156.244.11.6 Threat Intelligence and Host Information

Mar 14, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 156.244.11.6 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 19/100

Host and Network Information

  • Country: Seychelles
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: Anonymous Proxy
  • Passive DNS Results: icoyg.com 6080mac.com cqzjz.com

Malware Detected on Host

Count: 2 5b1e382f6766650baedc1535e984986e96798e7e8476699d0d55519b192f663d 6d5303c861f8821c02e4c60940be88b8336c9dd17f8b84c8402990a6c49fd22e

Open Ports Detected

10000 10001 10003 10006 10009 1023 1024 1025 10250 1026 1029 104 10443 1080 1099 11 110 11000 1111 11211 113 11300 119 12000 12286 1234 12345 12382 1250 13 1311 1337 135 13579 1400 14147 14265 1433 1443 15 1521 16010 16072 16992 16993 17 17000 1723 179 18080 18081 18245 1883 19 1911 1935 20000 2001 2002 2053 20547 2067 2082 2086 2087 2096 21 21025 2107 2121 2181 22 222 2222 22222 2223 23 23023 2323 2332 23424 2375 2376 2404 2480 25 25105 25565 26 264 27017 28015 28017 3000 30006 3001 30010 3050 31022 311 3121 3128 3132 3180 32400 32764 33060 3388 3389 3479 3541 3542 3551 3558 36622 3689 37 37215 3749 37777 3780 3790 38080 38520 389 4000 40022 4022 4040 4063 40722 427 4321 4369 44122 443 444 4443 445 447 448 44818 4506 4782 4786 4840 4848 4899 4911 49152 49153 4949 49501 5000 50000 5001 5002 5005 50050 5006 5007 50070 5009 5010 50100 50996 50997 51106 51200 51235 5190 5222 5269 52869 5357 541 5431 5432 5433 548 554 55443 5555 55553 5560 5601 5607 5800 5801 5900 5901 59022 5903 59222 5938 5985 5986 6000 60001 6001 60010 6002 6003 6008 61613 62078 631 636 6379 6443 666 6664 6666 6667 70 7001 7002 7005 7071 7171 7401 7443 7474 7547 7548 7657 771 7777 7778 7779 7788 7878 789 79 80 8000 8001 8002 8003 8008 8009 8010 8014 8021 8028 8031 8032 8036 8046 805 8060 8069 8070 8071 8077 8080 8081 8083 8085 8086 8087 8090 8098 81 8104 8112 8118 8123 8139 8140 82 8200 8222 83 8333 8334 84 8443 8444 8500 8545 8554 86 8649 8728 873 8800 8808 8834 8880 8883 8887 8888 89 8989 90 9000 9001 9002 9003 9009 9010 902 9020 9042 9080 9090 9091 9095 9096 9099 9100 9131 9160 9191 9200 9295 9300 9306 9530 9595 98 9899 990 993 994 9943 9944 995 9981 9990 9998 9999

CVEs Detected

CVE-2002-1717 CVE-2002-1718 CVE-2005-2089 CVE-2005-4360 CVE-2006-6578 CVE-2008-1446 CVE-2009-1390 CVE-2009-1535 CVE-2009-2521 CVE-2009-3765 CVE-2009-3766 CVE-2009-3767 CVE-2009-4444 CVE-2009-4445 CVE-2009-5045 CVE-2009-5046 CVE-2011-4963 CVE-2013-0337 CVE-2013-4547 CVE-2014-3616 CVE-2014-4078 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-4000 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 CVE-2016-0705 CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-1247 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2842 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7056 CVE-2017-20005 CVE-2017-3735 CVE-2017-7269 CVE-2017-7529 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2017-9735 CVE-2018-12536 CVE-2018-16845 CVE-2018-18441 CVE-2019-10241 CVE-2019-10247 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2020-27216 CVE-2020-27218 CVE-2020-27223 CVE-2020-7041 CVE-2020-7042 CVE-2020-7043 CVE-2021-23017 CVE-2021-28163 CVE-2021-28165 CVE-2021-28169 CVE-2021-34428 CVE-2021-3618 CVE-2021-4044 CVE-2022-2047 CVE-2022-2048 CVE-2023-26048 CVE-2023-26049 CVE-2023-36478 CVE-2023-36479 CVE-2023-40167 CVE-2023-41900 CVE-2023-44487 CVE-2024-10005 CVE-2024-10006 CVE-2024-22201 CVE-2024-6763 CVE-2024-8184

Map

Whois Information

  • NetRange: 156.244.0.0 - 156.244.255.255
  • CIDR: 156.244.0.0/16
  • NetName: AFRINIC-ERX-156-244-0-0
  • NetHandle: NET-156-244-0-0-1
  • Parent: NET156 (NET-156-0-0-0-0)
  • NetType: Transferred to AfriNIC
  • OriginAS:
  • Organization: African Network Information Center (AFRINIC)
  • RegDate: 2010-11-03
  • Updated: 2010-11-17
  • Comment: This IP address range is under AFRINIC responsibility.
  • Comment: Please see http://www.afrinic.net/ for further details,
  • Ref: https://rdap.arin.net/registry/ip/156.244.0.0
  • OrgName: African Network Information Center
  • OrgId: AFRINIC
  • Address: Level 11ABC
  • Address: Raffles Tower
  • Address: Lot 19, Cybercity
  • City: Ebene
  • StateProv:
  • PostalCode:
  • Country: MU
  • RegDate: 2004-05-17
  • Updated: 2015-05-04
  • Comment: AfriNIC - http://www.afrinic.net
  • Comment: The African & Indian Ocean Internet Registry
  • Ref: https://rdap.arin.net/registry/entity/AFRINIC
  • OrgTechHandle: GENER11-ARIN
  • OrgTechName: Generic POC
  • OrgTechPhone: +230 4666616
  • OrgTechEmail: abusepoc@afrinic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
  • OrgAbuseHandle: GENER11-ARIN
  • OrgAbuseName: Generic POC
  • OrgAbusePhone: +230 4666616
  • OrgAbuseEmail: abusepoc@afrinic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
  • inetnum: 156.244.11.0 - 156.244.11.255
  • netname: Lightnode_Limited
  • descr: Lightnode Limited
  • country: SA
  • admin-c: CIS1-AFRINIC
  • tech-c: CIS1-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: CIL1-MNT
  • mnt-by: LARUS-SERVICE-MNT
  • parent: 156.224.0.0 - 156.255.255.255
  • person: Cloud Innovation Support
  • address: Ebene
  • address: MU
  • address: Mahe
  • address: Seychelles
  • phone: tel:+248-4-610-795
  • nic-hdl: CIS1-AFRINIC
  • abuse-mailbox: abuse@cloudinnovation.org
  • mnt-by: CIL1-MNT
  • route: 156.244.11.0/24
  • descr: Lightnode Limited
  • origin: AS138915
  • mnt-by: LARUS-SERVICE-MNT

Links to attack logs

anonymous-proxy-ip-list-2025-03-13 anonymous-proxy-ip-list-2025-03-10 anonymous-proxy-ip-list-2025-03-02 anonymous-proxy-ip-list-2025-03-11

Share on: