18.194.241.75 Threat Intelligence and Host Information

Share on:
Jul 01, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 18.194.241.75 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country: Germany
  • Network: AS16509 amazon.com inc
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy

Open Ports Detected

10000 10001 10134 10443 10554 11000 11112 11211 11300 11371 12000 1337 14147 14265 16010 16992 16993 17000 19071 20000 3200 3268 3301 3307 3310 3311 3333 3352 3389 3403 3404 3406 3408 3409 3412 3479 3522 3524 3541 3542 3548 3550 3556 3562 3563 3566 3568 3569 3570 3689 3749 3790 3791 3793 3910 3950 3952 4000 4010 4042 4064 4118 4190 4242 4282 4321 4505 4506 4524 4550 4567 4643 4646 4664 4700 4734 4782 4786 4840 4848 4899 4911 5000 5001 5003 5004 5005 5007 5009 5010 5025 5050 5070 5122 5190 5201 5222 5280 5357 5432 5446 5494 5542 5591 5592 5593 5598 5602 5604 5606 5608 5609 5672 5673 5800 5801 5858 5900 5901 5908 5910 5938 5984 5986 6000 6002 6008 6009 6010 6080 6262 6352 6379 6443 6503 6543 6561 6565 6581 6588 6590 6600 6601 6602 6603 6605 6622 6633 6650 6653 6662 6664 6666 6668 6789 6998 7000 7001 7002 7005 7014 7071 7090 7170 7401 7415 7443 7444 7445 7465 7510 7535 7547 7548 7654 7676 7887 7989 7998 80 8000 8001 8002 8003 8007 8008 8009 8010 8011 8012 8020 8021 8024 8025 8028 8031 8036 8038 8039 8040 8042 8046 8052 8056 8057 8064 8069 8072 8081 8083 8086 8087 8090 8093 8098 8100 8101 8102 8107 8109 8110 8118 8123 8126 8139 8140 8200 8238 8239 8333 8334 8401 8403 8406 8407 8416 8420 8427 8442 8443 8444 8445 8500 8545 8553 8554 8637 8649 8688 8700 8728 8779 8784 8787 8790 8791 8804 8805 8806 8807 8809 8810 8813 8820 8821 8824 8826 8829 8832 8833 8836 8837 8839 8846 8847 8850 8856 8857 8858 8859 8860 8861 8863 8866 8867 8877 8878 8880 8888 8889 8899 8935 8991 8993 9001 9002 9004 9007 9008 9013 9014 9019 9020 9021 9025 9029 9032 9036 9038 9044 9046 9047 9051 9080 9089 9091 9092 9093 9096 9097 9100 9101 9104 9110 9119 9136 9191 9199 9200 9202 9203 9205 9206 9209 9212 9217 9220 9221 9222 9295 9299 9303 9304 9306 9310 9389 9418 9443 9445 9527 9530 9550 9595 9600 9606 9682 9869 9943 9944 9950 9966 9990 9998 9999

CVEs Detected

CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12522 CVE-2019-12523 CVE-2019-12524 CVE-2019-12525 CVE-2019-12526 CVE-2019-12527 CVE-2019-12528 CVE-2019-12529 CVE-2019-12854 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18860 CVE-2020-11945 CVE-2020-14058 CVE-2020-15049 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 CVE-2020-25097 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 CVE-2021-28116 CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 CVE-2021-46784 CVE-2022-41318

Map

Whois Information

  • NetRange: 18.32.0.0 - 18.255.255.255
  • CIDR: 18.64.0.0/10, 18.32.0.0/11, 18.128.0.0/9
  • NetName: AT-88-Z
  • NetHandle: NET-18-32-0-0-1
  • Parent: NET18 (NET-18-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Amazon Technologies Inc. (AT-88-Z)
  • RegDate: 2019-10-07
  • Updated: 2021-02-10
  • Ref: https://rdap.arin.net/registry/ip/18.32.0.0
  • OrgName: Amazon Technologies Inc.
  • OrgId: AT-88-Z
  • Address: 410 Terry Ave N.
  • City: Seattle
  • StateProv: WA
  • PostalCode: 98109
  • Country: US
  • RegDate: 2011-12-08
  • Updated: 2022-09-30
  • Comment: All abuse reports MUST include:
  • Comment: * src IP
  • Comment: * dest IP (your IP)
  • Comment: * dest port
  • Comment: * Accurate date/timestamp and timezone of activity
  • Comment: * Intensity/frequency (short log extracts)
  • Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
  • Ref: https://rdap.arin.net/registry/entity/AT-88-Z
  • OrgRoutingHandle: ARMP-ARIN
  • OrgRoutingName: AWS RPKI Management POC
  • OrgRoutingPhone: +1-206-555-0000
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
  • OrgAbuseHandle: AEA8-ARIN
  • OrgAbuseName: Amazon EC2 Abuse
  • OrgAbusePhone: +1-206-555-0000
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
  • OrgRoutingHandle: IPROU3-ARIN
  • OrgRoutingName: IP Routing
  • OrgRoutingPhone: +1-206-555-0000
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
  • OrgNOCHandle: AANO1-ARIN
  • OrgNOCName: Amazon AWS Network Operations
  • OrgNOCPhone: +1-206-555-0000
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
  • OrgTechHandle: ANO24-ARIN
  • OrgTechName: Amazon EC2 Network Operations
  • OrgTechPhone: +1-206-555-0000
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
  • NetRange: 18.194.0.0 - 18.195.255.255
  • CIDR: 18.194.0.0/15
  • NetName: AMAZO-ZFRA
  • NetHandle: NET-18-194-0-0-2
  • Parent: AT-88-Z (NET-18-32-0-0-1)
  • NetType: Reallocated
  • OriginAS: AS16509
  • Organization: A100 ROW GmbH (RG-123)
  • RegDate: 2017-05-25
  • Updated: 2021-02-10
  • Ref: https://rdap.arin.net/registry/ip/18.194.0.0
  • OrgName: A100 ROW GmbH
  • OrgId: RG-123
  • Address: Marcel-Breuer-Strasse 10
  • City: Munchen
  • StateProv:
  • PostalCode: 80807
  • Country: DE
  • RegDate: 2014-11-07
  • Updated: 2014-11-07
  • Ref: https://rdap.arin.net/registry/entity/RG-123
  • OrgAbuseHandle: AEA8-ARIN
  • OrgAbuseName: Amazon EC2 Abuse
  • OrgAbusePhone: +1-206-555-0000
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
  • OrgNOCHandle: AANO1-ARIN
  • OrgNOCName: Amazon AWS Network Operations
  • OrgNOCPhone: +1-206-555-0000
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
  • OrgTechHandle: ANO24-ARIN
  • OrgTechName: Amazon EC2 Network Operations
  • OrgTechPhone: +1-206-555-0000
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-06-29