45.61.186.22 Threat Intelligence and Host Information

Share on:
Mar 31, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 70/100

Host and Network Information

  • Tags: C&C, Malicious IP, Nextray, UPnP, aws, awsau, awsbah, awsjap, blacklist, botnet, cyber security, fail2ban, ioc, malicious, mirai, ntp, phishing, scan, scanners, udp
  • Known tor exit node
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: stopforumspam, stopforumspam_180d, stopforumspam_365d, stopforumspam_90d, tor_exits_30d

  • Known TOR node
  • Country: United States of America
  • Network: AS53667 frantech solutions
  • Noticed: 18 times
  • Protcols Attacked: ntp
  • Countries Attacked: Australia, Bahrain, Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 13 9e341fe16f8ab0071ceeb1f79597e6e2d8286b200ebb88e52b5ebb807acf7137 abc1f67ce93f7c13941dc57f108c41020e459b18a03c0893579384dd4c0686e3 b4b4c54d15b5083bc51303aa6cb73fff908132571b7a8a8fbc91d487dbc18709 60e548b23416e0209619c4a3b5110c68e11f218c8d11441b40fa00fe120474b3 75765b28dcd38762b3fea473d6af75c82379beeca1d86145b972653c33046c28 2ca12e3d464ce0236d452ed4d52b9a09f42ff4ee3a71afaa5dedd0b77580eb16 6e1a3eb223844c4b5af2c63f66925f43d704bcb4d95cea0565cc5a1229d307a0 9042cb7a4c6f235cf35d96e624d095ed3a6ac399675c0874fd3d175bb0c9f389 e956ea16e325f3a7ca04b5e297aceb69d7dd8846bdf4518dd5a4e0ca65ad3787 7d6984b616a1b467b4fadeaf0d55fe791a748c4b5764e03cb4bd792fb214e6fb

Map

Whois Information

  • NetRange: 45.61.128.0 - 45.61.191.255
  • CIDR: 45.61.128.0/18
  • NetName: PONYNET-15
  • NetHandle: NET-45-61-128-0-1
  • Parent: NET45 (NET-45-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS53667
  • Organization: FranTech Solutions (SYNDI-5)
  • RegDate: 2015-01-02
  • Updated: 2015-01-02
  • Ref: https://rdap.arin.net/registry/ip/45.61.128.0
  • OrgName: FranTech Solutions
  • OrgId: SYNDI-5
  • Address: 1621 Central Ave
  • City: Cheyenne
  • StateProv: WY
  • PostalCode: 82001
  • Country: US
  • RegDate: 2010-07-21
  • Updated: 2017-01-28
  • Ref: https://rdap.arin.net/registry/entity/SYNDI-5
  • OrgTechHandle: FDI19-ARIN
  • OrgTechName: Dias, Francisco
  • OrgTechPhone: +1-778-977-8246
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
  • OrgAbuseHandle: FDI19-ARIN
  • OrgAbuseName: Dias, Francisco
  • OrgAbusePhone: +1-778-977-8246
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

awsbah-ntp-bruteforce-ip-list-2021-06-23 awsjap-ntp-bruteforce-ip-list-2021-06-24 awsjap-ntp-bruteforce-ip-list-2021-06-25 awsjap-ntp-bruteforce-ip-list-2021-06-27 awsau-ntp-bruteforce-ip-list-2021-06-26 awsau-ntp-bruteforce-ip-list-2021-06-27 awsau-ntp-bruteforce-ip-list-2021-06-24 aws-ntp-bruteforce-ip-list-2021-06-24 aws-ntp-bruteforce-ip-list-2021-06-25 aws-ntp-bruteforce-ip-list-2021-06-27 awsbah-ntp-bruteforce-ip-list-2021-06-24 awsjap-ntp-bruteforce-ip-list-2021-06-26 awsau-ntp-bruteforce-ip-list-2021-06-25