162.159.242.11 Threat Intelligence and Host Information

Share on:

General

This page contains threat intelligence information for the IPv4 address 162.159.242.11 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country:
  • Network: AS13335 cloudflare
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Passive DNS Results: www.benstore.com.ph scredir3.com api.netzkino.de.simplecache.net www.stardate.org m.dropcanvas.com instancehive.blackcat.ca static1.wattzon.com app.wattzon.com edenstone.net livelyhost.net fakeposters.com www.swimbee.nl skin.oddbins.com media.oddbins.com js.oddbins.com www.oddbins.com obviouslybored.com swimbee.nl www.coolpix.us 4223.com patrickaudley.com www.4223.com pubmain.coolpix.us gafaa.com www.gafaa.com colournation.com www.themeum.com coolpix.us www.fakeposters.com www.costockage.fr h.dropcanvas.com www.edenstone.net media.fakeposters.com blackcat.ca www.wattzon.com www.dropcanvas.com blog.costockage.fr www.colournation.com brenda.blackcat.ca stardate.org labs.openviewpartners.com dropcanvas.com s.dropcanvas.com

Malware Detected on Host

Count: 27 a2d3ae4d5b6a123b961e7153dbf6a7e5ebfd6d1774312f88d36d385d63f2cb69 3d227d72ad9adf03e658cfa507a5d66ddee57142bd57bb52023e1be9da4efa27 8c70911c91a25e964f0a71f88cf5b6529157e58d46629be7a87e764007f3abce 12fd351a5c8876955896d64b72880a2d89d539e59ba04fb27458bda5a4621d4d 94eb5583ed0e497bf0546850947d12449b0ef020d4e9edca2d0e0b99269e8705 6aeaafc54cc3078cf926a54f7b00b6b13935d6de1fc14bae4e9be05ff90ba1f4 946704fb46719acd150fd37d9384571f4788af7c1725b1e5341842808b63a84f de4194647b000b7556d77cf3e88fb865e7c71bc798a673290d8e7861d47a0cde 25a65526a84ac57af90267b62c6c41921106c9098e7099e4fc2c1ca31ea0b402 e3fc852c1e4e12c84276533f2f47fd2c9a1bbb872072c2be6fe6ee13a5d54e4b

Open Ports Detected

2053 2082 2083 2086 2087 2095 443 80 8080 8880

Map

Whois Information

  • NetRange: 162.158.0.0 - 162.159.255.255
  • CIDR: 162.158.0.0/15
  • NetName: CLOUDFLARENET
  • NetHandle: NET-162-158-0-0-1
  • Parent: NET162 (NET-162-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS13335
  • Organization: Cloudflare, Inc. (CLOUD14)
  • RegDate: 2013-05-23
  • Updated: 2021-05-26
  • Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
  • Ref: https://rdap.arin.net/registry/ip/162.158.0.0
  • OrgName: Cloudflare, Inc.
  • OrgId: CLOUD14
  • Address: 101 Townsend Street
  • City: San Francisco
  • StateProv: CA
  • PostalCode: 94107
  • Country: US
  • RegDate: 2010-07-09
  • Updated: 2021-07-01
  • Ref: https://rdap.arin.net/registry/entity/CLOUD14
  • OrgRoutingHandle: CLOUD146-ARIN
  • OrgRoutingName: Cloudflare-NOC
  • OrgRoutingPhone: +1-650-319-8930
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgTechHandle: ADMIN2521-ARIN
  • OrgTechName: Admin
  • OrgTechPhone: +1-650-319-8930
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN
  • OrgNOCHandle: CLOUD146-ARIN
  • OrgNOCName: Cloudflare-NOC
  • OrgNOCPhone: +1-650-319-8930
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/CLOUD146-ARIN
  • OrgAbuseHandle: ABUSE2916-ARIN
  • OrgAbuseName: Abuse
  • OrgAbusePhone: +1-650-319-8930
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • RAbuseHandle: ABUSE2916-ARIN
  • RAbuseName: Abuse
  • RAbusePhone: +1-650-319-8930
  • RAbuseEmail: [email protected]
  • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2916-ARIN
  • RNOCHandle: NOC11962-ARIN
  • RNOCName: NOC
  • RNOCPhone: +1-650-319-8930
  • RNOCEmail: [email protected]
  • RNOCRef: https://rdap.arin.net/registry/entity/NOC11962-ARIN
  • RTechHandle: ADMIN2521-ARIN
  • RTechName: Admin
  • RTechPhone: +1-650-319-8930
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/ADMIN2521-ARIN

Links to attack logs

anonymous-proxy-ip-list-2023-06-28 anonymous-proxy-ip-list-2023-06-29 anonymous-proxy-ip-list-2023-06-30 anonymous-proxy-ip-list-2023-07-09 anonymous-proxy-ip-list-2023-06-22 anonymous-proxy-ip-list-2023-07-02 anonymous-proxy-ip-list-2023-07-03