IOC Radar
IPMediumSignal 36/100

160.153.0.9

Location
United StatesUnited States
Tempe, Arizona
ASN
AS209242
GoDaddy.com, LLC
First Seen
Jul 21, 2023
Last Seen
May 2, 2026
Jul 21
First Seen
1059d ago
May 2
Last Seen
43d ago
11
Reports
source reports
36%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

44 techniques

Network Information

CountryUSUnited States
RegionTempe, Arizona
ASNAS209242
OrganizationGoDaddy.com, LLC

IP Category

Proxy
Proxy server

Feed Intelligence Summary

11 reports36% confidence
11
Source reports
36%
Confidence score
Category tags
aaaaacceptaccept encodingaccount securityactive scanaddressadult content hostingaerospace & defensealertsanalysis dateapacheasnone relatedav detectionsazerbaijan asnbackdoorblog vonbodybotnetbotnet activitybrute forcechromecivil servicesck idck matrixclickclick-based attackcommandcommand and controlcommunication technologiescompromised communicationcorporate lawcredential accesscredential harvestingcredential stuffingcredential theftcycbotdata exfiltrationdata store exposuredclocalddosddos attacksdefensedefense contractingdefense evasiondefense logisticsdefense systemsdefense technologydelete cdennis schrderdennis schroderdistributed attacksdns attackdnssecdomaindynamicloaderdyndns domainelementemailsencryptencryptionentrieset smtpeuropeexploitation activityfilesfiles ipfinancefor privacyformatfoundfraudgeckogermany asngovernment technologyguardhead floodshello2malwarehelloworldhighhosthostnamehostname addhostname enumerationhstrhttp attackhttps domainhybrididentity & access exploitationids detectionsiframeinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinjection activityinput validation bypassinsertinstallintellectual property lawinternet of thingsiot botnetiot securityiot/ics attackipv4 addit infrastructurejapan unknownkhtmlkiller geckokillnetlaw practicelearnlegallegal consultinglegal researchlegal sectorlegal serviceslegal technologylesslevel domainlocalmalicious linksmalicious softwaremalwaremediummessagemetametadata analysismilitary operationsmiraimirai botnetmitre attmobile carriersmobile networksmovedmoviems windowsmsiename serversname tacticsnamed pipenational securitynetherlandsnetworknetwork scanningnext associatednidsnorth americaok acceptoperating system securitypassive dnspathpath traversalpdf libraryphishingphishing attackphone interceptionportpragmapresentpresent junpresent novpresent sepprocess injectionproxproxypublic administrationpublic infrastructurepublic policyransomransomwarereconnaissancerecord valueredacted forregulatory agenciesregulatory compliancerelated pulsesremote accessresearchedreverse dnsscams & fraudscript domainsscript urlsserverssite topsocial engineeringsocial media securitysoftware developmentstealsstringst1027t1031t1045t1055t1057t1059t1060t1063t1069t1071t1071.001t1078t1083t1105t1113t1119t1133t1140t1190t1204.001t1204.002t1210t1480t1486t1496t1498t1499t1499.002t1499.003t1553t1565t1566t1566.001t1566.002t1566.003t1567.001t1568t1583t1583.005t1587.001t1589.001t1590t1590.001t1598telecom servicestelecommunicationsthreat actortls snitor nodetotaltrojantrojan malwaretrojandroppertwittertype indicatorunitedunited kingdomunited statesurlsususer executionverdictweb application attackweb application exploitationweb securitywindows ntwritewrite cxserverxxx adultyara detectionsyara rule

Activity Timeline

1 total obs
May 2May 2

Threat Activity Heatmap

· Peak: 2026-05-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
11
Reports
First seenJul 21, 2023
Last seenMay 2, 2026
GeolocationUS
CountryUnited States
LocationTempe, Arizona
ASNAS209242
OrgGoDaddy.com, LLC
Coords33.3361, -111.9222
Proxy

VirusTotal

Not checked

WHOIS

description
proxy-proxy_http search result.
raw
NetRange: 160.153.0.0 - 160.153.255.255 CIDR: 160.153.0.0/16 NetName: GO-DADDY-COM-LLC NetHandle: NET-160-153-0-0-1 Parent: NET160 (NET-160-0-0-0-0) NetType: Direct Allocation OriginAS: AS26496 Organization: GoDaddy.com, LLC (GODAD) RegDate: 2011-09-01 Updated: 2014-02-25 Comment: Please send abuse complaints to [email protected] Ref: https://rdap.arin.net/registry/ip/160.153.0.0 OrgName: GoDaddy.com, LLC OrgId: GODAD Address: 2155 E GoDaddy Way City: Tempe StateProv: AZ PostalCode: 85284 Country: US RegDate: 2007-06-01 Updated: 2024-11-25 Comment: Please send abuse complaints to [email protected] Ref: https://rdap.arin.net/registry/entity/GODAD OrgAbuseHandle: ABUSE51-ARIN OrgAbuseName: Abuse Department OrgAbusePhone: +1-480-624-2505 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN OrgNOCHandle: NOC124-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-480-505-8809 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN OrgTechHandle: NOC124-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-480-505-8809 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN RTechHandle: NOC124-ARIN RTechName: Network Operations Center RTechPhone: +1-480-505-8809 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN RNOCHandle: NOC124-ARIN RNOCName: Network Operations Center RNOCPhone: +1-480-505-8809 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN RAbuseHandle: ABUSE51-ARIN RAbuseName: Abuse Department RAbusePhone: +1-480-624-2505 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
references
Redirect from actual firm called - https://coloradoinjurylaw.com/denver-sexual-abuse-lawyer/, leg.colorado.gov • maps.app.goo.gl, https://leg.colorado.gov/bills/hb20 ?, https://mirai-nameko.jp/assets/delighters-js.php, Government porn: https://thehotporn.info/ • http://live-sex.space/ • charoenpornintergroup.com, https://fr.bongacams10.com/erikasexy1 • https://www.bigcitycreations.com/s/stories/a-unisex-guide-to-pairing-colors, colorado.gov, https://securityresearch.samadkhawaja.com/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 11 threat reports