45.61.187.34 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 45.61.187.34 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

• Tags: attack, cyber security, ioc, kfsensor, login, malicious, Nextray, phishing, rdp, scanner, ssh, SSH, Telnet, TOR, VPN

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS53667 frantech solutions
• Noticed: 50 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: fans678.top bvm3.datanieve2.tk sman2nganjuk.org smkn1nganjuk.info www.smkn1nganjuk.info www.training.irmasustika.com www.kelulusan.ictsman2nganjuk.org menaraselatan.com www.menaraselatan.com www.webhostnix.com webhostnix.com www.cakar4pilar.com www.bahariherbal.com bahariherbal.com www.smkgamaliel1madiun.sch.id smkgamaliel1madiun.sch.id blog.semarang.womanpreneur-community.com www.semarang.womanpreneur-community.com semarang.womanpreneur-community.com www.womanpreneur-community.com iwpc.semarang.womanpreneur-community.com member.semarang.womanpreneur-community.com womanpreneur-community.com www.smakomnganjuk.sch.id smakomnganjuk.sch.id ptmkpjogja.com www.ptmkpjogja.com www.sman1rejoso.sch.id sman1rejoso.sch.id www.irmasustika.com training.irmasustika.com ictsman2nganjuk.org www.ictsman2nganjuk.org interdesain.com www.interdesain.com www.exhaustfanindonesia.com exhaustfanindonesia.com kopertrip.com www.kopertrip.com www.jualbotol.com jualbotol.com piknikasik.com www.yogyakarta-localtours.com irmasustika.com dns2.webhostnix.com dns1.webhostnix.com www.bkk.smkn1kismantoro.sch.id cakar4pilar.com yogyakarta-localtours.com bahariherbal.co.id www.htb100.com www.email.htb100.com email.htb100.com purworejojepret.com pop.bioindustries.co.id smtp.bioindustries.co.id serv01.webhostnix.com www.smkn1kismantoro.sch.id smkn1kismantoro.sch.id bkk.smkn1kismantoro.sch.id sman3nganjuk.sch.id www.sman3nganjuk.sch.id www.surat.smkn1nganjuk.info surat.smkn1nganjuk.info www.store.womanpreneur-community.com store.womanpreneur-community.com www.doni.ictsman2nganjuk.org www.lulus.smkn1nganjuk.info lulus.smkn1nganjuk.info www.tjandra.ictsman2nganjuk.org www.tpa.ictsman2nganjuk.org tpa.ictsman2nganjuk.org www.mail.smakomnganjuk.sch.id jualjar.com www.blog.womanpreneur-community.com blog.womanpreneur-community.com inspektorat.sman1rejoso.sch.id www.elearning.smkn1nganjuk.info www.simada.ictsman2nganjuk.org simada.ictsman2nganjuk.org www.moodle.ictsman2nganjuk.org moodle.ictsman2nganjuk.org www.lulus2020.smkgamaliel1madiun.sch.id lulus2020.smkgamaliel1madiun.sch.id www.erapor2019.ictsman2nganjuk.org www.erapor.ictsman2nganjuk.org erapor.ictsman2nganjuk.org www.eventmanagement.irmasustika.com eraport.sman3nganjuk.sch.id dapodik.sman3nganjuk.sch.id www.dapodik.sman3nganjuk.sch.id www.eraporadmin.ictsman2nganjuk.org eraporadmin.ictsman2nganjuk.org dapodik.ictsman2nganjuk.org www.dapodik.ictsman2nganjuk.org biodatarapor.ictsman2nganjuk.org www.biodatarapor.ictsman2nganjuk.org demo.polesalami.com www.demo.polesalami.com smantigamagetan.sch.id www.ujian.smkn1nganjuk.info www.ldp.sman1rejoso.sch.id ldp.sman1rejoso.sch.id www.member.womanpreneur-community.com member.womanpreneur-community.com www.skl.smkn1nganjuk.info skl.smkn1nganjuk.info www.psht.smkn1nganjuk.info psht.smkn1nganjuk.info www.interdesign.interdesain.com interdesign.interdesain.com www.sik.smkn1kismantoro.sch.id pop.sik.smkn1kismantoro.sch.id smtp.sik.smkn1kismantoro.sch.id ftp.sik.smkn1kismantoro.sch.id sik.smkn1kismantoro.sch.id iwpc.womanpreneur-community.com www.iwpc.womanpreneur-community.com upasmada.ictsman2nganjuk.org www.upasmada.ictsman2nganjuk.org tryout.ictsman2nganjuk.org www.tryout.ictsman2nganjuk.org www.cbt.smkgamaliel1madiun.sch.id cbt.smkgamaliel1madiun.sch.id tjandra.ictsman2nganjuk.org www.keuangan.smkn1nganjuk.info orbits.ictsman2nganjuk.org www.orbits.ictsman2nganjuk.org www.pmp.ictsman2nganjuk.org pmp.ictsman2nganjuk.org pendataan.ictsman2nganjuk.org www.pendataan.ictsman2nganjuk.org forum.irmasustika.com ritaamalisa.ictsman2nganjuk.org www.ritaamalisa.ictsman2nganjuk.org kelulusan.ictsman2nganjuk.org snmpn2021.ictsman2nganjuk.org www.snmpn2021.ictsman2nganjuk.org www.inspektorat.sman1rejoso.sch.id psikotes.ictsman2nganjuk.org www.psikotes.ictsman2nganjuk.org www.pemilos.ictsman2nganjuk.org erapor2019.ictsman2nganjuk.org www.eraport.sman3nganjuk.sch.id verifikasi.piknikasik.com www.verifikasi.piknikasik.com e-rapot.smkgamaliel1madiun.sch.id www.e-rapot.smkgamaliel1madiun.sch.id elearning.smkn1nganjuk.info www.forum.irmasustika.com bk.smkn1nganjuk.info www.bk.smkn1nganjuk.info pemburukuliner.com pop.pemburukuliner.com www.pemburukuliner.com ftp.pemburukuliner.com e-learning.smkgamaliel1madiun.sch.id www.e-learning.smkgamaliel1madiun.sch.id eventmanagement.irmasustika.com doni.ictsman2nganjuk.org cdn4.kopertrip.com www.cdn4.kopertrip.com cdn3.kopertrip.com www.cdn3.kopertrip.com cdn1.kopertrip.com www.cdn1.kopertrip.com www.cdn2.kopertrip.com cdn2.kopertrip.com

Malware Detected on Host

Count: 4 2f08e286158ac76e677f30ceaae69cc2e828f68d03708de6a51e8e3f49890161 c5d1d39816dfe86b55f47fead28b528afefc031f417098ad2f5102d1633086fd 7282e2fdb25b07554b082f5cf1697315ed5ce3005f985cbe96a34da965869db5 bfd4c032232b86c25b9b3bd57fd9936775b34848c19003bf8183cd3f0164bc42

Open Ports Detected

22 443 80

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-20372 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-23017 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

• NetRange: 45.61.128.0 - 45.61.191.255
• CIDR: 45.61.128.0/18
• NetName: PONYNET-15
• NetHandle: NET-45-61-128-0-1
• Parent: NET45 (NET-45-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS53667
• Organization: FranTech Solutions (SYNDI-5)
• RegDate: 2015-01-02
• Updated: 2015-01-02
• Ref: https://rdap.arin.net/registry/ip/45.61.128.0
• OrgName: FranTech Solutions
• OrgId: SYNDI-5
• Address: 1621 Central Ave
• City: Cheyenne
• StateProv: WY
• PostalCode: 82001
• Country: US
• RegDate: 2010-07-21
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/SYNDI-5
• OrgTechHandle: FDI19-ARIN
• OrgTechName: Dias, Francisco
• OrgTechPhone: +1-778-977-8246
• OrgTechEmail: fdias@frantech.ca
• OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
• OrgAbuseHandle: FDI19-ARIN
• OrgAbuseName: Dias, Francisco
• OrgAbusePhone: +1-778-977-8246
• OrgAbuseEmail: fdias@frantech.ca
• OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

****** ntp-bruteforce-ip-list-2022-02-26 ****** ******