159.69.42.212 Threat Intelligence and Host Information

Jul 25, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 159.69.42.212 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information

  • Tags: auto-generated security, centrum usug, cioch adrian, cve20149614 apr, cve20153202 apr, cve20185407 apr, cve20200796 may, cve20201048 apr, cve cve20010901, cve cve20021841, cve cve20054605, cve cve20060745, cve cve20070452, cve cve20070453, cve cve20070454, cve cve20071355, cve cve20071358, cve cve20071871, cve cve20113403, cve cve20151503, cve cve20152080, cve cve20157377, cve cve20160728, cve cve20161807, cve cve20170131, cve cve20175123, cve cve20201048, cve cve20201070, cve cve20203153, cve cve20211732, cyber security, elf binary, filehashmd5, filehashsha1, html, info, ioc, javascript, malicious, network capture, Nextray, nextron, office, office open, pdf zestawy, phishing, przechwytywanie, roth, sieciowych, upx compression, url https, win32 exe, xml document, xml pakietu

  • JARM: 21d19d00021d21d21c21d19d21d21d401b838e44dbe0039605d164a2c93dd4

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: coinbl_hosts, hphosts_ats, hphosts_emd, hphosts_fsa, hphosts_pha, hphosts_psh, hphosts_wrz

  • Country: Germany
  • Network:
  • Noticed: 33 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 47 b4667cee6bf7e53d55bacdff8f45b7dfae9e726f1a0c8843060f6b45f953c9dc d2bf3c30e1c8f69266e252036898f0c24ec38e7d8689339ea8fbca8ed7e7e2e3 ee071fccfc846ae0d09f5af8366b8ccb115fa7bf0c65564650d8fddcdad59443 fc89ffa6fd214b7853de3b2a818045cc69ddc62209d21091ef806cb6baa2f47f c7b2af690caab461b215b563cc8b70d7176e95085f194383bfeb6449f922fb40 d62ac7710de2838fa36dda29f10f496466e5e52ea98499fc9af172a396e13c5c 6039ffbaa55ae0c1607ea96aac22230e3d6f1bf9902f418b0920c58a9763fa14 34d93c69283551b2f3098ede2b9cbf8d7c0bc5b70f5cc0df5c63bf99cdec0481 e94acd123b0ec352198ec83965e62112ba667cf7bb7916abc630eb7cefa7d9c1 6d39ad2973f0b0d165d76cb79aecb0f54f85fe62814f349675482870711a0d14

Open Ports Detected

22 443 80

Map

Whois Information

Links to attack logs

****** ****** ******

Share on: