161.189.224.152 Threat Intelligence and Host Information

Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 161.189.224.152 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

  • Country: China
  • Network: AS135629 ningxia west cloud data technology co.ltd.
  • Noticed: 1 times
  • Protocols Attacked: Anonymous Proxy
  • Passive DNS Results: git.huwatech.club

Open Ports Detected

10001 10554 110 11112 1153 129 13 13579 161 179 2067 2083 23 30003 3059 3075 3083 3299 35000 3689 3790 4040 4042 4242 44158 4430 4433 491 4949 5000 50000 5006 50070 5938 6001 6653 7022 7443 789 8051 8054 8060 8081 8085 8089 8092 8099 8139 82 8200 84 8443 8448 8545 9004 9136 9160 9306 9943

CVEs Detected

CVE-2012-6708 CVE-2015-8398 CVE-2015-8399 CVE-2015-9251 CVE-2016-4317 CVE-2016-6283 CVE-2017-16856 CVE-2017-18083 CVE-2017-18084 CVE-2017-18085 CVE-2017-18086 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2017-9735 CVE-2018-12536 CVE-2018-12545 CVE-2018-13389 CVE-2019-10241 CVE-2019-10247 CVE-2019-11358 CVE-2019-15005 CVE-2019-17632 CVE-2019-20406 CVE-2019-3394 CVE-2019-3395 CVE-2019-3396 CVE-2019-3398 CVE-2020-11022 CVE-2020-11023 CVE-2020-27216 CVE-2020-27218 CVE-2020-27223 CVE-2020-4027 CVE-2020-7656 CVE-2021-28165 CVE-2021-28169 CVE-2021-34428 CVE-2022-2047 CVE-2022-2048 CVE-2023-26048 CVE-2023-26049 CVE-2023-36478 CVE-2023-36479 CVE-2023-40167 CVE-2023-41900 CVE-2023-44487

Map

Whois Information

  • NetRange: 161.189.0.0 - 161.189.255.255
  • CIDR: 161.189.0.0/16
  • NetName: APNIC
  • NetHandle: NET-161-189-0-0-1
  • Parent: NET161 (NET-161-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2018-06-28
  • Updated: 2018-06-28
  • Ref: https://rdap.arin.net/registry/ip/161.189.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: search-apnic-not-arin@apnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: search-apnic-not-arin@apnic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 161.189.0.0 - 161.189.255.255
  • netname: WESTCLOUDDATA
  • descr: Ningxia West Cloud Data Technology Co.Ltd.
  • descr: Room201, Building A, Zhongguancun Yuan, Zhongwei Xiaoqu,
  • descr: Ningxia University, Shapotou District, Zhongwei, Ningxia
  • country: CN
  • admin-c: YW7304-AP
  • tech-c: YW7304-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-WESTCLOUDDATA-CN
  • last-modified: 2023-11-21T09:07:35Z
  • irt: IRT-WESTCLOUDDATA-CN
  • address: No. 55 West Road, 2 floor, Qingfeng Finance Bureau
  • address: Shapotou District, Zhongwei, Ningxia
  • e-mail: ec2-abuse-cn@amazonaws.cn
  • abuse-mailbox: ec2-abuse-cn@amazonaws.cn
  • admin-c: YW7304-AP
  • tech-c: YW7304-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2023-11-21T09:06:44Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: ipas@cnnic.cn
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: ipas@cnnic.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Li Quan
  • address: 20th Floor, Yidi Port, No. 20 Jiuxianqiao Road,
  • address: Chaoyang District, Beijing
  • country: CN
  • phone: +86-17310656633
  • e-mail: lqua@nwcdcloud.cn
  • nic-hdl: YW7304-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2023-11-21T09:04:11Z

Links to attack logs

anonymous-proxy-ip-list-2024-03-12 anonymous-proxy-ip-list-2024-03-11 anonymous-proxy-ip-list-2024-02-29 anonymous-proxy-ip-list-2024-02-28

Share on: