162.159.134.61 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 162.159.134.61 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 29/100

Host and Network Information

• Tags: akamaias, akamaiasn1, amazon02, as15169, as16509, as20940, as3359, as8075, as852, cuba, facebook, geoip, ghost, google, indonesia, level3, media, mexico, mini, proton, public url, seznam, telecom, Tracking Domains, twitter, ukraine, win32, win64

• JARM: 27d40d40d00040d00042d43d00041df04c41293ba84f6efe3a613b22f983e6

• View other sources: Spamhaus VirusTotal

• Country:
• Network:
• Noticed: 2 times
• Protocols Attacked: Anonymous Proxy
• Countries Attacked: Anguilla, Aruba, Australia, Bahamas, Barbados, Canada, Cayman Islands, Costa Rica, Curaçao, Georgia, Guatemala, Japan, Mexico, Netherlands, Panama, Philippines, Poland, Saint Kitts and Nevis, Saint Martin (French part), Saint Vincent and the Grenadines, Sint Maarten (Dutch part), Tanzania United Republic of, Trinidad and Tobago, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: rebelsports.api.useinsider.com nocnocth.api.useinsider.com tvbsnews.api.useinsider.com alodokter.api.useinsider.com caracoltvco.api.useinsider.com bankbca.api.useinsider.com samsungsingapore.api.useinsider.com carterauatamericanairlines.api.useinsider.com viettelidc.api.useinsider.com nelogica.api.useinsider.com iciparisxlnl.api.useinsider.com corendonairlines.api.useinsider.com chinaairlines.api.useinsider.com samsungusa.api.useinsider.com kompasindonesia.api.useinsider.com chemistwarehouse.api.useinsider.com astroawani.api.useinsider.com blibli.api.useinsider.com farmatodo.api.useinsider.com falcon.useinsider.com samsungmalaysia.api.useinsider.com hepsiburadaprod.api.useinsider.com jb-collector.api.useinsider.com jobsdb.api.useinsider.com grupobbcobr.api.useinsider.com email.useinsider.com philipsgb.api.useinsider.com bigwprod.api.useinsider.com mountaindesignsau.api.useinsider.com ingatlanhu.api.useinsider.com klikdokterid.api.useinsider.com belcorpbrand.api.useinsider.com upluscokrprd.api.useinsider.com ntv.api.useinsider.com ohpolly.api.useinsider.com olxbrclassificados.api.useinsider.com pontofrio.api.useinsider.com aslieliftanugur.api.useinsider.com leonisaes.api.useinsider.com sfyapp.useinsider.com chemistwarehousenz.api.useinsider.com vivareal.api.useinsider.com gbmmx.api.useinsider.com karacaukshopify.inone.useinsider.com alvaauto.api.useinsider.com bharian.api.useinsider.com eccodenmark.api.useinsider.com mydeal.api.useinsider.com samsungsebnnl.api.useinsider.com unipin.api.useinsider.com karacahome.api.useinsider.com sms-unsubscribe.useinsider.com ineureka.api.useinsider.com canningvale.api.useinsider.com supercheapauto.api.useinsider.com oppovn.api.useinsider.com boynernew.api.useinsider.com familynetsamsungcom.api.useinsider.com petrolindustriesnl.api.useinsider.com obilet.api.useinsider.com tunetalk.inone.useinsider.com event-conversion.api.useinsider.com drconsultabr.api.useinsider.com charleskeithth.api.useinsider.com vietteltelecomprod.api.useinsider.com cronus.useinsider.com davidjonesau.api.useinsider.com savers.api.useinsider.com translations.useinsider.com panel-assets.useinsider.com mfe.useinsider.com hunkemoller.api.useinsider.com tvaztecamx.api.useinsider.com ntvsporweb.api.useinsider.com gameza.api.useinsider.com shoppingtijucabr.api.useinsider.com helvetiaitaly.api.useinsider.com hunkemollernl.api.useinsider.com makro.api.useinsider.com cottonon.api.useinsider.com watsonswine.api.useinsider.com gratis.api.useinsider.com australiscosmetics.api.useinsider.com visionexpresspl.api.useinsider.com qantasstore2021.api.useinsider.com qantaswine2021.api.useinsider.com spotlightau.api.useinsider.com inessence.api.useinsider.com ikeauae.api.useinsider.com freedomau.api.useinsider.com coles.api.useinsider.com azulmarino.api.useinsider.com avansasuk.api.useinsider.com apppark.org font.static.useinsider.com s.useinsider.com assets.api.useinsider.com bambooairways.inone.useinsider.com wp-log.api.useinsider.com webmotors.api.useinsider.com email-not-found-page.useinsider.com sprinterportugal.api.useinsider.com locationv2.api.useinsider.com euronewsfr.api.useinsider.com elcorteinglespt.api.useinsider.com cimbniagaid.api.useinsider.com laju.me mrjackbet.api.useinsider.com allabout.api.useinsider.com chubbcorpprodth.api.useinsider.com unification.useinsider.com remixbg.api.useinsider.com eavalynelt.api.useinsider.com mytelkomselprod.api.useinsider.com yukoyuko.api.useinsider.com robinsonsbankph.api.useinsider.com ingbank.gachapon.useinsider.com casetify.api.useinsider.com aryuder.api.useinsider.com devops.useinsider.com inone.devops.useinsider.com ads.useinsider.com khaleejtimes.api.useinsider.com recommendation.api.useinsider.com clarksau.api.useinsider.com messaging-router.useinsider.com j4l.api.useinsider.com koreatimescokr.api.useinsider.com vip2.nialvpn.xyz carrier.useinsider.com magrabi.inone.useinsider.com sg2.immanvpn.xyz sg1.immanvpn.xyz sg005.immanvpn.xyz buyyahoo.api.useinsider.com abacus.api.useinsider.com sg004.immanvpn.xyz mail-recommendationv2.api.useinsider.com mail.useinsider.com jejucom.api.useinsider.com eitri.api.useinsider.com sentinel.api.useinsider.com inone.useinsider.com sg11.immanvpn.xyz sg10.immanvpn.xyz ws.brotherhoodvpn.club sx2.clayxunix.xyz email.static.useinsider.com kanald.api.useinsider.com officematerevamp2019.api.useinsider.com mobile.useinsider.com location.api.useinsider.com segment.api.useinsider.com hit.api.useinsider.com log.api.useinsider.com api.useinsider.com useinsider.com image.useinsider.com calvarykids.org www.liveablelifestyles.com liveablelifestyles.com jimweinberglifestyles.com www.jimweinberglifestyles.com

Malware Detected on Host

Count: 1 a526b16c8abbbd116f0905a0e9ad359fbcec7c504599ec39d687c5957a043209

Open Ports Detected

2053 2082 2083 2086 2087 443 80 8080 8443 8880

Whois Information

• NetRange: 162.158.0.0 - 162.159.255.255
• CIDR: 162.158.0.0/15
• NetName: CLOUDFLARENET
• NetHandle: NET-162-158-0-0-1
• Parent: NET162 (NET-162-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS13335
• Organization: Cloudflare, Inc. (CLOUD14)
• RegDate: 2013-05-23
• Updated: 2024-09-04
• Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
• Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
• Ref: https://rdap.arin.net/registry/ip/162.158.0.0
• OrgName: Cloudflare, Inc.
• OrgId: CLOUD14
• Address: 101 Townsend Street
• City: San Francisco
• StateProv: CA
• PostalCode: 94107
• Country: US
• RegDate: 2010-07-09
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CLOUD14
• OrgNOCHandle: CLOUD146-ARIN
• OrgNOCName: Cloudflare-NOC
• OrgNOCPhone: +1-650-319-8930
• OrgNOCEmail: noc@cloudflare.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgAbuseHandle: ABUSE2916-ARIN
• OrgAbuseName: Abuse
• OrgAbusePhone: +1-650-319-8930
• OrgAbuseEmail: abuse@cloudflare.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
• OrgRoutingHandle: CLOUD146-ARIN
• OrgRoutingName: Cloudflare-NOC
• OrgRoutingPhone: +1-650-319-8930
• OrgRoutingEmail: noc@cloudflare.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
• OrgTechHandle: ADMIN2521-ARIN
• OrgTechName: Admin
• OrgTechPhone: +1-650-319-8930
• OrgTechEmail: rir@cloudflare.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RTechHandle: ADMIN2521-ARIN
• RTechName: Admin
• RTechPhone: +1-650-319-8930
• RTechEmail: rir@cloudflare.com
• RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
• RNOCHandle: NOC11962-ARIN
• RNOCName: NOC
• RNOCPhone: +1-650-319-8930
• RNOCEmail: noc@cloudflare.com
• RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
• RAbuseHandle: ABUSE2916-ARIN
• RAbuseName: Abuse
• RAbusePhone: +1-650-319-8930
• RAbuseEmail: abuse@cloudflare.com
• RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-23 anonymous-proxy-ip-list-2025-06-22 anonymous-proxy-ip-list-2025-06-24