Report for IP: 45.198.224.13

Threat LevelCRITICAL85/1002 rule types across 2 attack categories
8 incidents on record · 2 rule types · active attacker + blocklisted · active over 4 days · seen 2h ago · bulletproof hosting
PTR N/A
Org / ASN Cloud Innovation Ltd
Country 🇸🇪 Sweden
City Stockholm, Stockholm County
Timezone Europe/Stockholm
Abused IP ResellerCloud Innovation Ltd
Cloud Innovation Ltd is a Swedish IP-block reseller that delegates address space to downstream customers globally. Its netblocks have been independently flagged by both CINS Army (active threat intelligence) and DShield (SANS honeypot network), indicating sustained port-scanning and SSH brute-force activity. Abuse complaints appear to go effectively unaddressed, with customers operating dedicated scanning infrastructure.

Attack Analysis

🇸🇪 Sweden · Stockholm · 215925 · VPSVAULT.HOST LTD
IDS: Blocklist — Dshield
This IP was reported to the DShield community blocklist by multiple independent security sensors worldwide. DShield aggregates firewall logs from thousands of contributors; IPs on this list are confirmed active attackers observed across many networks.
Suricata IDS Alert
Suricata intrusion detection flagged this IP for malicious network behaviour — including port scanning, exploit attempts, botnet activity, or known attack signatures. The specific signature is shown in the report list below.

Reports (8)

Date Severity Description
13 Jun 2026 - 04:59 high IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1
10 Jun 2026 - 08:58 high IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1
9 Jun 2026 - 20:00 high IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1
9 Jun 2026 - 18:48 high IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1
9 Jun 2026 - 17:32 high IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1
9 Jun 2026 - 15:52 high IDS: Suricata alert
9 Jun 2026 - 15:52 medium IDS: Suricata alert — ET WEB_SPECIFIC_APPS React Server Components React2Shell Unsafe Flight Protocol Property Access (CVE-2025-55182)
9 Jun 2026 - 15:17 high IDS: Blocklist — Dshield listed IP — ET DROP Dshield Block Listed Source group 1

Related IPs — Same /24 Block (45.198.224.0/24)

45.198.224.5CRITICAL354 reports45.198.224.18CRITICAL354 reports45.198.224.138HIGH74 reports45.198.224.145HIGH50 reports45.198.224.22HIGH38 reports45.198.224.7HIGH12 reports45.198.224.141HIGH16 reports45.198.224.126HIGH5 reports
Part of EagleEye Intelligence