45.156.24.224
IP Intelligence Briefing: 45.156.24.224/32
Date: 2026-06-18
---
**1. General Information**
- Risk Score: Moderate (40/100)
- Provider: CloudBackbone NOC (AS174, ARIN)
- Geolocation:
- Primary: Fremont, CA, US (latitude 37.5483, longitude -121.9886)
- Conflicting Data: Recent observation flagged location as Russia (RU), 55.7386°N, 37.6068°E.
- Network Role: Firewalled infrastructure with no open services or TLS certificates.
---
**2. Threat & Abuse Indicators**
- Threat Activity: No active malicious indicators (no malware, phishing, or exploitation signals).
- BGP Analysis:
- AS Path: `3130 174` (AS56971, CloudBackbone NOC).
- Route Stability: 30-day route changes (2), flagged as unstable.
- RPKI: Not found, but DNSSEC validated.
- Neighbor Subnet:
- /24 Subnet: 45.156.24.0/24.
- Abuse Density: 1 (mostly clean, 0 high-risk neighbors).
---
**3. Historical Observations**
- Recent Activity (2026-06-18):
- Confirmed location in Russia (RU) with 95% confidence.
- Linked to 45 threat pulses (e.g., "malware distribution," "DDoS infrastructure").
- Route stability issues persist (2 changes in 30 days).
- Long-Term Trends:
- No persistent malicious behavior detected.
- Geolocation data inconsistent across sources.
---
**4. Relationships & Network Context**
- Network Affiliation:
- Same AS (AS174) and subnet (45.156.24.0/24).
- No direct connections to known malicious networks.
- DNS & Services:
- No PTR records, open ports, or TLS certificates.
- No email authentication (SPF/DKIM) or domain hosting.
---
**5. Recommendations**
- Monitor Geolocation Discrepancies: Investigate conflicting location data (US vs. Russia).
- Check Route Stability: Monitor BGP anomalies (AS3130/AS174 interactions).
- Network Segmentation: Ensure firewalled infrastructure is isolated from critical assets.
- Threat Feeds: Cross-reference with AlienVault OTX for Russia-based threat pulses.
Final Assessment: Moderate risk with no active threats, but anomalies in geolocation and BGP stability require further investigation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | mnt-ru-cloud4y-1 |
| ASN | AS174 |
| Network Name | RU-CLOUD4Y-20190919 |
| CIDR Block | 45.156.21.0/24 |
| RIR | ARIN |
| Country | RU |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 32% | 4 | 5 |
| services | 24% | 2 | 3 |
| ownership | 39% | 3 | 8 |
| reputation | 21% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 28% | 14 | 26 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:21 UTC |
| Last Seen | 2026-06-23 13:26:59 UTC |
| Profile Built | 2026-06-23 13:28:00 UTC |
| Data Freshness | Live |
| Signal Types | 32 |
| Total Observations | 38 |
Full dossier details are available via our API.