160.251.96.129 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 160.251.96.129 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Japan
• Network: AS7506 gmo internet
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: www.antazorg.nl antazorg.nl

Open Ports Detected

10000 10001 10073 10134 10143 1024 10243 10250 10443 1063 1080 10909 10911 1099 11000 11210 11300 11371 11434 1153 1177 1200 12000 1234 12345 1250 1311 1337 13579 1414 14147 1433 14344 1442 1471 1494 1515 1521 15301 1599 16030 1604 16285 16670 16992 16993 17000 1723 1741 1800 1801 18081 18245 1880 1883 19071 19200 1925 1926 1935 1962 19930 2000 20000 2002 2008 20256 20547 2065 2067 2081 2082 2083 2086 2087 20880 21025 21027 2121 21379 2181 22 2200 22000 22070 2222 2223 2245 23023 2323 23424 2345 2352 2382 2404 2480 25001 25105 2550 2553 25565 2567 2570 2628 2701 27017 2762 28000 28015 28017 3000 30002 3001 30303 3050 3053 3093 3107 3128 31337 31401 3221 3260 3268 3269 32764 3299 3301 3307 3310 3333 3388 3389 3443 3460 3541 3542 3550 3551 3555 3567 3689 3749 3780 3790 3792 3794 4001 4022 4040 4063 4157 4242 4282 4321 4369 443 4430 4433 4500 4505 4506 4567 4782 4840 4899 4949 5001 5003 5005 5006 5007 5009 5010 5025 5090 5172 5201 5222 5280 5282 5357 5432 5435 5555 5560 5568 5601 5603 5672 5697 5800 5801 5858 5901 5938 5984 5985 6003 6005 6080 6161 6265 6352 6363 6379 6443 6543 6603 6633 6653 6662 6664 6697 6955 7001 7010 7071 7171 7218 7316 7415 7434 7443 7445 7465 7474 7535 7547 7548 7557 7634 7654 7657 7777 7779 7887 7989 7998 80 8001 8003 8009 8012 8015 8027 8031 8080 8081 8083 8085 8086 8087 8092 8098 8099 8102 8104 8112 8118 8123 8126 8139 8180 8181 8200 8248 8291 8333 8334 8404 8406 8422 8431 8443 8500 8537 8545 8554 8590 8602 8728 8784 8791 8800 8816 8826 8834 8836 8839 8847 8849 8850 8878 8880 8888 8991 9000 9002 9005 9008 9009 9017 9029 9042 9051 9080 9090 9091 9092 9095 9096 9100 9101 9110 9136 9151 9160 9191 9200 9251 9295 9304 9305 9306 9309 9367 9398 9418 9443 9530 9595 9600 9633 9637 9761 9800 9869 9876 9898 9944 9966 9981 9992 9998 9999

Map

Whois Information

• NetRange: 160.243.0.0 - 160.252.255.255
• CIDR: 160.244.0.0/14, 160.243.0.0/16, 160.252.0.0/16, 160.248.0.0/14
• NetName: APNIC-ERX-160-233-0-0
• NetHandle: NET-160-243-0-0-1
• Parent: NET160 (NET-160-0-0-0-0)
• NetType: Early Registrations, Transferred to APNIC
• OriginAS:
• Organization: Asia Pacific Network Information Centre (APNIC)
• RegDate: 2004-04-05
• Updated: 2009-10-08
• Comment: This IP address range is not registered in the ARIN database.
• Comment: This range was transferred to the APNIC Whois Database as
• Comment: part of the ERX (Early Registration Transfer) project.
• Comment: For details, refer to the APNIC Whois Database via
• Comment:
• Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
• Comment: for the Asia Pacific region. APNIC does not operate networks
• Comment: using this IP address range and is not able to investigate
• Comment: spam or abuse reports relating to these addresses. For more
• Ref: https://rdap.arin.net/registry/ip/160.243.0.0
• OrgName: Asia Pacific Network Information Centre
• OrgId: APNIC
• Address: PO Box 3646
• City: South Brisbane
• StateProv: QLD
• PostalCode: 4101
• Country: AU
• RegDate:
• Updated: 2012-01-24
• Ref: https://rdap.arin.net/registry/entity/APNIC
• OrgTechHandle: AWC12-ARIN
• OrgTechName: APNIC Whois Contact
• OrgTechPhone: +61 7 3858 3188
• OrgTechEmail: search-apnic-not-arin@apnic.net
• OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
• OrgAbuseHandle: AWC12-ARIN
• OrgAbuseName: APNIC Whois Contact
• OrgAbusePhone: +61 7 3858 3188
• OrgAbuseEmail: search-apnic-not-arin@apnic.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
• inetnum: 160.251.0.0 - 160.251.255.255
• netname: interQ
• descr: GMO Internet Group, Inc.
• descr: SAINTcity,3-1-1,kyomachi,Kokurakita-ku,Kitakyushu-shi,Fukuoka,802-0002,Japan
• admin-c: JNIC1-AP
• tech-c: JNIC1-AP
• country: JP
• mnt-by: MAINT-JPNIC
• mnt-lower: MAINT-JPNIC
• mnt-irt: IRT-JPNIC-JP
• status: ALLOCATED PORTABLE
• last-modified: 2022-11-10T02:22:05Z
• irt: IRT-JPNIC-JP
• address: Uchikanda OS Bldg 4F, 2-12-6 Uchi-Kanda
• address: Chiyoda-ku, Tokyo 101-0047, Japan
• e-mail: hostmaster@nic.ad.jp
• abuse-mailbox: hostmaster@nic.ad.jp
• phone: +81-3-5297-2311
• fax-no: +81-3-5297-2312
• admin-c: JNIC1-AP
• tech-c: JNIC1-AP
• mnt-by: MAINT-JPNIC
• last-modified: 2022-06-14T04:26:58Z
• role: Japan Network Information Center
• address: Uchikanda OS Bldg 4F, 2-12-6 Uchi-Kanda
• address: Chiyoda-ku, Tokyo 101-0047, Japan
• country: JP
• phone: +81-3-5297-2311
• fax-no: +81-3-5297-2312
• e-mail: hostmaster@nic.ad.jp
• admin-c: JI13-AP
• tech-c: JE53-AP
• nic-hdl: JNIC1-AP
• mnt-by: MAINT-JPNIC
• last-modified: 2022-01-05T03:04:02Z
• inetnum: 160.251.96.0 - 160.251.97.255
• netname: CNODE-JP
• descr: GMO Internet Group, Inc.
• country: JP
• admin-c: JP00080271
• tech-c: JP00080271
• last-modified: 2023-03-26T05:56:04Z

Links to attack logs

anonymous-proxy-ip-list-2024-08-31