IPMediumSignal 76/100
45.155.90.234
Location
PhilippinesKwun Tong, 05
ASN
AS141718
Superhub Limited
First Seen
Jun 11, 2025
Last Seen
Jun 6, 2026
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryPhilippines
PhilippinesRegionKwun Tong, 05
ASNAS141718
OrganizationSuperhub Limited
Feed Intelligence Summary
21 reports76% confidence
21
Source reports
76%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaegisamberanomalous network connectionsaptasiaattackattacker ipattacker-ipaustraliaauthentication attacksautomated attack attemptsbad reputationbad web botblacklisted ipblacklisted ip addressblock listblock rateblock.txtblocklist_allblog spambot trafficbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forcebruteforcec2c2 communicationchina mobilecode executioncode injectioncode-injectioncolumnscommand & controlcommand and controlcommand executioncommand injectioncommand injection attemptcommunication protocolcompany limitedcompromised devicecompromised hostcompromised systemcompromised systemsconnectcorazacowriecowrie honeypotcowrie interactionscowrie ssh attackcowrie ssh attackscredential accesscredential attackcredential brute-forcingcredential harvestingcredential stuffingcvedaily_sourcesdata encryptiondata exfiltrationdata exfiltration attemptdata store exposuredatabase attacksdatabase securityddosddos attackdecoy systemdenial of servicedenial-of-service attemptdionaeadionaea activitydionaea honeypotdionaea interactionsdionaea malware samplesdionaea payloadsdirectory traversal attemptdistributed attacksdnsdns attackdropsencryptionenumerationeuropeexecutable fileexfiltrationexploitexploit attemptexploit attemptsexploit probingexploitation activityexploitation attemptexploitation attemptsexploited hostexternal threatfailed login attemptsfattfatt analysisfatt detectionsfatt signaturesfilefinlandfrancefraud voipftpftp attacksftp brute forcegermanyhackinghkhk abusehandlerhoneynet connecthoneytrap activityhoneytrap eventshoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshong konghttp attackhttp brute forcehttp probinghttp request anomalieshttp scannerhttp scanninghttpshurricane usidentity & access exploitationimapinbound scanindicatorindicators of compromiseinformation gatheringinitial accessinitial-accessinjection activityinjection attacksinternet-facingintrusion detectioniocip-addressitalylateral movementlogin attemptmailoney activitymailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious domainmalicious file transfermalicious ip activitymalicious ip blockedmalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware deliverymalware delivery attemptmalware detectionmalware distributionmalware downloadmalware propagationmssqlnetherlandsnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork trafficnetwork-based attack attemptsnlnorth americaoceaniaopenctioutbound communication blockingp0fp0f network fingerprintingp0f os fingerprintingp0f passive fingerprintingp0f signaturespassword attackpassword attackspgp signphphilippinesphishingphishing attackphishing trappolandportport-scanpossible botnet activitypossible malware distributionprocess injectionprotocol exploitationransomwarerdp attacksreconnaissancereconnaissance activityremote accessremote access attackremote servicesresearchedresource hijackingscams & fraudscannerscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetsentrypeer eventssentrypeer interactionsserver exploitationservice scansip attackssmb brute forcesmtpsmtp attacksmtp attackssmtp brute forcesmtp probingsmtp scanningsnmpsocial engineeringsocradarsoftware exploitationspamsql injectionsql injection attemptsql-injectionsshssh attackssh attacksssh monitoringsuricata alertsuricata alertssuspicious-udpsynacksynwithdatat1005t1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1027t1040t1046t1047t1048t1053t1055t1056t1057t1059t1059.001t1059.003t1059.004t1059.007t1065t1068t1071t1071.001t1071.004t1076t1077t1078t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1195t1203t1486t1496t1497.001t1499t1499.001t1499.002t1499.003t1505t1505.002t1562t1563t1565t1566t1566.001t1566.002t1566.003t1572t1573t1573.001t1583t1590t1592t1595t1595.001t1595.002t1595.003tannertanner activitytanner eventstanner interactionstargeting databasetcp protocoltcp scantelecommunicationstelnettelnet attackstelnet threatthreat actorthreat actor activitythreat detectionthreat feedthreat intelligencethreat intelligence feedthreat preventiontimeouttop10.txttopips.txttor nodetpotudp scanunauthorized accessunauthorized access attemptunited statesus abuseus nonevnc protocolvoidtrapvoipvoip attackvulnerability scanvulnerability-scanweb app attackweb application attackweb application attacksweb attackweb exploitationweb exploitsweb shell attemptweb shell detectionweb spamweb trafficweb-attackzeek
Activity Timeline
Jun 6Jun 6
Threat Activity Heatmap
· Peak: 2026-06-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
21
Reports
First seenJun 11, 2025
Last seenJun 6, 2026
GeolocationPH
CountryPhilippines
LocationKwun Tong, 05
ASNAS141718
OrgSuperhub Limited
Coords13.1338, 123.7367
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 45.0.0.0 - 45.255.255.255 netname: IANA-NETBLOCK-45 descr: This network range is not fully allocated to APNIC. descr: descr: If your whois search has returned this message, then you have descr: searched the APNIC whois database for an address that is descr: allocated by another Regional Internet Registry (RIR). descr: descr: Please search the other RIRs at whois.arin.net or whois.ripe.net descr: for more information about that range. country: AU admin-c: IANA1-AP tech-c: IANA1-AP abuse-c: AA1452-AP status: ALLOCATED PORTABLE remarks: For general info on spam complaints email [email protected]. remarks: For general info on hacking & abuse complaints email abuse@apnic .net. mnt-by: APNIC-HM mnt-lower: APNIC-HM mnt-irt: IRT-APNIC-AP last-modified: 2021-02-15T05:31:12Z source: APNIC irt: IRT-APNIC-AP address: Brisbane, Australia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HM20-AP tech-c: NO4-AP auth: # Filtered remarks: APNIC is a Regional Internet Registry. remarks: We do not operate the referring network and remarks: are unable to investigate complaints of network abuse. remarks: For information about IRT, see www.apnic.net/irt remarks: [email protected] was validated on 2020-02-03 mnt-by: APNIC-HM last-modified: 2023-08-18T00:42:38Z source: APNIC role: ABUSE APNICAP address: Brisbane, Australia country: ZZ phone: +000000000 e-mail: [email protected] admin-c: HM20-AP tech-c: NO4-AP nic-hdl: AA1452-AP remarks: Generated from irt object IRT-APNIC-AP remarks: [email protected] was validated on 2020-02-03 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2023-08-18T19:08:30Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
- references
- https://feeds.dshield.org/feeds/topips.txt, https://feeds.dshield.org/feeds/top10.txt, https://feeds.dshield.org/feeds/block.txt, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 7 days ago
Appeared in 21 threat reports