157.245.61.76 Threat Intelligence and Host Information

Share on:
Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 157.245.61.76 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service
  • Tags: attack ddos, botnet, Cyclops, ddos, Gamardeon, HermeticWiper, IsaacWiper, list ips, PartyTicket, russia, russian, ukraine, WhisperGate

  • JARM: 29d29d15d29d29d00042d42d00000072e74222ce193a6f991becaa3da6c94d

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua, stopforumspam_365d

  • Country: Singapore
  • Network: AS14061 digitalocean llc
  • Noticed: 6 times
  • Protocols Attacked: spam
  • Countries Attacked: Russian Federation
  • Passive DNS Results: www.kinglatyar.com www.mmis.maex.com.mm mmis.maex.com.mm aquamyeikpremiumseafood.com kinglatyar.com www.porpor.falconbreeze.com www.porpor.app porpor.falconbreeze.com porpor.app www.mbig.falconbreeze.com mbig.falconbreeze.com www.mingalar2.cometeleven.com mingalar2.cometeleven.com www.2d3d.cometeleven.com 2d3d.cometeleven.com www.mingalar.cometeleven.com mingalar.cometeleven.com www.test.11vms.com test.11vms.com mobile.porpor.app www.mobile.porpor.app kozaycarrental.cometeleven.com www.kozaycarrental.cometeleven.com jumboexp.com www.21zay.com 21zay.com www.21zay.11vms.com 21zay.11vms.com www.zwaregroup.com panel.cometeleven.com www.falconbreeze.com falconbreeze.com zwaregroup.falconbreeze.com www.zwaregroup.falconbreeze.com secureinnovations.falconbreeze.com www.secureinnovations.falconbreeze.com www.royalpeacedeco.11vms.com royalpeacedeco.11vms.com www.buildergroup.com.mm buildergroup.com.mm dearch.com.mm www.dearch.com.mm www.zayat.tv zayattv.11vms.com zayat.tv www.zayattv.11vms.com www.livelife.com.mm www.livelife.11vms.com livelife.com.mm livelife.11vms.com www.awra.11vms.com awra.11vms.com mettapharmacy.cometeleven.com www.mettapharmacy.cometeleven.com www.staging.gmm.com.mm staging.gmm.com.mm www.gmp.cometeleven.com gmp.cometeleven.com www.dagonamt.com www.zayforyou.gmm.com.mm zayforyou.gmm.com.mm www.royalpeacemyanmar.gmm.com.mm royalpeacemyanmar.gmm.com.mm www.marketing.seingayhar.com marketing.seingayhar.com tunpharmaceuticaltrading.cometeleven.com www.tunpharmaceuticaltrading.cometeleven.com system.royalpeacemyanmar.com www.system.royalpeacemyanmar.com pyitwinphyit.11vms.com www.pyitwinphyit.11vms.com www.pyitwinphyit.com.mm pyitwinphyit.com.mm www.testing.royalpeacemyanmar.com testing.royalpeacemyanmar.com www.teamco.cometeleven.com teamco.cometeleven.com www.zayforyou.com www.zayat.com.mm www.nayhtoonaing.com www.royalpeacedeco.com www.zayhub.com zayhub.com www.awra.com.mm www.splmyanmar.com www.technolife.com.mm www.sweetchild.com.mm www.11vms.com www.kozaycarrental.com www.royalpeacemyanmar.com sample.cometeleven.com www.sample.cometeleven.com www.omi.11vms.com www.omi.org.mm omi.org.mm www.mingalarwholesale.11vms.com mingalarwholesale.11vms.com www.mingalarwholesale.com www.mbig.cometeleven.com mbig.cometeleven.com www.seingayhar.com www.dezine.cometeleven.com dezine.cometeleven.com shopdemo.zayhub.com www.shopdemo.zayhub.com www.demo.zayhub.com demo.zayhub.com www.livelifedezine.com.mm livelifedezine.com.mm www.livelifedezine.11vms.com livelifedezine.11vms.com livelife.cometeleven.com www.livelife.cometeleven.com tcubeshop.11vms.com www.tcubeshop.11vms.com www.tcubeshop.com tcubeshop.com www.gangawspecial.11vms.com gangawspecial.11vms.com happyhour.11vms.com www.happyhour.11vms.com www.happyhour.com.mm happyhour.com.mm www.gmm.11vms.com gmm.11vms.com gmm.com.mm www.gmm.com.mm mingalarwholesale.com zware.cometeleven.com www.zware.cometeleven.com www.maungmal.11vms.com maungmal.11vms.com www.kozaycarrental.11vms.com cpcontacts.kozaycarrental.com cpcalendars.kozaycarrental.com kozaycarrental.11vms.com omi.11vms.com www.fairwaymyanmar.com cpcontacts.splmyanmar.com splmyanmar.com cpcalendars.splmyanmar.com fairwaymyanmar.com zayatshop.cometeleven.com www.zayatshop.cometeleven.com spl.shweluck.com www.spl.shweluck.com fairway.shweluck.com www.fairway.shweluck.com cpcalendars.sweetchild.com.mm sweetchild.com.mm www.sweetchild.11vms.com sweetchild.11vms.com cpcontacts.sweetchild.com.mm technolife.com.mm cpcalendars.technolife.com.mm www.technolife.11vms.com technolife.11vms.com cpcontacts.technolife.com.mm www.gangawspecial.com cpcontacts.seingayhar.com cpcalendars.seingayhar.com cpcontacts.cometeleven.com cpcalendars.cometeleven.com psamm.cometeleven.com www.psamm.cometeleven.com www.psamm.com zayhub.11vms.com www.zayhub.11vms.com cpcalendars.maungmal.com kozaycarrental.com maungmal.com www.mba.shweluck.com mba.shweluck.com cpcalendars.goldenhourentmt.com cpcontacts.goldenhourentmt.com goldenhourentmt.com royalpeacedeco.com cpcalendars.royalpeacedeco.com cpcontacts.royalpeacedeco.com zayforyou.11vms.com www.zayforyou.11vms.com zayforyou.com cpcontacts.zayforyou.com cpcalendars.zayforyou.com www.sgh.shweluck.com sgh.shweluck.com community.cometeleven.com www.community.cometeleven.com cpcalendars.dagonamt.com cpcontacts.dagonamt.com dagonamt.com cpcontacts.businessdoctors.com.mm cpcalendars.businessdoctors.com.mm cpcalendars.royalpeacemyanmar.com www.royalpeacemyanmar.11vms.com royalpeacemyanmar.11vms.com cpcontacts.royalpeacemyanmar.com kyawlogistics.com cpcontacts.kyawlogistics.com cpcalendars.kyawlogistics.com cpcalendars.3eaglesdiamond.com cpcontacts.3eaglesdiamond.com 3eaglesdiamond.com royalpeacemyanmar.com tv.cometeleven.com www.tv.cometeleven.com www.shop.zayat.com.mm shop.zayat.com.mm zayat.com.mm cpcontacts.zayat.com.mm cpcalendars.zayat.com.mm www.zayat.11vms.com zayat.11vms.com royalpeace.cometeleven.com www.royalpeace.cometeleven.com cpcalendars.awra.com.mm cpcontacts.awra.com.mm cpcalendars.nayhtoonaing.com cpcontacts.nayhtoonaing.com nayhtoonaing.com cpcontacts.11vms.com cpcalendars.11vms.com www.iom.cometeleven.com iom.cometeleven.com www.restaurant.cometeleven.com restaurant.cometeleven.com www.zayat.cometeleven.com zayat.cometeleven.com shop.11vms.com www.shop.11vms.com honest.11vms.com www.honest.11vms.com toph.11vms.com www.toph.11vms.com goldenst.11vms.com www.goldenst.11vms.com ns1.cometeleven.com ns2.cometeleven.com 11vms.com awra.com.mm gangawspecial.com www.cometeleven.com cometeleven.com businessdoctors.com.mm www.businessdoctors.com.mm shweluck.com seingayhar.com psamm.com www.shweluck.com

Open Ports Detected

110 111 143 2082 2083 2086 2087 21 443 444 465 4949 53 587 80 81 993 995

Map

Whois Information

  • NetRange: 157.245.0.0 - 157.245.255.255
  • CIDR: 157.245.0.0/16
  • NetName: DIGITALOCEAN-157-245-0-0
  • NetHandle: NET-157-245-0-0-1
  • Parent: NET157 (NET-157-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS14061
  • Organization: DigitalOcean, LLC (DO-13)
  • RegDate: 2019-05-09
  • Updated: 2020-04-03
  • Comment: Routing and Peering Policy can be found at https://www.as14061.net
  • Comment:
  • Ref: https://rdap.arin.net/registry/ip/157.245.0.0
  • OrgName: DigitalOcean, LLC
  • OrgId: DO-13
  • Address: 101 Ave of the Americas
  • Address: FL2
  • City: New York
  • StateProv: NY
  • PostalCode: 10013
  • Country: US
  • RegDate: 2012-05-14
  • Updated: 2023-10-23
  • Ref: https://rdap.arin.net/registry/entity/DO-13
  • OrgAbuseHandle: ABUSE5232-ARIN
  • OrgAbuseName: Abuse, DigitalOcean
  • OrgAbusePhone: +1-347-875-6044
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5232-ARIN
  • OrgNOCHandle: NOC32014-ARIN
  • OrgNOCName: Network Operations Center
  • OrgNOCPhone: +1-347-875-6044
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
  • OrgTechHandle: NOC32014-ARIN
  • OrgTechName: Network Operations Center
  • OrgTechPhone: +1-347-875-6044
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

** ** forum-spam-ip-list-2022-04-06 **