157.148.54.155 Threat Intelligence and Host Information

May 14, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 157.148.54.155 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: malware, spearfishing, spyware, virustotal

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network:
  • Noticed: 5 times
  • Protocols Attacked: SSH

Malware Detected on Host

Count: 14 55ca02b218e3e48f777eab203753ebc30f559adb1fe42482827d4721cb2b6e8f 6fc6a1d7cae0c39efd2b5adf11860b93dca44216e51f8a464ca436d6d73533c6 cb4d272f9233599e226d283a903551f50bdcdc7386dca4fd78f26e5dd9d9d3a5 b49e56b5af26938303ae8b1d849ad0266494d5cfd7764aabedebbfe43193c099 91059d78edfc98370d881ed26194a3922dbd7646437479f9fafe2a65aede98c3 55cb3eae8a96ad4c5fce92768a3ecaeaba385d8cd040b1e7029de167e7848090 78a08d54ffb4badd54f018443503b6cce3708da85a743cc41649ba010ea6e436 2aa61b52d92f0a60f94e3b7df0f7926f2c1427ad61d00cc681faa3b3cf78b5ba 2f6d24d7c5bec84e11a2023a1a742942df206184d72bcff0b40b5755fa8952cb 8dfd897144cf74c1e660ceac70f6356ad9e8abc9a377d33afb66e9962702ee96

Map

Whois Information

  • NetRange: 157.148.0.0 - 157.148.255.255
  • CIDR: 157.148.0.0/16
  • NetName: APNIC-ERX-157-148-0-0
  • NetHandle: NET-157-148-0-0-1
  • Parent: NET157 (NET-157-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2010-11-03
  • Updated: 2010-11-17
  • Comment: This IP address range is not registered in the ARIN database.
  • Comment: This range was transferred to the APNIC Whois Database as
  • Comment: part of the ERX (Early Registration Transfer) project.
  • Comment: For details, refer to the APNIC Whois Database via
  • Comment:
  • Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
  • Comment: for the Asia Pacific region. APNIC does not operate networks
  • Comment: using this IP address range and is not able to investigate
  • Comment: spam or abuse reports relating to these addresses. For more
  • Ref: https://rdap.arin.net/registry/ip/157.148.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 157.148.0.0 - 157.148.255.255
  • netname: UNICOM-GD
  • descr: China Unicom Guangdong province network
  • descr: China Unicom
  • country: CN
  • admin-c: CH1302-AP
  • tech-c: RP181-AP
  • abuse-c: AC1718-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CNCGROUP-GD
  • mnt-routes: MAINT-CNCGROUP-RR
  • mnt-irt: IRT-CU-CN
  • last-modified: 2025-01-22T13:08:00Z
  • irt: IRT-CU-CN
  • address: No.21,Financial Street
  • address: Beijing,100033
  • address: P.R.China
  • e-mail: zhaoyz3@chinaunicom.cn
  • abuse-mailbox: zhaoyz3@chinaunicom.cn
  • admin-c: CH1302-AP
  • tech-c: CH1302-AP
  • mnt-by: MAINT-CNCGROUP
  • last-modified: 2025-02-24T06:16:57Z
  • role: ABUSE CUCN
  • country: ZZ
  • address: No.21,Financial Street
  • address: Beijing,100033
  • address: P.R.China
  • phone: +000000000
  • e-mail: zhaoyz3@chinaunicom.cn
  • admin-c: CH1302-AP
  • tech-c: CH1302-AP
  • nic-hdl: AC1718-AP
  • abuse-mailbox: zhaoyz3@chinaunicom.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-02-24T06:17:45Z
  • person: ChinaUnicom Hostmaster
  • nic-hdl: CH1302-AP
  • e-mail: hqs-ipabuse@chinaunicom.cn
  • address: No.21,Jin-Rong Street
  • address: Beijing,100033
  • address: P.R.China
  • phone: +86-10-66259764
  • fax-no: +86-10-66259764
  • country: CN
  • mnt-by: MAINT-CNCGROUP
  • last-modified: 2017-08-17T06:13:16Z
  • person: runkeng pan
  • nic-hdl: RP181-AP
  • e-mail: gdipnoc@chinaunicom.cn
  • address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China
  • phone: +86-20-22214174
  • fax-no: +86-20-22212266-4174
  • country: CN
  • mnt-by: MAINT-CNCGROUP-GD
  • last-modified: 2015-12-16T03:32:02Z
  • route: 157.148.54.0/24
  • origin: AS136958
  • descr: China Unicom
  • mnt-by: MAINT-CNCGROUP-RR
  • last-modified: 2023-06-08T07:35:46Z

Links to attack logs

****** ****** ******

Share on: