49.156.47.162 Threat Intelligence and Host Information

Share on:
May 06, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service
  • Tags: Cyclops, DDOS, Gamardeon, HermeticWiper, IsaacWiper, KillNet, PartyTicket, WhisperGate, attack ddos, botnet, ddos, list ips, russia, russian, ukraine
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: socks_proxy_30d, socks_proxy_7d, sslproxies, sslproxies_1d, sslproxies_30d, sslproxies_7d, stopforumspam_180d, stopforumspam_365d

  • Country: Cambodia
  • Network: AS24492 wicam corporation ltd.
  • Noticed: 25 times
  • Protcols Attacked: SSH
  • Countries Attacked: Russian Federation

Malware Detected on Host

Count: 4 88cb6da94b1ff0e563cd656bc37eb1aac3506f852cb333b378d007e1d699d63b c4ad00d7360fc45e1c35cb76b174818ad6462f13fa9b66cec85e1774a170b674 69e399a425d76452096c37c0a37550dc199328f30d2c53c986d0387c851ee31f ed4e4e5435f6279116e7b209dd9cd1079b9d55183142399143bb1c03312435a8

Open Ports Detected

2000 443 449 80

Map

Whois Information

  • inetnum: 49.156.47.0 - 49.156.47.255
  • netname: WiCAM
  • descr: WiCAM Corporation Ltd.
  • country: KH
  • admin-c: NC288-AP
  • tech-c: NC288-AP
  • abuse-c: AW856-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: MAINT-KH-WICAM
  • mnt-lower: MAINT-KH-WICAM
  • mnt-routes: MAINT-KH-WICAM
  • mnt-irt: IRT-WICAM-KH
  • last-modified: 2022-10-12T08:53:00Z
  • irt: IRT-WICAM-KH
  • address: Sangkat Toul Tompong II, Khan Chamkar Morn
  • address: Phenom Penh
  • address: CAMBODIA
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: WN346-AP
  • tech-c: WN346-AP
  • mnt-by: MAINT-KH-WICAM
  • last-modified: 2022-11-09T02:21:23Z
  • role: ABUSE WICAMKH
  • address: Sangkat Toul Tompong II, Khan Chamkar Morn
  • address: Phenom Penh
  • address: CAMBODIA
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: WN346-AP
  • tech-c: WN346-AP
  • nic-hdl: AW856-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-11-09T02:21:37Z
  • role: WiCAM Network Operations
  • country: KH
  • phone: +85523726557
  • e-mail: [email protected]
  • admin-c: WN346-AP
  • tech-c: TW217-AP
  • tech-c: VL188-AP
  • nic-hdl: NC288-AP
  • mnt-by: MAINT-KH-WICAM
  • last-modified: 2022-10-12T09:02:12Z
  • route: 49.156.40.0/21
  • origin: AS24492
  • descr: WiCAM Corporation
  • mnt-by: MAINT-KH-WICAM
  • last-modified: 2017-09-13T03:21:47Z

Links to attack logs

roxy-ip-list-2023-05-03