41.33.45.98 Threat Intelligence and Host Information

Share on:
Jun 22, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 41.33.45.98 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 39/100

Host and Network Information

  • Tags: Malicious IP, Nextray, blacklist, botnet, bruteforce, cyber security, digital ocean, ioc, malicious, mirai, mssql, nmap, phishing, port-scan, scan, smb, tcp, vultr
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: ciarmy

  • Country: Egypt
  • Network: AS8452 te data
  • Noticed: 2 times
  • Protcols Attacked: mssql
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Singapore, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 1 05ccc005304356c0803b7df30ba625438e7ff924f3719961eb7b43a87243abb0

Open Ports Detected

443

CVEs Detected

CVE-2020-1982 CVE-2020-1996 CVE-2020-1999 CVE-2020-2000 CVE-2020-2011 CVE-2020-2021 CVE-2020-2022 CVE-2020-2034 CVE-2020-2036 CVE-2020-2037 CVE-2020-2038 CVE-2020-2039 CVE-2020-2040 CVE-2020-2043 CVE-2020-2044 CVE-2020-2048 CVE-2020-2050 CVE-2021-3031 CVE-2021-3032 CVE-2021-3036 CVE-2021-3037 CVE-2021-3045 CVE-2021-3046 CVE-2021-3047 CVE-2021-3048 CVE-2021-3050 CVE-2021-3054 CVE-2021-3060 CVE-2021-3061 CVE-2021-3062 CVE-2021-3063 CVE-2022-0011 CVE-2022-0022 CVE-2022-0023 CVE-2022-0024 CVE-2022-0028 CVE-2023-0004 CVE-2023-0005 CVE-2023-0007 CVE-2023-0008

Map

Whois Information

  • inetnum: 41.33.0.0 - 41.33.255.255
  • netname: TED-00
  • descr: TE Data
  • country: EG
  • admin-c: TDCR1-AFRINIC
  • tech-c: TDCR2-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: GEGA-MNT
  • parent: 41.32.0.0 - 41.47.255.255
  • role: TE Data Contact Role
  • address: 94 Tahrir Street, Dokki, 12311, Giza, Egypt
  • phone: tel:+20-2-33320700
  • fax-no: tel:+20-2-33320800
  • admin-c: TDCR2-AFRINIC
  • tech-c: MH7-AFRINIC
  • nic-hdl: TDCR1-AFRINIC
  • abuse-mailbox: [email protected]
  • mnt-by: TE-Data-MNT
  • role: TE Data Contact Role-2
  • address: 94 Tahrir Street, Dokki, 12311, Giza, Egypt
  • phone: tel:+20-2-33320700
  • fax-no: tel:+20-2-33320800
  • admin-c: TDCR2-AFRINIC
  • tech-c: MH7-AFRINIC
  • nic-hdl: TDCR2-AFRINIC
  • abuse-mailbox: [email protected]
  • mnt-by: TE-Data-MNT
  • route: 41.33.0.0/17
  • descr: Telecom-Egypt-Data
  • origin: AS8452
  • mnt-lower: GEGA-MNT
  • mnt-by: AFRINIC-HM-MNT

Links to attack logs

dosing-mssql-bruteforce-ip-list-2023-02-16 nmap-scanning-list-2022-09-16 nmap-scanning-list-2023-03-31 nmap-scanning-list-2023-04-29 nmap-scanning-list-2022-08-24 nmap-scanning-list-2022-09-15 nmap-scanning-list-2021-06-11 vultrwarsaw-mssql-bruteforce-ip-list-2022-11-02

Usernames utilised by this host:

sa,