77.48.28.237 Threat Intelligence and Host Information

Jun 19, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 77.48.28.237 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 70/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing, TOR

  • Known tor exit node

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: dm_tor, et_tor, stopforumspam_180d, stopforumspam_1d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d, stopforumspam

  • Known TOR node
  • Country: Czechia
  • Network: AS16019 vodafone czech republic a.s.
  • Noticed: 38 times
  • Protocols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 15 e037ae83dad1c5fa3fe9ea19893dd866d1a5c6fb38251e39f0f811591f1d98ef 627fa0c73bdca10b9bbe750789d1d049cc861f079bcfe1f789844106fdbe283f aabad62333308e72f85ad9536c94836ed740ae9e49be64a59ddb7714270a0fc1 5031130c2f4e0fc149443d4a3061a9704c04f8d27ed03cb29764d02ea6e558e1 fc23d377796ed409e69e0105293670a442e786fe6eb82c6333e3142bd956ec42 b8817f6a5bc25d1654e6763d3e64fd2c59f8cb992b1a0010b66d0d1242f82f87 6dfdb4d6ee7b2480f54ea8e03406be91da11b2d076fd49f979fcca44c4ad1ead 5cdeca0c4d2cd81c83e49fa0641758f85c41fd3aa2b2b1e5e26cfc397be3c35f 85abb86cd3ec62ccc0a173c90793c7a69df8c87dd724f1311bb5d3970d1ba367 67654c17b3ad70043f73de2f1ff4396fc1224b6002794d60f8122d37cceb4f0f

Open Ports Detected

443 80

Map

Whois Information

  • inetnum: 77.48.28.192 - 77.48.28.255
  • netname: CZ-FINALTEK
  • descr: Zdenek Klauda - FinalTek.com
  • descr: Mesice
  • descr: Please send all abuse/SPAM complaints to admin@finaltek.com and abuse.anmaxx@yahoo.com
  • country: CZ
  • admin-c: ZK896-RIPE
  • tech-c: ZK896-RIPE
  • status: ASSIGNED PA
  • mnt-by: OSKR-MNT
  • created: 2016-06-09T13:42:28Z
  • last-modified: 2024-04-08T18:41:59Z
  • person: Zdenek Klauda
  • address: Zdenek Klauda - FinalTek.com
  • address: Nova 225/1
  • address: Mesice
  • address: Czech Republic
  • phone: +420 603 167825
  • nic-hdl: ZK896-RIPE
  • mnt-by: OSKR-MNT
  • created: 2011-05-09T08:58:41Z
  • last-modified: 2022-08-30T17:22:33Z
  • route: 77.48.0.0/17
  • descr: Vodafone Czech Republic a.s.
  • origin: AS16019
  • mnt-by: VFCZ-MNT
  • created: 2021-01-29T15:51:27Z
  • last-modified: 2021-01-29T15:51:27Z

Links to attack logs

digitaloceansingapore-ssh-bruteforce-ip-list-2024-02-15

Share on: