3.66.170.230 Threat Intelligence and Host Information

Share on:
May 22, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 3.66.170.230 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country: Germany
  • Network:
  • Noticed: times
  • Protcols Attacked: Anonymous Proxy

Malware Detected on Host

Count:

Open Ports Detected

10000 10134 10243 10250 10554 11000 11112 11210 11211 11300 11371 12000 1337 13579 14147 14265 16010 16993 17000 18081 18245 19000 19071 20000 3128 3129 3200 3211 3260 3268 3269 3270 3299 3301 3306 3307 3311 3337 3352 3388 3389 3400 3404 3406 3408 3409 3503 3523 3541 3549 3550 3551 3554 3555 3556 3557 3559 3560 3561 3562 3563 3566 3567 3568 3689 3780 3910 3922 3951 3952 3953 4000 4001 4002 4010 4022 4040 4042 4043 4063 4064 4190 4242 4282 4321 4369 4433 4443 4444 4482 4500 4505 4506 4523 4567 4643 4664 4747 4782 4840 4899 4911 4949 4999 5000 5001 5002 5006 5007 5009 5025 5050 5070 5080 5090 5122 5172 5190 5201 5222 5269 5280 5357 5431 5432 5435 5494 5500 5542 5555 5560 5568 5590 5591 5592 5593 5595 5600 5601 5603 5605 5607 5608 5672 5800 5801 5853 5858 5900 5901 5909 5910 5938 5984 5985 5986 6000 6001 6002 6004 6005 6008 6036 6080 6102 6262 6264 6308 6379 6510 6511 6543 6550 6603 6622 6633 6653 6662 6664 6666 6667 6668 6697 6789 6887 6998 7000 7001 7004 7005 7010 7014 7071 7080 7170 7171 7218 7401 7415 7433 7443 7465 7474 7500 7510 7535 7547 7657 7776 7777 7779 7788 7979 7999 80 8000 8001 8002 8007 8008 8009 8010 8011 8013 8015 8022 8023 8024 8025 8026 8029 8031 8032 8039 8040 8041 8044 8046 8047 8050 8051 8055 8056 8060 8066 8069 8071 8072 8081 8085 8086 8087 8088 8090 8092 8094 8096 8097 8098 8099 8102 8103 8105 8106 8107 8108 8111 8112 8118 8139 8140 8159 8181 8182 8184 8190 8200 8222 8236 8239 8241 8243 8249 8252 8333 8401 8402 8403 8405 8407 8408 8410 8411 8413 8414 8415 8416 8420 8421 8424 8427 8430 8433 8443 8445 8447 8500 8513 8545 8553 8554 8575 8602 8621 8637 8649 8663 8666 8765 8782 8787 8791 8800 8801 8805 8807 8808 8810 8811 8813 8814 8816 8818 8819 8820 8821 8822 8824 8829 8834 8836 8840 8843 8848 8849 8853 8854 8855 8857 8861 8863 8868 8869 8873 8875 8876 8879 8880 8888 8889 8891 8935 8969 8990 8991 9000 9001 9002 9004 9005 9006 9007 9010 9011 9012 9013 9015 9017 9018 9020 9021 9022 9023 9024 9025 9028 9030 9031 9032 9034 9036 9041 9042 9043 9045 9048 9049 9051 9070 9080 9082 9089 9090 9091 9092 9093 9099 9100 9102 9103 9107 9108 9119 9151 9160 9191 9200 9201 9202 9203 9204 9205 9206 9209 9212 9213 9214 9221 9222 9295 9301 9308 9310 9418 9443 9444 9530 9600 9663 9761 9800 9861 9869 9876 9899 9943 9944 9950 9966 9981 9988 9990 9991 9997 9998 9999

CVEs Detected

CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12522 CVE-2019-12523 CVE-2019-12524 CVE-2019-12525 CVE-2019-12526 CVE-2019-12527 CVE-2019-12528 CVE-2019-12529 CVE-2019-12854 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18860 CVE-2020-11945 CVE-2020-14058 CVE-2020-15049 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 CVE-2020-25097 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 CVE-2021-28116 CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 CVE-2021-46784 CVE-2022-41318

Map

Whois Information

  • NetRange: 3.0.0.0 - 3.127.255.255
  • CIDR: 3.0.0.0/9
  • NetName: AT-88-Z
  • NetHandle: NET-3-0-0-0-1
  • Parent: NET3 (NET-3-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Amazon Technologies Inc. (AT-88-Z)
  • RegDate: 2017-12-20
  • Updated: 2022-05-18
  • Ref: https://rdap.arin.net/registry/ip/3.0.0.0
  • OrgName: Amazon Technologies Inc.
  • OrgId: AT-88-Z
  • Address: 410 Terry Ave N.
  • City: Seattle
  • StateProv: WA
  • PostalCode: 98109
  • Country: US
  • RegDate: 2011-12-08
  • Updated: 2022-09-30
  • Comment: All abuse reports MUST include:
  • Comment: * src IP
  • Comment: * dest IP (your IP)
  • Comment: * dest port
  • Comment: * Accurate date/timestamp and timezone of activity
  • Comment: * Intensity/frequency (short log extracts)
  • Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
  • Ref: https://rdap.arin.net/registry/entity/AT-88-Z
  • OrgNOCHandle: AANO1-ARIN
  • OrgNOCName: Amazon AWS Network Operations
  • OrgNOCPhone: +1-206-555-0000
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
  • OrgTechHandle: ANO24-ARIN
  • OrgTechName: Amazon EC2 Network Operations
  • OrgTechPhone: +1-206-555-0000
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
  • OrgAbuseHandle: AEA8-ARIN
  • OrgAbuseName: Amazon EC2 Abuse
  • OrgAbusePhone: +1-206-555-0000
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
  • OrgRoutingHandle: IPROU3-ARIN
  • OrgRoutingName: IP Routing
  • OrgRoutingPhone: +1-206-555-0000
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
  • OrgRoutingHandle: ARMP-ARIN
  • OrgRoutingName: AWS RPKI Management POC
  • OrgRoutingPhone: +1-206-555-0000
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
  • NetRange: 3.64.0.0 - 3.79.255.255
  • CIDR: 3.64.0.0/12
  • NetName: AMAZON-FRA
  • NetHandle: NET-3-64-0-0-1
  • Parent: AT-88-Z (NET-3-0-0-0-1)
  • NetType: Reallocated
  • OriginAS: AS16509
  • Organization: A100 ROW GmbH (RG-123)
  • RegDate: 2020-10-22
  • Updated: 2020-10-22
  • Ref: https://rdap.arin.net/registry/ip/3.64.0.0
  • OrgName: A100 ROW GmbH
  • OrgId: RG-123
  • Address: Marcel-Breuer-Strasse 10
  • City: Munchen
  • StateProv:
  • PostalCode: 80807
  • Country: DE
  • RegDate: 2014-11-07
  • Updated: 2014-11-07
  • Ref: https://rdap.arin.net/registry/entity/RG-123
  • OrgAbuseHandle: AEA8-ARIN
  • OrgAbuseName: Amazon EC2 Abuse
  • OrgAbusePhone: +1-206-555-0000
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
  • OrgNOCHandle: AANO1-ARIN
  • OrgNOCName: Amazon AWS Network Operations
  • OrgNOCPhone: +1-206-555-0000
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
  • OrgTechHandle: ANO24-ARIN
  • OrgTechName: Amazon EC2 Network Operations
  • OrgTechPhone: +1-206-555-0000
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-05-20