161.189.169.157 Threat Intelligence and Host Information

Share on:
Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 161.189.169.157 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS135629 ningxia west cloud data technology co.ltd.
  • Noticed: 1 times
  • Protocols Attacked: Anonymous Proxy

Open Ports Detected

10001 10134 1025 10250 1153 1400 143 16010 1604 1801 19 1911 20000 2003 2008 20547 2081 2087 22 2761 30003 3001 3068 3283 3299 3950 427 4430 4848 4949 5001 5005 5150 548 5596 5632 6653 6664 7415 7548 8001 8009 8021 8112 8140 8420 8637 8857 8865 8990 902 9302 9418

CVEs Detected

CVE-2005-2798 CVE-2006-0225 CVE-2006-4924 CVE-2006-5051 CVE-2006-5052 CVE-2006-5794 CVE-2007-2243 CVE-2007-2768 CVE-2007-4752 CVE-2008-3259 CVE-2008-3844 CVE-2008-4109 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2012-6708 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-8398 CVE-2015-8399 CVE-2015-9251 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-4317 CVE-2016-6283 CVE-2017-15906 CVE-2017-16856 CVE-2017-18083 CVE-2017-18084 CVE-2017-18085 CVE-2017-18086 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2017-9735 CVE-2018-13389 CVE-2018-15473 CVE-2018-20685 CVE-2019-10247 CVE-2019-11358 CVE-2019-15005 CVE-2019-20406 CVE-2019-3394 CVE-2019-3395 CVE-2019-3396 CVE-2019-3398 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-11022 CVE-2020-11023 CVE-2020-15778 CVE-2020-27216 CVE-2020-4027 CVE-2020-7656 CVE-2021-28165 CVE-2021-28169 CVE-2021-34428 CVE-2021-36368 CVE-2022-2047 CVE-2022-2048 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

  • NetRange: 161.189.0.0 - 161.189.255.255
  • CIDR: 161.189.0.0/16
  • NetName: APNIC
  • NetHandle: NET-161-189-0-0-1
  • Parent: NET161 (NET-161-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2018-06-28
  • Updated: 2018-06-28
  • Ref: https://rdap.arin.net/registry/ip/161.189.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 161.189.0.0 - 161.189.255.255
  • netname: WESTCLOUDDATA
  • descr: Ningxia West Cloud Data Technology Co.Ltd.
  • descr: Room201, Building A, Zhongguancun Yuan, Zhongwei Xiaoqu,
  • descr: Ningxia University, Shapotou District, Zhongwei, Ningxia
  • country: CN
  • admin-c: YW7304-AP
  • tech-c: YW7304-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-WESTCLOUDDATA-CN
  • last-modified: 2023-11-21T09:07:35Z
  • irt: IRT-WESTCLOUDDATA-CN
  • address: No. 55 West Road, 2 floor, Qingfeng Finance Bureau
  • address: Shapotou District, Zhongwei, Ningxia
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: YW7304-AP
  • tech-c: YW7304-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2023-11-21T09:06:44Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Li Quan
  • address: 20th Floor, Yidi Port, No. 20 Jiuxianqiao Road,
  • address: Chaoyang District, Beijing
  • country: CN
  • phone: +86-17310656633
  • e-mail: [email protected]
  • nic-hdl: YW7304-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2023-11-21T09:04:11Z

Links to attack logs

anonymous-proxy-ip-list-2024-03-06 anonymous-proxy-ip-list-2024-03-04 anonymous-proxy-ip-list-2024-03-03 anonymous-proxy-ip-list-2024-02-29 anonymous-proxy-ip-list-2024-03-07