156.225.72.84 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 156.225.72.84 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: vn1gwu66.icu drrowwbz.icu w6xfl2fl.icu uux5ybva.icu zsp3snue.icu dofp3a78.icu g91gt2bf.icu el0oyj7c.icu ujspv1ys.icu 6l7cx1h2.icu ciqqddx6.icu udq0oqln.icu 4h4p5ztu.icu twk557ci.icu 5pjrz8fy.icu qmci96h5.icu hj1i480p.icu ueus7ij7.icu e3e90jr2.icu yaozll56.icu fu3p7944.icu z9a38kak.icu bpk6cnew.icu gzb79pem.icu tlvspubp.icu 78hzloy8.icu yjeloi83.icu 2rtterzx.icu ireronwy.icu rci5xc19.icu 1dfv7f8z.icu www.xkqswsa5.icu xkqswsa5.icu www.hylcjofk.icu hylcjofk.icu xg04886.vip

Malware Detected on Host

Count: 3 7fb44ce174f0446e9b39c39652218dfeb222943a03c5d23448217882e9fb1d0f 7e18c2134e9e5b1ac50003744779da9b9c1fd99c7534b26863c62bdce51c901c d701296ef87443d28c9d1d7da1160c13b46c041fb5c3712eaa60aed5a1c575a7

Open Ports Detected

2082 2083 2086 2087 2095 443 80 8080 8443 8880

Map

Whois Information

• NetRange: 156.225.0.0 - 156.225.255.255
• CIDR: 156.225.0.0/16
• NetName: AFRINIC-ERX-156-225-0-0
• NetHandle: NET-156-225-0-0-1
• Parent: NET156 (NET-156-0-0-0-0)
• NetType: Transferred to AfriNIC
• OriginAS:
• Organization: African Network Information Center (AFRINIC)
• RegDate: 2010-11-03
• Updated: 2010-11-17
• Comment: This IP address range is under AFRINIC responsibility.
• Comment: Please see http://www.afrinic.net/ for further details,
• Ref: https://rdap.arin.net/registry/ip/156.225.0.0
• OrgName: African Network Information Center
• OrgId: AFRINIC
• Address: Level 11ABC
• Address: Raffles Tower
• Address: Lot 19, Cybercity
• City: Ebene
• StateProv:
• PostalCode:
• Country: MU
• RegDate: 2004-05-17
• Updated: 2015-05-04
• Comment: AfriNIC - http://www.afrinic.net
• Comment: The African & Indian Ocean Internet Registry
• Ref: https://rdap.arin.net/registry/entity/AFRINIC
• OrgAbuseHandle: GENER11-ARIN
• OrgAbuseName: Generic POC
• OrgAbusePhone: +230 4666616
• OrgAbuseEmail: abusepoc@afrinic.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
• OrgTechHandle: GENER11-ARIN
• OrgTechName: Generic POC
• OrgTechPhone: +230 4666616
• OrgTechEmail: abusepoc@afrinic.net
• OrgTechRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
• inetnum: 156.225.72.0 - 156.225.72.255
• netname: GS_TECHNOLOGIES_LIMITED
• descr: GS TECHNOLOGIES LIMITED
• country: US
• admin-c: CIS1-AFRINIC
• tech-c: CIS1-AFRINIC
• status: ASSIGNED PA
• mnt-by: CIL1-MNT
• mnt-by: LARUS-SERVICE-MNT
• parent: 156.224.0.0 - 156.255.255.255
• person: Cloud Innovation Support
• address: Ebene
• address: MU
• address: Mahe
• address: Seychelles
• phone: tel:+248-4-610-795
• nic-hdl: CIS1-AFRINIC
• abuse-mailbox: abuse@cloudinnovation.org
• mnt-by: CIL1-MNT
• route: 156.225.72.0/24
• descr: GS TECHNOLOGIES LIMITED
• origin: AS209242
• mnt-by: LARUS-SERVICE-MNT

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-06-24