45.61.137.28 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 45.61.137.28 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Netherlands
• Network: AS399629 bl networks
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: primevideo.secure-refund-order.com secure-refund-order.com amz-refund-order.com receipt-order-refund.com support-remboursement.net refund-sub-order.com cc.kurdgozar.info l7o.link zduskg.com jsjwgr.com tjahyi.com 4ej.link ohttog.com jtuvtw.com khyylx.com gdpqfc.com soxlyf.com zndqpo.com qgwrwh.com lfyl.link vwodou.com nxjo.link lajp.link fuzmuy.com hq6.link vojy.link rc8k.info oyfj.link vioi.link phpj.link ct2.link 2a5f.info nzgq.link nyxc.link mtybzj.com vqbies.com 0vs.link sigoow.com 3z6h.info 2ig.link uuukwq.com qevprp.com kwnj.link nhuwcf.com cxmurm.com wbicat.com z4t0.info ohfo.link tkvavv.com qbs5.info z8p.link jiywns.com dzuz.link sleg.link oeab.link pihu.link uzur.link synrwr.com obigvo.com mkvn.link twxbnv.com 9lni.info juayzh.com 6isc.info rgei.link 6pk.link nefccj.com 3ke.link ky1u.info tj30.info poszlu.com penonj.com jzsf.info yybnea.com eucp.link npmc.link mqsr.link criv.link nmoo.link esjk.link qfuc.link nxon.link vozn.link waih.link oaob.link zcpa.link airbnb.pt-apartamento-online.slbil.shop airbnb.pt-onlineapartamento.dui7lcj.homes airbnb.pt-reserva-apartamento-online.o7j3d2il.art airbnb.pt-reserva-online.lnvil.one airbnb.pt-reserva-apartamento-online.f6n9li.one airbnb.pt-apartamento-online.d3g57ji.live airbnb.es-reserva-online-piso.sr7y4di.homes uniprime.atendimentojuridico.digital www.validpendingoffice.com validpendingoffice.com www.officemaingatecn.com www.officejandese.com officemaingatecn.com officejandese.com www.carefirstphannacy.net carefirstphannacy.net www.levelofficebns.com www.officenetnewvps.com www.officevusdomian.com levelofficebns.com officenetnewvps.com officevusdomian.com www.officenewmainclear.com officenewmainclear.com www.westgatemainfae.com westgatemainfae.com www.wateswates.com wateswates.com mlcrosoftonline.com 365mlcrosoftonline.com 365microscoftoffice.top sts.ad.365microscoftoffice.top www.365microscoftoffice.top login.365microscoftoffice.top idpz.auorauth.365microscoftoffice.top login.365mlcrosoftonline.com www.365mlcrosoftonline.com devdemo123.com www.devdemo123.com login.devdemo123.com www.institutionemailnotice.com autoconfig.institutionemailnotice.com institutionemailnotice.com

Map

Whois Information

• NetRange: 45.61.128.0 - 45.61.191.255
• CIDR: 45.61.128.0/18
• NetName: PONYNET-15
• NetHandle: NET-45-61-128-0-1
• Parent: NET45 (NET-45-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS53667
• Organization: FranTech Solutions (SYNDI-5)
• RegDate: 2015-01-02
• Updated: 2015-01-02
• Ref: https://rdap.arin.net/registry/ip/45.61.128.0
• OrgName: FranTech Solutions
• OrgId: SYNDI-5
• Address: 1621 Central Ave
• City: Cheyenne
• StateProv: WY
• PostalCode: 82001
• Country: US
• RegDate: 2010-07-21
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/SYNDI-5
• OrgAbuseHandle: FDI19-ARIN
• OrgAbuseName: Dias, Francisco
• OrgAbusePhone: +1-778-977-8246
• OrgAbuseEmail: fdias@frantech.ca
• OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
• OrgTechHandle: FDI19-ARIN
• OrgTechName: Dias, Francisco
• OrgTechPhone: +1-778-977-8246
• OrgTechEmail: fdias@frantech.ca
• OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
• NetRange: 45.61.137.0 - 45.61.137.255
• CIDR: 45.61.137.0/24
• NetName: BLNETWORKS-NL-02
• NetHandle: NET-45-61-137-0-1
• Parent: PONYNET-15 (NET-45-61-128-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: BL Networks NL (BNN-13)
• RegDate: 2021-04-13
• Updated: 2024-02-18
• Comment: Geofeed https://geoip.blnwx.com/csv
• Ref: https://rdap.arin.net/registry/ip/45.61.137.0
• OrgName: BL Networks NL
• OrgId: BNN-13
• Address: Lemelerbergweg
• City: Amsterdam
• StateProv:
• PostalCode:
• Country: NL
• RegDate: 2019-10-02
• Updated: 2022-01-20
• Ref: https://rdap.arin.net/registry/entity/BNN-13
• OrgTechHandle: ADMIN7234-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-307-317-1097
• OrgTechEmail: admin@blnwx.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN7234-ARIN
• OrgAbuseHandle: ADMIN7234-ARIN
• OrgAbuseName: Admin
• OrgAbusePhone: +1-307-317-1097
• OrgAbuseEmail: admin@blnwx.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ADMIN7234-ARIN

Links to attack logs

****** ****** ******