/20 NetName: APNIC NetHandle: NET-45-124-98-0-1 Parent: NET45 (NET-45-0-0-0-0) NetType: Early Registrations, Transferred to APNIC OriginAS: Organization: Asia Pacific Network Information Centre (APNIC) RegDate: 2014-09-05 Updated: 2024-07-17 Ref: https://rdap.arin.net/registry/ip/45.124.98.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois://whois.apnic.net OrgName: Asia Pacific Network Information Centre OrgId: APNIC Address: PO Box 3646 City: South Brisbane StateProv: QLD PostalCode: 4101 Country: AU RegDate: Updated: 2012-01-24 Ref: https://rdap.arin.net/registry/entity/APNIC ReferralServer: whois://whois.apnic.net ResourceLink: http://wq.apnic.net/whois-search/static/search.html OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3188 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN OrgAbuseHandle: AWC12-ARIN OrgAbuseName: APNIC Whois Contact OrgAbusePhone: +61 7 3858 3188 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN inetnum: 45.125.66.0 - 45.125.66.255 netname: HostBaltic-LT descr: HostBaltic Lithuania country: LT admin-c: HBA11-AP tech-c: HBA11-AP abuse-c: HBA11-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-HK-TELEASIA mnt-irt: IRT-TELE-ASIA last-modified: 2024-04-19T20:54:37Z source: APNIC irt: IRT-TELE-ASIA address: Tele Asia Limited address: Unit 211, 2/F, Poly Centre address: 15 Yip Fung Street, On Lok Tseun address: Fanling, NT, Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TAHH1-AP tech-c: TAHH1-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-TELE-HK last-modified: 2026-01-21T13:08:27Z source: APNIC role: Host Baltic Abuse address: Draugystes g. 19, Kaunas, 51230 country: LT phone: +37067358624 e-mail: [email protected] admin-c: TAHH1-AP tech-c: TAHH1-AP nic-hdl: HBA11-AP mnt-by: MAINT-HK-TELEASIA last-modified: 2024-04-19T20:50:32Z source: APNIC route: 45.125.66.0/24 descr: route object for 45.125.66.0/24 origin: AS133398 mnt-by: MAINT-HK-TELEASIA country: LT last-modified: 2015-09-17T23:18:41Z source: APNIC
- references
- https://urlhaus.abuse.ch/, https://any.run/malware-trends/, https://threatfox.abuse.ch/export/csv/recent/, https://x.com/drb_ra/status/1887029996025221327, https://x.com/drb_ra/status/1887030012722749594, https://x.com/drb_ra/status/1887030796323521011, https://x.com/drb_ra/status/1887030815772524670, https://x.com/drb_ra/status/1887030835653603712, https://x.com/drb_ra/status/1887030918335836546, https://x.com/drb_ra/status/1887030939336733030, https://x.com/drb_ra/status/1887030961100955692, https://x.com/drb_ra/status/1887030980973584834, https://x.com/drb_ra/status/1887031001500582089, https://x.com/drb_ra/status/1887031021817757894, https://x.com/drb_ra/status/1887031042223096264, https://x.com/drb_ra/status/1887031063639134718, https://x.com/drb_ra/status/1887031089069195440, https://x.com/drb_ra/status/1887031111231950989, https://x.com/drb_ra/status/1887031131142263177, https://x.com/drb_ra/status/1887031150918398284, https://x.com/drb_ra/status/1887031169574707677, https://x.com/drb_ra/status/1887031189560516998, https://x.com/drb_ra/status/1887031209689071665, https://x.com/drb_ra/status/1887094402654392811, https://x.com/drb_ra/status/1887094419628741115, https://x.com/drb_ra/status/1887094438230413444, https://x.com/drb_ra/status/1887094456869924986, https://x.com/drb_ra/status/1887094475459076356, https://x.com/drb_ra/status/1887094491569369368, https://x.com/drb_ra/status/1887094510519247276, https://x.com/drb_ra/status/1887096543481647172, https://x.com/drb_ra/status/1887096563098329147, https://x.com/drb_ra/status/1887211166511813088, https://x.com/drb_ra/status/1887211182932574558, https://x.com/drb_ra/status/1887211292437459150, https://x.com/drb_ra/status/1887211346959159311, https://x.com/drb_ra/status/1887211364692672634, https://x.com/drb_ra/status/1887211382241706064, https://x.com/drb_ra/status/1887211398259782074, https://x.com/drb_ra/status/1887211414655492396, https://x.com/drb_ra/status/1887211414793724084, https://x.com/drb_ra/status/1887211425682051151, https://x.com/drb_ra/status/1887211431524696573, https://x.com/drb_ra/status/1887211445923782728, https://x.com/drb_ra/status/1887211456334106923, https://x.com/drb_ra/status/1887211473090293799, https://x.com/drb_ra/status/1887211498025414916, https://x.com/drb_ra/status/1887211502240682291, https://x.com/drb_ra/status/1887211514655801709, https://x.com/drb_ra/status/1887211552660496466, https://x.com/drb_ra/status/1887211647338504333, https://x.com/drb_ra/status/1887211948233630106, https://x.com/drb_ra/status/1887211965925249419, https://x.com/drb_ra/status/1887211983079916028, https://x.com/drb_ra/status/1887212000930939297, https://x.com/drb_ra/status/1887241827029328200, https://x.com/drb_ra/status/1887241846436597999, https://x.com/drb_ra/status/1887241863892996366, https://x.com/drb_ra/status/1887242381356847122, https://x.com/drb_ra/status/1887242400537473166, https://x.com/drb_ra/status/1887242419839902157, https://x.com/drb_ra/status/1887248999973069267, https://x.com/drb_ra/status/1887249018356383944, https://x.com/drb_ra/status/1887249036102525222, https://x.com/drb_ra/status/1887249054721273949, https://x.com/drb_ra/status/1887249073851248885, https://x.com/drb_ra/status/1887249092343988666
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 years ago · Last seen 1 month ago
Appeared in 21 threat reports