161.189.95.241 Threat Intelligence and Host Information

Share on:
Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 161.189.95.241 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS135629 ningxia west cloud data technology co.ltd.
  • Noticed: 1 times
  • Protocols Attacked: Anonymous Proxy

Open Ports Detected

1080 11434 1366 154 1604 2000 20000 2008 2053 2222 2375 3053 3060 3116 3299 3301 3391 3483 3542 37 37777 3784 4118 4430 4443 4664 4840 4848 49 4949 5006 5009 5025 5050 53 5353 5357 548 55553 5986 6000 6664 771 7989 8001 8009 8015 8060 8181 82 8767 8782 8800 9044 9295 9443 9761 9944

CVEs Detected

CVE-2012-6708 CVE-2015-8398 CVE-2015-8399 CVE-2015-9251 CVE-2016-4317 CVE-2016-6283 CVE-2017-16856 CVE-2017-18083 CVE-2017-18084 CVE-2017-18085 CVE-2017-18086 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2017-9735 CVE-2018-12536 CVE-2018-12545 CVE-2018-13389 CVE-2019-10241 CVE-2019-10247 CVE-2019-11358 CVE-2019-15005 CVE-2019-20406 CVE-2019-3394 CVE-2019-3395 CVE-2019-3396 CVE-2019-3398 CVE-2020-11022 CVE-2020-11023 CVE-2020-27216 CVE-2020-27218 CVE-2020-27223 CVE-2020-4027 CVE-2020-7656 CVE-2021-28165 CVE-2021-28169 CVE-2021-34428 CVE-2022-2047 CVE-2022-2048 CVE-2023-26048 CVE-2023-26049 CVE-2023-36478 CVE-2023-36479 CVE-2023-40167 CVE-2023-44487

Map

Whois Information

  • NetRange: 161.189.0.0 - 161.189.255.255
  • CIDR: 161.189.0.0/16
  • NetName: APNIC
  • NetHandle: NET-161-189-0-0-1
  • Parent: NET161 (NET-161-0-0-0-0)
  • NetType: Early Registrations, Transferred to APNIC
  • OriginAS:
  • Organization: Asia Pacific Network Information Centre (APNIC)
  • RegDate: 2018-06-28
  • Updated: 2018-06-28
  • Ref: https://rdap.arin.net/registry/ip/161.189.0.0
  • OrgName: Asia Pacific Network Information Centre
  • OrgId: APNIC
  • Address: PO Box 3646
  • City: South Brisbane
  • StateProv: QLD
  • PostalCode: 4101
  • Country: AU
  • RegDate:
  • Updated: 2012-01-24
  • Ref: https://rdap.arin.net/registry/entity/APNIC
  • OrgTechHandle: AWC12-ARIN
  • OrgTechName: APNIC Whois Contact
  • OrgTechPhone: +61 7 3858 3188
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • OrgAbuseHandle: AWC12-ARIN
  • OrgAbuseName: APNIC Whois Contact
  • OrgAbusePhone: +61 7 3858 3188
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
  • inetnum: 161.189.0.0 - 161.189.255.255
  • netname: WESTCLOUDDATA
  • descr: Ningxia West Cloud Data Technology Co.Ltd.
  • descr: Room201, Building A, Zhongguancun Yuan, Zhongwei Xiaoqu,
  • descr: Ningxia University, Shapotou District, Zhongwei, Ningxia
  • country: CN
  • admin-c: YW7304-AP
  • tech-c: YW7304-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-WESTCLOUDDATA-CN
  • last-modified: 2023-11-21T09:07:35Z
  • irt: IRT-WESTCLOUDDATA-CN
  • address: No. 55 West Road, 2 floor, Qingfeng Finance Bureau
  • address: Shapotou District, Zhongwei, Ningxia
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: YW7304-AP
  • tech-c: YW7304-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2023-11-21T09:06:44Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Li Quan
  • address: 20th Floor, Yidi Port, No. 20 Jiuxianqiao Road,
  • address: Chaoyang District, Beijing
  • country: CN
  • phone: +86-17310656633
  • e-mail: [email protected]
  • nic-hdl: YW7304-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2023-11-21T09:04:11Z

Links to attack logs

anonymous-proxy-ip-list-2024-03-12 anonymous-proxy-ip-list-2024-03-13 anonymous-proxy-ip-list-2024-02-28