45.84.196.240 Threat Intelligence and Host Information

Jun 19, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.84.196.240 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: Italy
  • Network: AS213143 leek information technology london ltd
  • Noticed: 29 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 10 315adb56331de95b8bf5d45717a1e430292e45f577c831c7a6b504f45b74bf1b 119955ac9684650cd39cf15ee0e242db5157e53f1c2ea10a243dbe1244971791 39154c471b2807dae6fc253887153f8669d271ed41cd976163ce23124490e183 eb994684dd083aeeb7fa8ca55b82e8b65b780acaa4da4bc7e8fa0001023935f4 fc1e465ec9f1824abbf050d0ca73670854ecb1db7080f8c65aaeff720f886353 583d30d420091c200eb7874b80a0ab1adbe33a25ed7ab419d02840212880ed51 605a45cb0031ec454b5c2556fb8aea3dd005230f3643c2f17ddce9c4517c64f5 fe27da42a41e1bb1c7b053a4b6039b9be44e241964e218daaff71ccf52206d8b b83d8fd88a1805d9dde7dee274f7c836494803ca028056ce1f0287626defd6e2 ad512f8f819696cc12c13ddd15c69a03212f0e37618ab02fca4b38150e2d9ecf

Map

Whois Information

  • inetnum: 45.84.196.0 - 45.84.196.255
  • netname: TWENTYFOUR-FIRE
  • org: ORG-AA2850-RIPE
  • geofeed: https://backend.24fire.de/geofeed/geofeed.csv
  • country: DE
  • admin-c: DK10318-RIPE
  • tech-c: DK10318-RIPE
  • status: SUB-ALLOCATED PA
  • mnt-by: MOS-IP-MNT
  • mnt-by: TWENTYFOUR-FIRE-MNT
  • mnt-by: RixorSolutions-MNT
  • created: 2023-02-01T16:25:44Z
  • last-modified: 2023-10-31T17:59:04Z
  • organisation: ORG-AA2850-RIPE
  • org-name: 24fire GmbH
  • country: DE
  • org-type: OTHER
  • address: Kronenstraße 4
  • abuse-c: ACRO52566-RIPE
  • mnt-ref: RixorSolutions-MNT
  • mnt-ref: AZERONLINE-MNT
  • mnt-by: RixorSolutions-MNT
  • mnt-by: TWENTYFOUR-FIRE-MNT
  • created: 2023-01-09T07:42:24Z
  • last-modified: 2023-10-31T17:20:19Z
  • person: Daniel Kuehn
  • address: Kronenstraße 4, 68723 Schwetzingen
  • phone: +4915678711099
  • nic-hdl: DK10318-RIPE
  • mnt-by: RixorSolutions-MNT
  • created: 2022-10-31T20:49:12Z
  • last-modified: 2023-10-12T16:21:53Z
  • route: 45.84.196.0/24
  • origin: AS216063
  • mnt-by: TWENTYFOUR-FIRE-MNT
  • created: 2023-10-31T08:40:49Z
  • last-modified: 2023-10-31T08:40:49Z
  • route: 45.84.196.0/24
  • origin: AS49581
  • mnt-by: RixorSolutions-MNT
  • created: 2023-02-01T16:57:14Z
  • last-modified: 2023-02-01T16:57:14Z

Links to attack logs

****** telnet-bruteforce-ip-list-2020-10-18 ****** ******

Share on: