192.160.102.164 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 192.160.102.164 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: dm_tor, et_tor, maxmind_proxy_fraud, sblam, tor_exits_1d, tor_exits_30d, tor_exits_7d, tor_exits

• Country: Canada
• Network:
• Noticed: times
• Protocols Attacked: SSH
• Passive DNS Results: block2.mmms.eu 192.160.102.164 nounours.synology.me idm2017.hopto.org antvirus.ddns.com.br snowfall.relay.coldhak.com

Malware Detected on Host

Count: 117 31e302a897e944fee26fcc0d6b6ee9904299deec67ae594d7ab69879cce25893 138a273fadc75c7317911d99e08837e95cdb18ae9a0de0e312ec22ddb110e80f 8a4bc802968163076a7204c807ad848a4457ad97229a6164fbc4f9ba05ee35ff af3d05d90772ef418bb1a30281d4c5febb2dd4861c53a31c27bd49a47e2f684a f0232ab7e6846960a02a2fce3150a2cfc534bb3b4292269547fc6bb19cf61317 22cc28b38b2cb8b9ea27af21752eb869fac9622cef80faae48d48608e7e13bfd e415194dc7bd0e856c78619385df05dffac67d5a42f01c1567f7d1cc1ad2d9db b11e614cdd02aecb8d6ae65bf67bfac8cbefd68830065217e2cb48922743bb12 9005b5476c102983de5a21e87c9607d2951cfa62e4e75fe0367ce362fd6295a9 762d7c6c39c4c6f0c37362ac571cc3cc9305d15d7bf5b447ad0a7a26ce78f273

Map

Whois Information

• NetRange: 192.160.102.0 - 192.160.102.255
• CIDR: 192.160.102.0/24
• NetName: HEXTET
• NetHandle: NET-192-160-102-0-1
• Parent: NET192 (NET-192-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS395089
• Organization: Hextet Systems (HS-291)
• RegDate: 2015-07-09
• Updated: 2021-12-14
• Ref: https://rdap.arin.net/registry/ip/192.160.102.0
• OrgName: Hextet Systems
• OrgId: HS-291
• Address: 227 Houde Dr
• City: Winnipeg
• StateProv: MB
• PostalCode: R3V 1C7
• Country: CA
• RegDate: 2014-10-30
• Updated: 2023-08-31
• Ref: https://rdap.arin.net/registry/entity/HS-291
• OrgNOCHandle: NETWO7700-ARIN
• OrgNOCName: Network Operations
• OrgNOCPhone: +1-204-666-2634
• OrgNOCEmail: noc@hextet.net
• OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN
• OrgAbuseHandle: ABUSE5339-ARIN
• OrgAbuseName: Abuse Dept
• OrgAbusePhone: +1-204-666-2634
• OrgAbuseEmail: abuse@hextet.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5339-ARIN
• OrgTechHandle: NETWO7700-ARIN
• OrgTechName: Network Operations
• OrgTechPhone: +1-204-666-2634
• OrgTechEmail: noc@hextet.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN
• RAbuseHandle: ABUSE5339-ARIN
• RAbuseName: Abuse Dept
• RAbusePhone: +1-204-666-2634
• RAbuseEmail: abuse@hextet.net
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5339-ARIN
• RTechHandle: NETWO7700-ARIN
• RTechName: Network Operations
• RTechPhone: +1-204-666-2634
• RTechEmail: noc@hextet.net
• RTechRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN
• RNOCHandle: NETWO7700-ARIN
• RNOCName: Network Operations
• RNOCPhone: +1-204-666-2634
• RNOCEmail: noc@hextet.net
• RNOCRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN

Links to attack logs

****** ****** ******