45.61.187.18 Threat Intelligence and Host Information

Aug 08, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 45.61.187.18 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

View other sources: Spamhaus VirusTotal
Contained within other IP sets: haley_ssh

Country: United States
Network:
Noticed: times
Protocols Attacked: ssh
Passive DNS Results: archive.vn archive.li archive.today archive.ph archive.fo archive.is archive.md sowhereisxan.cf sowhereiskong.cf www.dwqe2h13bg124h2or28gfr298g1983g12qen.top ma1.ptbox.xyz usbuyvm.hivess.xyz

Malware Detected on Host

Count: 45 8896c2e67e9f0f7e2dc32dc69f1c4ee6527908d14e657666c00c0c98d16f3cd4 627fc2d98c50b900680aa8520b20d46753d3d64e212bc1fb7f2e854fb81c9b88 a3b4ba2f616d525a57cc8a4a8e86974b9dd390135461e011dbcc4af692aba6e6 0fa76abfc64d855de4db56be973117df08e7d266dd2739b34dd42278fcbb390a 8f6d7ba20e33f70e7da1dca3e16018f00e892d31416d5662ec57b8d8c141767d 2ab74d9382a936d0eb00c9ed790d9f80554d3a430f4c6f36e0900cbcea54c7fc 6d388a47c55b526a820882b585f2b22ec7f6b69da4105ebac452bf80f74d0599 d952241d8f12d762d40597ca7df9697011e6368a5689b2d1f820bcadb7fc792d 587ac43ddb62bba1f031831a9b927021d6797b8a5555166d55b03ab8359f9b3e 55c8c2f97a34567c606d51c2eec1f95ab1ae3a0c8b8f835ab61e5e7c8ec11086

Open Ports Detected

Map

Whois Information

NetRange: 45.61.128.0 - 45.61.191.255
CIDR: 45.61.128.0/18
NetName: PONYNET-15
NetHandle: NET-45-61-128-0-1
Parent: NET45 (NET-45-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: FranTech Solutions (SYNDI-5)
RegDate: 2015-01-02
Updated: 2015-01-02
Ref: https://rdap.arin.net/registry/ip/45.61.128.0
OrgName: FranTech Solutions
OrgId: SYNDI-5
Address: 1621 Central Ave
City: Cheyenne
StateProv: WY
PostalCode: 82001
Country: US
RegDate: 2010-07-21
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/SYNDI-5
OrgTechHandle: FDI19-ARIN
OrgTechName: Dias, Francisco
OrgTechPhone: +1-778-977-8246
OrgTechEmail: fdias@frantech.ca
OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
OrgAbuseHandle: FDI19-ARIN
OrgAbuseName: Dias, Francisco
OrgAbusePhone: +1-778-977-8246
OrgAbuseEmail: fdias@frantech.ca
OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN

Links to attack logs

****** nmap-scanning-list-2022-02-21 awsau-ssh-bruteforce-ip-list-2021-08-25 ****** awsau-ssh-bruteforce-ip-list-2021-08-28 awsau-ssh-bruteforce-ip-list-2021-08-29 awsau-ssh-bruteforce-ip-list-2021-09-04 ****** awsau-ssh-bruteforce-ip-list-2021-08-30

Share on: