139.162.100.214 Threat Intelligence and Host Information

Share on:

Mar 17, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 139.162.100.214 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

Mitre ATT&CK IDs: T1498 - Network Denial of Service
Tags: attack ddos, botnet, Cyclops, ddos, Gamardeon, HermeticWiper, ipv4, IsaacWiper, list ips, PartyTicket, russia, russian, ukraine, WhisperGate
JARM: 15d3fd16d29d29d00042d43d000000fe02290512647416dcf0a400ccbc0b6b
View other sources: Spamhaus VirusTotal
Contained within other IP sets: blocklist_net_ua, stopforumspam_365d
Country: Japan
Network: AS63949 linode llc
Noticed: 10 times
Protocols Attacked: Anonymous Proxy
Countries Attacked: Russian Federation, United States of America
Passive DNS Results: www.eturees.mn eturees.mn 1958.mn

Open Ports Detected

22 3306 443 80

CVEs Detected

CVE-2007-2627 CVE-2007-2768 CVE-2007-3205 CVE-2007-5800 CVE-2008-1982 CVE-2008-3844 CVE-2008-4625 CVE-2008-4732 CVE-2008-4733 CVE-2008-4734 CVE-2008-5752 CVE-2008-6811 CVE-2008-7040 CVE-2008-7175 CVE-2009-0968 CVE-2009-2122 CVE-2009-2143 CVE-2009-2144 CVE-2009-2383 CVE-2009-2396 CVE-2009-2852 CVE-2009-3703 CVE-2009-4168 CVE-2009-4169 CVE-2009-4170 CVE-2009-4424 CVE-2009-4672 CVE-2009-4748 CVE-2010-0673 CVE-2010-1186 CVE-2010-2924 CVE-2010-3977 CVE-2010-4277 CVE-2010-4402 CVE-2010-4403 CVE-2010-4518 CVE-2010-4630 CVE-2010-4637 CVE-2010-4747 CVE-2010-4779 CVE-2010-4825 CVE-2010-4839 CVE-2010-4875 CVE-2011-0641 CVE-2011-0740 CVE-2011-0759 CVE-2011-0760 CVE-2011-1047 CVE-2011-1669 CVE-2011-3850 CVE-2011-3851 CVE-2011-3852 CVE-2011-3853 CVE-2011-3854 CVE-2011-3855 CVE-2011-3856 CVE-2011-3857 CVE-2011-3858 CVE-2011-3859 CVE-2011-3860 CVE-2011-3861 CVE-2011-3862 CVE-2011-3863 CVE-2011-3864 CVE-2011-3865 CVE-2011-3981 CVE-2011-4562 CVE-2011-4568 CVE-2011-4646 CVE-2011-4669 CVE-2011-4671 CVE-2011-4673 CVE-2011-4803 CVE-2011-5051 CVE-2011-5082 CVE-2012-0895 CVE-2012-0896 CVE-2012-0898 CVE-2012-0934 CVE-2012-1010 CVE-2012-1011 CVE-2012-1067 CVE-2012-1068 CVE-2012-1205 CVE-2012-1785 CVE-2012-1786 CVE-2012-2759 CVE-2012-2912 CVE-2012-2913 CVE-2012-2916 CVE-2012-2917 CVE-2012-2920 CVE-2013-2220 CVE-2013-5918 CVE-2016-20012 CVE-2017-15906 CVE-2017-9118 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-21707 CVE-2021-21708 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2022-21661 CVE-2022-21662 CVE-2022-21663 CVE-2022-21664 CVE-2022-31625 CVE-2022-31626 CVE-2022-31628 CVE-2022-31629 CVE-2022-31630 CVE-2022-3590 CVE-2022-37454 CVE-2022-43497 CVE-2022-43500 CVE-2022-43504 CVE-2023-22622 CVE-2023-2745 CVE-2023-38408 CVE-2023-39999 CVE-2023-44487 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767 CVE-2023-5561

Map

Whois Information

NetRange: 139.162.0.0 - 139.162.255.255
CIDR: 139.162.0.0/16
NetName: RIPE-ERX-139-162-0-0
NetHandle: NET-139-162-0-0-1
Parent: NET139 (NET-139-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2004-03-03
Updated: 2004-03-03
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Ref: https://rdap.arin.net/registry/ip/139.162.0.0
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
inetnum: 139.162.0.0 - 139.162.255.255
netname: EU-LINODE-20141229
descr: 139.162.0.0/16
org: ORG-LL72-RIPE
country: US
admin-c: TA2589-RIPE
abuse-c: LAS85-RIPE
tech-c: TA2589-RIPE
status: LEGACY
mnt-by: linode-mnt
created: 2004-02-02T16:20:09Z
last-modified: 2022-12-12T21:26:29Z
organisation: ORG-LL72-RIPE
org-name: Linode, LLC
country: US
org-type: LIR
address: 249 Arch Street
address: 19106
address: Philadelphia
address: UNITED STATES
phone: +16093807100
fax-no: +16093807200
admin-c: AF11785-RIPE
admin-c: TA2589-RIPE
tech-c: AF11785-RIPE
abuse-c: LAS85-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: linode-mnt
mnt-by: RIPE-NCC-HM-MNT
mnt-by: linode-mnt
created: 2009-11-02T13:42:45Z
last-modified: 2020-12-16T13:00:31Z
person: Thomas Asaro
address: 329 E. Jimmie Leeds Road, Suite A, Galloway, NJ 08205, USA
phone: +16093807504
nic-hdl: TA2589-RIPE
mnt-by: Linode-mnt
created: 2009-11-02T17:17:56Z
last-modified: 2014-11-20T18:51:15Z

Links to attack logs