209.141.42.89 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: DNS, Malicious IP, Nextray, RDP, SSH, UPnP, abuse, awsau, awsbah, awsjap, blacklist, botnet, bruteforce, cyber security, dnsserver, fail2ban, fraud, ioc, ipqs, ipqualityscore, malicious, mirai, ntp, phishing, scan, scanners, tcp, telnet, udp, vultr, web attack

  • View other sources: Spamhaus VirusTotal

  • Country: United States of America
  • Network: AS53667 frantech solutions
  • Noticed: 44 times
  • Protcols Attacked: ntp telnet
  • Countries Attacked: Australia, Bahrain, Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: 02.yidingchuan01.xyz tfudsn.top amazon.co.jp.sphnot.tfudsn.top amazon.co.jpinfots7.tfudsn.xyz tfudsn.xyz amazon.co.jp.tyshna.tfudsno.top tfudsno.top tfudsno.xyz amazon.co.jpfits.tfudsno.xyz amazon.co.jpsvipa.vyeiuli.cn vyeiuli.cn amazon.co.jp.vipfita.tqeizgw.cn tqeizgw.cn nmposfx.cn amazon.co.jp.vipfis7.nmposfx.cn amazon.co.jpvipst.yfuakvh.cn yfuakvh.cn amazon.co.jpvipta.kpmwetb.cn kpmwetb.cn amazon.co.jp.rtuse.yweios.cn amazon.co.jp.kstf.r9lbwu.cn aonsfou.xyz aonsfts.top amazon.co.jp.fisut.vvxphe.cn vvxphe.cn ivngyf.cn amazon.co.jp.tuste.ivngyf.cn amazon.co.jp.txs7.kpihkls.cn amazon.co.jp.btkes.aonsfts.top amazon.co.jp.fgts.aonsfts.buzz aonsfts.buzz aonsfou.top amazon.co.jp.zout7.aonsfou.top amazon.co.jp.r7ste.nyjozg.cn nyjozg.cn amazon.co.jp.fis7t.zkjriis.cn zkjriis.cn amazon.slts.qhqt.shop amazon.txsf.nikeok.shop zmazon.fi7s.jhnb.shop jhnb.shop qgfe.shop amazon.co.hfot.qgfe.shop qhqt.shop amazon.co.jp.slts.qhqt.shop luobenqiubufeng.tech da1.nodes.network webhosting.vexer.pro ftp.webhosting.vexer.pro www.webhosting.vexer.pro pop.webhosting.vexer.pro smtp.webhosting.vexer.pro steamdb.store repoexplorer.com smtp.repoexplorer.com admin.repoexplorer.com www.repoexplorer.com pop.repoexplorer.com ftp.repoexplorer.com www.admin.repoexplorer.com ns1.nodes.network ns2.nodes.network vpn.vexer.pro www.vpn.vexer.pro ftp.ihubapp.fun www.repoexplorer.ihubapp.fun www.ihubapp.fun pop.ihubapp.fun app.ihubapp.fun ihubapp.fun smtp.ihubapp.fun www.u0.ihubapp.fun www.app.ihubapp.fun repoexplorer.ihubapp.fun u0.ihubapp.fun www.vexer.pro vexer.pro ftp.icrazeios.com repo.icrazeios.com www.xinstaller.icrazeios.com www.icrazeios.com pop.icrazeios.com smtp.icrazeios.com icrazeios.com www.repo.icrazeios.com xinstaller.icrazeios.com

Open Ports Detected

179 22

Map

Whois Information

  • NetRange: 209.141.32.0 - 209.141.63.255
  • CIDR: 209.141.32.0/19
  • NetName: PONYNET-04
  • NetHandle: NET-209-141-32-0-1
  • Parent: NET209 (NET-209-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS53667
  • Organization: FranTech Solutions (SYNDI-5)
  • RegDate: 2011-01-27
  • Updated: 2012-03-25
  • Ref: https://rdap.arin.net/registry/ip/209.141.32.0
  • OrgName: FranTech Solutions
  • OrgId: SYNDI-5
  • Address: 1621 Central Ave
  • City: Cheyenne
  • StateProv: WY
  • PostalCode: 82001
  • Country: US
  • RegDate: 2010-07-21
  • Updated: 2017-01-28
  • Ref: https://rdap.arin.net/registry/entity/SYNDI-5
  • OrgAbuseHandle: FDI19-ARIN
  • OrgAbuseName: Dias, Francisco
  • OrgAbusePhone: +1-778-977-8246
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
  • OrgTechHandle: FDI19-ARIN
  • OrgTechName: Dias, Francisco
  • OrgTechPhone: +1-778-977-8246
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

awsbah-ntp-bruteforce-ip-list-2021-11-22 awsau-ntp-bruteforce-ip-list-2021-11-27 ntp-bruteforce-ip-list-2021-12-13 ntp-bruteforce-ip-list-2021-11-27 awsbah-ntp-bruteforce-ip-list-2021-11-19 awsbah-ntp-bruteforce-ip-list-2021-11-21 awsjap-ntp-bruteforce-ip-list-2021-12-22 awsau-ntp-bruteforce-ip-list-2021-11-22 awsbah-ntp-bruteforce-ip-list-2021-11-17 awsau-ntp-bruteforce-ip-list-2021-11-19 awsbah-ntp-bruteforce-ip-list-2021-12-13 ntp-bruteforce-ip-list-2021-12-22 awsbah-ntp-bruteforce-ip-list-2021-12-31 ntp-bruteforce-ip-list-2021-12-31 awsau-ntp-bruteforce-ip-list-2021-11-25 awsau-ntp-bruteforce-ip-list-2021-11-17 awsbah-ntp-bruteforce-ip-list-2021-11-27 awsbah-ntp-bruteforce-ip-list-2021-11-25 vultrparis-telnet-bruteforce-ip-list-2021-12-01 awsau-ntp-bruteforce-ip-list-2021-12-13 awsau-ntp-bruteforce-ip-list-2021-12-31 awsjap-ntp-bruteforce-ip-list-2021-12-31 awsau-ntp-bruteforce-ip-list-2021-11-21 awsau-ntp-bruteforce-ip-list-2021-12-22