45.60.44.107 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 45.60.44.107 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 27/100

Host and Network Information

• Tags: algorithm, atlas r3, businesseconomy, code, community, comodo valkyrie, contact phone, conttype, csc corporate, data, date, domains, domain status, dv tls, health comodo, httponly, issuer, key identifier, links https, navlanguage1033, number, q1 oglobalsign, rancho cordova, ranks rank, Ransomware, registrar abuse, registrar csc, registrar url, samesitelax, server, sitecurrency840, sophos health, submission, time majestic, umbrella, userculture1033, utc statvoo, v3 serial, value ingestion, verdict mobile, x509v3 subject

• JARM: 29d29d00029d29d00041d41d00000051af7d8070a18e002eaaedf620fa118c

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS19551 incapsula inc
• Noticed: 1 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, United States of America
• Passive DNS Results: zrzjglo.impervadns.net uat-irreporting.mckesson.com 7bqu7k2.impervadns.net portal.mms.mckesson.com hrcstaging.mckesson.com mscs.mckesson.com www.copay.novartispharma.com uat3-bconnect.mckesson.com uat3-z1-fconnect.mckesson.com uat3-z2-fconnect.mckesson.com recette.newetradi.gehis.fr oannl9j.impervadns.net txoqa.usoncology.com temmnwj.impervadns.net data.usoncology.com pdw.mckesson.com www.medianmeds.ie mctest.mckesson.com g2qa.mckesson.com ppd.letsbewell.ca hubconnect.mckesson.com portaldev.mckesson.com portaltest.mckesson.com portaluat.mckesson.com g2qa3.mckesson.com g2qa5.mckesson.com g2qa4.mckesson.com www.boutique.uniprix.com cmm-analytics-proxy.mckesson.com www.apelliscopayassist.com intranet.uniprix.net support.uniprix.net www.vitusapotek.no hq35jyh.x.incapdns.net t6jg23z.x.incapdns.net ght2cws.x.incapdns.net 7v37vjo.x.incapdns.net am2yp27.x.incapdns.net fysdcww.impervadns.net zln9sj7.x.incapdns.net 3ysihab.impervadns.net fdieor5.x.incapdns.net sites.mckesson.com maintenanceconnection.mckesson.com s5uldw6.x.incapdns.net j966z3b.impervadns.net hb6ktou.x.incapdns.net mms-cms.mckesson.com wshxpqi.x.incapdns.net dyv6sbf.x.incapdns.net aggiornamentife2.admentaitalia.it jof7llq.x.incapdns.net i4avr6n.x.incapdns.net vy9cfw6.impervadns.net suegvm9.impervadns.net ordinife2.admentaitalia.it ox57sl7.impervadns.net rrrscc4.impervadns.net fwvkh3z.impervadns.net z8k6kbk.impervadns.net aggiornamentife2test.admentaitalia.it ordinife2test.admentaitalia.it presenze.admentaitalia.it mf9kank.impervadns.net lrtyc64.impervadns.net weyz2lu.impervadns.net qlikview.admentaitalia.it zr43h3z.impervadns.net gmu2r2j.impervadns.net mg4vn23.x.incapdns.net 8nbthr9.x.incapdns.net 6m7dokm.x.incapdns.net 5eioel4.x.incapdns.net rcxtjey.x.incapdns.net copay.novartispharma.com dev.shop.healthmart.com preprod-lloydsonlinedoctor.mckesson.com dev-lloydsonlinedoctor.mckesson.com lloydsonlinedoctor.mckesson.com 4c78d45.impervadns.net www.capouestpartage.com www.udw.ie suppliers.vitusapotek.no www.allyprogram.ca www.pharmacyshow.ie test.petitesannonces-ocp.fr www.copayhelp.mckesson.com photo.uniprix.com www.wundzentren.de findmymeds.letsbewell.ca pharmacystores.healthmart.com tst-timetrackinghero.mckesson.eu pharmacy.healthmart.com mypharmacy.healthmart.com apiuspreprod.uniprix.com www.petitesannonces-ocp.fr sandbox.sourcespace.com mediport2.nmd.no vw-api.dev.healthmart.com tthub-prod.mckesson.com ipsp.tcpportal.ie adfs.usoncology.com lynxpreview.mckesson.com aksdemo.mhiapps.com www.pharmabelgium.be gpo.mckesson.com unity.mckesson.com onmark.mckesson.com toujeo.tcpportal.ie synasupportward.tcpportal.ie reportviewer.opat.ie www.cimziaportal.com haemophiliahht.opat.ie logisticshht.opat.ie tcpvirtualward.opat.ie stagingapiportal-dr.mhiapps.com stagingapis-dr.mhiapps.com stagingapi-dr.mhiapps.com onetrack.mckesson.com pdci.ca onetrack-dev.mckesson.com onetrack-uat.mckesson.com test-viz.mckesson.com mcksfxuat.mckesson.com uat-reporting.rxservices.mckesson.com www.novocaresupport.com novocaresupport.com esit.mckesson.com esit-test.mckesson.com esit-dev.mckesson.com www.recusana.de www.uat.letsbewell.ca uat.letsbewell.ca uatras.mckesson.com devras.mckesson.com testras.mckesson.com trainras.mckesson.com www.guardian-ida-remedysrx.ca boutique.uniprix.com organonaccessportal-renflexis.com www.organonaccessportal-renflexis.com enterpriseregistration.usoncology.com viz-mdanalytics.mckesson.com adfssso.usoncology.com y6mhnlw.impervadns.net piro.isoc.mckesson.com m.connect.mckesson.com www.gestionrhproxim.com help.connect.mckesson.com iamqa.connect.mckesson.com ideas.pre.healthmart.com mft.mckesson.com viz.mckesson.com my.pre.healthmart.com fedsvc.mckesson.com g2rc.mckesson.com www.dittapotek.no stores.pre.healthmart.com my.healthmart.com join.healthmart.com stores-mobile.pre.healthmart.com m.stores.healthmart.com 3xn9gn4.x.incapdns.net 2iyhe63.x.incapdns.net stores.onlinecommunitypharmacy.com idqioy4.x.incapdns.net ylkklh5.x.incapdns.net hq6tihy.x.incapdns.net awoop7n.x.incapdns.net enterpriseregistration.mckessonspecialtyhealth.com lm6ti6l.x.incapdns.net l3c79k4.x.incapdns.net e2ff6uz.x.incapdns.net 9k2pmij.x.incapdns.net xuzxcx7.impervadns.net iu2cjsw.x.incapdns.net k67rmzf.x.incapdns.net qa3mbww.x.incapdns.net qet4iom.impervadns.net zlaophd.impervadns.net apelliscopayassist.com oneenliven.ca guardian-ida-remedysrx.ca www.ocp.fr emplois.uniprix.com 8i9yzqx.x.incapdns.net sso.mckesson.eu www.uniprix.com www.ordervaccines.ie www.ordervaccine.ie stores.healthmart.com www.macrohelix.com fpd72py.x.incapdns.net allyprogram.ca 785co35.x.incapdns.net 3i47sj8.x.incapdns.net odjmffw.x.incapdns.net vwkhv47.x.incapdns.net szv4s9a.x.incapdns.net 979qq58.x.incapdns.net macrohelix.com uniprix.com fmyigu2.x.incapdns.net 5fcemis.x.incapdns.net z2vfwcp.x.incapdns.net twxc3pe.x.incapdns.net mypharmactiv.fr vu5p24t.x.incapdns.net ewvjfmc.x.incapdns.net ranbaxydirect.com x7qq8l6.x.incapdns.net onlinecommunitypharmacy.com accesshealth.com vo3vzaw.x.incapdns.net jcq6ihg.x.incapdns.net zubzf7q.x.incapdns.net

Open Ports Detected

10000 10134 1024 10443 1177 1234 12345 1337 135 13579 1400 14265 1433 14344 1521 16010 16030 1935 2000 20000 2082 2083 2086 2087 2222 2345 2375 2376 2404 2480 25 25001 2628 2761 2762 3000 3001 3050 31337 3268 3269 3299 3333 3389 3790 389 4000 4022 4040 4064 43 443 444 4443 4444 4500 4567 465 4848 4911 5000 50000 5001 5005 50050 5006 5007 5009 5010 5201 5222 5269 53 55000 554 55443 5555 5560 5601 5672 5800 587 5900 5901 5938 5985 5986 6000 60001 6001 6080 631 636 6443 7001 7071 7171 7443 7547 7548 771 7777 7779 7900 80 8001 8008 8009 8010 8060 8069 8080 8081 8083 8085 8086 8089 8090 8098 81 8112 8123 8126 8139 8140 8181 8188 82 8200 83 84 8443 8554 88 8800 8834 8880 8888 8889 9000 9001 9002 9009 9080 9090 9091 9095 9100 9191 9200 9306 9398 9443 9530 9600 9800 9876 9943 9999

Map

Whois Information

• NetRange: 45.60.0.0 - 45.60.255.255
• CIDR: 45.60.0.0/16
• NetName: INCAPSULA-NET
• NetHandle: NET-45-60-0-0-1
• Parent: NET45 (NET-45-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS19551
• Organization: Incapsula Inc (INCAP-5)
• RegDate: 2015-01-15
• Updated: 2021-12-14
• Ref: https://rdap.arin.net/registry/ip/45.60.0.0
• OrgName: Incapsula Inc
• OrgId: INCAP-5
• Address: 3400 Bridge Parkway, Suite 200
• City: Redwood Shores
• StateProv: CA
• PostalCode: 94065
• Country: US
• RegDate: 2010-09-15
• Updated: 2023-02-27
• Ref: https://rdap.arin.net/registry/entity/INCAP-5
• OrgTechHandle: GILKI1-ARIN
• OrgTechName: Gilkis, Nitzan
• OrgTechPhone: +1-650-345-9000
• OrgTechEmail: nitzan.gilkis@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/GILKI1-ARIN
• OrgTechHandle: ARIGO-ARIN
• OrgTechName: Arigo, Francis
• OrgTechPhone: +1-650-345-9000
• OrgTechEmail: FRANCIS.ARIGO@IMPERVA.COM
• OrgTechRef: https://rdap.arin.net/registry/entity/ARIGO-ARIN
• OrgTechHandle: KLINK18-ARIN
• OrgTechName: Klink, Aaron
• OrgTechPhone: +1-650-345-9000
• OrgTechEmail: aaron.klink@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/KLINK18-ARIN
• OrgTechHandle: CLNSC-ARIN
• OrgTechName: Chitturi, Lakshmi Naga Sri Charan
• OrgTechPhone: +93520896
• OrgTechEmail: lakshmi.chitturi@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/CLNSC-ARIN
• OrgTechHandle: LIROZ-ARIN
• OrgTechName: liroz, yanay
• OrgTechPhone: +972723771700
• OrgTechEmail: yanay.liroz@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/LIROZ-ARIN
• OrgTechHandle: LOHBE-ARIN
• OrgTechName: LOH, BENEDICT
• OrgTechPhone: +1-658-812-4661
• OrgTechEmail: benedict.loh@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/LOHBE-ARIN
• OrgAbuseHandle: IMPER7-ARIN
• OrgAbuseName: Imperva AbuseDesk
• OrgAbusePhone: +1-866-250-7659
• OrgAbuseEmail: abuse@incapsula.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/IMPER7-ARIN
• OrgNOCHandle: IMPER11-ARIN
• OrgNOCName: Imperva Operations
• OrgNOCPhone: +1-866-250-7659
• OrgNOCEmail: ip@incapsula.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/IMPER11-ARIN
• OrgTechHandle: TEWKS25-ARIN
• OrgTechName: Tewksbury, Carl
• OrgTechPhone: +1-855-574-9831
• OrgTechEmail: carl.tewksbury@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TEWKS25-ARIN
• OrgTechHandle: IMPER9-ARIN
• OrgTechName: Imperva
• OrgTechPhone: +1-450-405-4945
• OrgTechEmail: neteng@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IMPER9-ARIN
• OrgTechHandle: BLACK1033-ARIN
• OrgTechName: Black, Nicole
• OrgTechPhone: +1-855-574-9831
• OrgTechEmail: knack.black@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/BLACK1033-ARIN
• OrgTechHandle: CASEI7-ARIN
• OrgTechName: Caseiro, Nelson
• OrgTechPhone: +1-866-926-4678
• OrgTechEmail: nelson.caseiro@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/CASEI7-ARIN
• OrgTechHandle: WOODE23-ARIN
• OrgTechName: Wooderson, Lee
• OrgTechPhone: +44 2890446293
• OrgTechEmail: lee.wooderson@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/WOODE23-ARIN
• OrgTechHandle: RIR7-ARIN
• OrgTechName: rir
• OrgTechPhone: +1-650-345-9000
• OrgTechEmail: rir@imperva.com
• OrgTechRef: https://rdap.arin.net/registry/entity/RIR7-ARIN

Links to attack logs

****** ****** ******