160.124.21.156 Threat Intelligence and Host Information

Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 160.124.21.156 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • JARM: 3fd3fd0003fd3fd21c42d42d000000bdfc58c9a46434368cf60aa440385763

  • View other sources: Spamhaus VirusTotal

  • Country: South Africa
  • Network: AS132839 power line datacenter
  • Noticed: 1 times
  • Protocols Attacked: SSH
  • Passive DNS Results: koreanafortmyers.com theurbaneknot.com photogebaum.com arabiacooking.com aglowingautopaint.com 1234ly.com thiefandmaven.com singaporephotomodels.com r2managementgroup.com erapacesetter.com wff44.com tunabereket.com reviewsharp.com marciogoncalves.com ws358.icu x0f1h.icu afvtc.icu arfebw.icu dccq0.icu daxnl.icu cmy91.icu vu06b.icu cftkfg.icu v71vt.icu sk4nt.icu sup6w.icu sjsmix.icu hnztx.icu h17oi.icu mwryb.icu mtdi8.icu lw6am.icu lwb12.icu icntzw.icu ql2q3.icu ygnzev.icu yeor3.icu pof57.icu pldyri.icu b9j7y.icu goxfl.icu g5bpl.icu j9hgn.icu npjcw.icu nqdcpo.icu nervf.icu 7u670.icu 8n248.icu 8awwe.icu 6l343.icu 7tvr0.icu 601hl.icu 6056o.icu 56ua1.icu 3160q.icu 2ex2c.icu 3g0mh.icu 1uhpz.icu 13f38.icu kfqxyp.icu rtfhy.icu fwyd7.icu ffsenu.icu f72u9.icu f5vfd.icu 5lti5m.icu ubsjv.com alertchiro.com www.yiyuanguahaowang.net www.tjjs.org

Open Ports Detected

443 80

Map

Whois Information

  • inetnum: 160.124.0.0 - 160.124.255.255
  • netname: POSIX-AFRICA
  • descr: Posix Systems (Pty) Ltd
  • descr: P.O. Box 73892
  • descr: Lynnwood Ridge, 0040
  • country: ZA
  • org: ORG-PS1-AFRINIC
  • admin-c: MJE-AFRINIC
  • tech-c: MJE-AFRINIC
  • status: ASSIGNED PI
  • mnt-by: AFRINIC-HM-MNT
  • mnt-lower: POSIX-MNT
  • mnt-domains: POSIX-MNT
  • mnt-routes: POSIX-MNT
  • parent: 0.0.0.0 - 255.255.255.255
  • organisation: ORG-PS1-AFRINIC
  • org-name: Posix Systems (Pty) Ltd
  • org-type: EU-PI
  • country: ZA
  • address: P.O. Box 73892
  • address: Lynnwood Ridge 0040
  • phone: tel:+27-82-601-0496
  • phone: tel:+27-12-807-0590
  • admin-c: MJE-AFRINIC
  • admin-c: AEP-AFRINIC
  • tech-c: MJE-AFRINIC
  • tech-c: AEP-AFRINIC
  • mnt-ref: AFRINIC-HM-MNT
  • mnt-ref: POSIX-MNT
  • mnt-by: AFRINIC-HM-MNT
  • person: Mark Elkins
  • nic-hdl: MJE-AFRINIC
  • address: Posix Systems (Pty) Ltd
  • address: P O Box 73892
  • address: Gauteng
  • address: Lynnwood Ridge 0040
  • address: South Africa
  • phone: tel:+27-82-601-0496
  • org: org-ps1-afrinic
  • mnt-by: POSIX-MNT
  • route: 160.124.0.0/16
  • descr: Posix Systems, South Africa
  • origin: AS6083
  • mnt-by: POSIX-MNT

Links to attack logs

****** ****** ******

Share on: