3.96.211.162 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 3.96.211.162 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Canada
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy

Open Ports Detected

10000 10894 11211 11300 119 12166 12190 12284 12433 12581 16041 175 18091 18245 1883 1926 1970 2018 2121 22 23 2332 2376 2561 26 27017 2806 30003 3073 3147 32102 32202 3388 35000 3553 37 3954 44302 44306 44309 445 50000 50805 515 5353 5432 5443 55200 5672 5910 6512 6653 6668 7443 7493 7657 7980 7989 8010 8040 8122 8123 8140 8230 8413 843 8504 8888 8889 8915 9090 9151 9309 9929

CVEs Detected

CVE-2009-2940 CVE-2009-3720 CVE-2012-6708 CVE-2015-9251 CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2018-12536 CVE-2018-12545 CVE-2019-10241 CVE-2019-10247 CVE-2019-10768 CVE-2019-11358 CVE-2020-11022 CVE-2020-11023 CVE-2020-27216 CVE-2020-27218 CVE-2020-27223 CVE-2020-29396 CVE-2020-7656 CVE-2020-7676 CVE-2021-28165 CVE-2021-28169 CVE-2021-32052 CVE-2021-34428 CVE-2022-2047 CVE-2022-2048 CVE-2023-26048 CVE-2023-26049 CVE-2023-36478 CVE-2023-36479 CVE-2023-40167 CVE-2023-44487 CVE-2024-12055 CVE-2024-13009 CVE-2024-21490 CVE-2024-22201 CVE-2024-39719 CVE-2024-39720 CVE-2024-39722 CVE-2024-45436 CVE-2024-6763 CVE-2024-8184 CVE-2024-8372 CVE-2024-8373 CVE-2024-9823 CVE-2025-0312 CVE-2025-0315 CVE-2025-0317

Map

Whois Information

• NetRange: 3.0.0.0 - 3.127.255.255
• CIDR: 3.0.0.0/9
• NetName: AT-88-Z
• NetHandle: NET-3-0-0-0-1
• Parent: NET3 (NET-3-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Amazon Technologies Inc. (AT-88-Z)
• RegDate: 2017-12-20
• Updated: 2022-05-18
• Ref: https://rdap.arin.net/registry/ip/3.0.0.0
• OrgName: Amazon Technologies Inc.
• OrgId: AT-88-Z
• Address: 410 Terry Ave N.
• City: Seattle
• StateProv: WA
• PostalCode: 98109
• Country: US
• RegDate: 2011-12-08
• Updated: 2024-01-24
• Comment: All abuse reports MUST include:
• Comment: * src IP
• Comment: * dest IP (your IP)
• Comment: * dest port
• Comment: * Accurate date/timestamp and timezone of activity
• Comment: * Intensity/frequency (short log extracts)
• Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
• Ref: https://rdap.arin.net/registry/entity/AT-88-Z
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: trustandsafety@support.aws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgRoutingHandle: IPROU3-ARIN
• OrgRoutingName: IP Routing
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
• OrgRoutingHandle: ARMP-ARIN
• OrgRoutingName: AWS RPKI Management POC
• OrgRoutingPhone: +1-206-555-0000
• OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
• NetRange: 3.96.0.0 - 3.97.255.255
• CIDR: 3.96.0.0/15
• NetName: AMAZON-YUL
• NetHandle: NET-3-96-0-0-1
• Parent: AT-88-Z (NET-3-0-0-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: Amazon Data Services Canada (ADSC-5)
• RegDate: 2020-04-01
• Updated: 2020-04-01
• Ref: https://rdap.arin.net/registry/ip/3.96.0.0
• OrgName: Amazon Data Services Canada
• OrgId: ADSC-5
• Address: 120 Bremner Boulevard
• Address: 26th Floor
• City: Toronto
• StateProv: ON
• PostalCode: M5J 0A8
• Country: CA
• RegDate: 2016-12-15
• Updated: 2019-08-02
• Ref: https://rdap.arin.net/registry/entity/ADSC-5
• OrgTechHandle: ANO24-ARIN
• OrgTechName: Amazon EC2 Network Operations
• OrgTechPhone: +1-206-555-0000
• OrgTechEmail: amzn-noc-contact@amazon.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
• OrgNOCHandle: AANO1-ARIN
• OrgNOCName: Amazon AWS Network Operations
• OrgNOCPhone: +1-206-555-0000
• OrgNOCEmail: amzn-noc-contact@amazon.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
• OrgAbuseHandle: AEA8-ARIN
• OrgAbuseName: Amazon EC2 Abuse
• OrgAbusePhone: +1-206-555-0000
• OrgAbuseEmail: trustandsafety@support.aws.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-08-03 ****** ****** ******