23.152.0.21 Threat Intelligence and Host Information

Jul 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 23.152.0.21 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 7/100

Host and Network Information

View other sources: Spamhaus VirusTotal
Contained within other IP sets: cobaltstrike

Country: United States
Network:
Noticed: 1 times
Protocols Attacked: Anonymous Proxy

Malware Detected on Host

Count: 2 d1e6c81ea3cb42e00acdf31b8d4b5996b94f9cec23f16d1dafbd29cf4d2ba920 15c03082543a21a54da387e795a7ccf5822a265ab6dd00c15906cc7a9d8f5742

Open Ports Detected

10000 10001 10003 10008 10010 10013 10016 10017 10019 10024 10032 10035 10037 10040 10042 10043 10046 10048 10051 10052 10071 10075 10086 10087 10093 10225 10240 10243 10250 10255 10256 10398 10443 10445 10477 10480 10892 10909 10911 10943 11000 11075 11082 11112 11210 11211 11288 11300 11371 11434 11480 11601 11681 12000 12001 12104 12109 12111 12112 12115 12119 12122 12123 12126 12133 12134 12138 12141 12145 12159 12160 12161 12164 12166 12167 12178 12180 12183 12187 12195 12198 12201 12204 12205 12206 12207 12208 12215 12216 12220 12222 12225 12228 12229 12235 12239 12241 12244 12249 12264 12269 12272 12274 12276 12284 12292 12299 12300 12302 12304 12308 12310 12312 12313 12318 12322 12326 12327 12332 12334 12336 12340 12343 12344 12345 12346 12347 12348 12349 12352 12355 12362 12366 12376 12380 12386 12388 12392 12395 12397 12403 12405 12407 12409 12410 12411 12413 12415 12417 12418 12422 12423 12436 12438 12439 12442 12446 12448 12454 12456 12461 12468 12469 12470 12472 12476 12478 12482 12483 12485 12488 12490 12495 12505 12509 12511 12513 12515 12516 12521 12523 12530 12534 12538 12540 12541 12542 12544 12548 12552 12554 12567 12573 12574 12582 12583 12585 12586 12588 12601 13082 13128 13380 13579 14147 14265 14344 14407 14825 14873 14897 14909 15000 9143

Map

Whois Information

NetRange: 23.152.0.0 - 23.152.0.255
CIDR: 23.152.0.0/24
NetName: CROWNCLOUD-V6V4
NetHandle: NET-23-152-0-0-1
Parent: NET23 (NET-23-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS199959, AS8100
Organization: Crowncloud US LLC (CUL-34)
RegDate: 2015-11-23
Updated: 2025-01-25
Comment: IPs in this block are statically assigned, please report any abuse to admin@crowncloud.us
Ref: https://rdap.arin.net/registry/ip/23.152.0.0
OrgName: Crowncloud US LLC
OrgId: CUL-34
Address: 530 W 6th St
Address: C/O Cid 4573 Quadranet Inc. Ste 901
City: Los Angeles
StateProv: CA
PostalCode: 90014-1207
Country: US
RegDate: 2014-07-25
Updated: 2024-11-25
Ref: https://rdap.arin.net/registry/entity/CUL-34
OrgAbuseHandle: CROWN9-ARIN
OrgAbuseName: Crowncloud Support
OrgAbusePhone: +1-940-867-4072
OrgAbuseEmail: admin@crowncloud.us
OrgAbuseRef: https://rdap.arin.net/registry/entity/CROWN9-ARIN
OrgTechHandle: CROWN9-ARIN
OrgTechName: Crowncloud Support
OrgTechPhone: +1-940-867-4072
OrgTechEmail: admin@crowncloud.us
OrgTechRef: https://rdap.arin.net/registry/entity/CROWN9-ARIN

Links to attack logs

Share on: