IOC Radar
IPMediumSignal 100/100

45.61.157.32

Location
United StatesUnited States
Las Vegas, Nevada
ASN
AS14956
FranTech Solutions
First Seen
Feb 11, 2025
Last Seen
Mar 12, 2026
Feb 11
First Seen
489d ago
Mar 12
Last Seen
94d ago
12
Reports
source reports
99%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryUSUnited States
RegionLas Vegas, Nevada
ASNAS14956
OrganizationFranTech Solutions

IP Category

Proxy
Proxy server

Feed Intelligence Summary

12 reports99% confidence
12
Source reports
99%
Confidence score
Category tags
abuseactive scanningadbhoney activityadbhoney honeypotattackbotnetbrute forcec2command and controlcommunication protocolcowrie activitycowrie attackcowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdecoy systemdionaea activitydionaea attackdionaea honeypotdistributed attacksftp brute forcehoneytrap activityhoneytrap honeypotlamplamp attacklamp stack attackmailoney activitymailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork scanningnetwork securitynorth americaphishingphishing attackphishing trapprocess injectionproxyreconnaissanceresearchedresource hijackingscripting attacksself-signedsentrypeer activitysentrypeer botnetsftp activitysftp attacksip scanningsocial engineeringssh attackssh monitoringt1040t1041t1055t1059t1059.004t1059.007t1071.001t1078t1078.001t1078.004t1110t1110.001t1110.002t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertanner attacktelecommunicationsthreat actorthreat detectionthreat intelligencetpotceunited statesunited states of americausvoipvoip attackweb attackweb exploitation

Activity Timeline

1 total obs
Mar 12Mar 12

Threat Activity Heatmap

· Peak: 2026-03-12
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
12
Reports
First seenFeb 11, 2025
Last seenMar 12, 2026
GeolocationUS
CountryUnited States
LocationLas Vegas, Nevada
ASNAS14956
OrgFranTech Solutions
Coords36.1020, -115.1447
Proxy

VirusTotal

Not checked

WHOIS

description
2025-02-11T19:08:50.371Z Honeypot : Tanner : Source: 45.61.157.32 : Port: 80 Post Data: {'version': '0.6.0', 'response': {'message': {'sess_uuid': '75bd9bd7-71be-4df6-b558-e446d6af1edf', 'detection': {'version': '0.6.0', 'order': 1, 'name': 'index', 'type': 1}}}}
raw
FranTech Solutions PONYNET-15 (NET-45-61-128-0-1) 45.61.128.0 - 45.61.191.255 RouterHosting LLC ROUTERHOSTING (NET-45-61-156-0-1) 45.61.156.0 - 45.61.157.255
references
https://threatfox.abuse.ch/export/csv/recent/, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 12 threat reports