162.214.124.51 Threat Intelligence and Host Information

Share on:
Jul 24, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 162.214.124.51 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: Nextray, cyber security, ioc, malicious, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network: AS46606 unified layer
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: sabres.promoaddict.shop www.sabres.promoaddict.shop terrypalooza.promoaddict.shop www.terrypalooza.promoaddict.shop www.ekota.promoaddict.shop ekota.promoaddict.shop jerryforbes.promoaddict.shop www.jerryforbes.promoaddict.shop pmeseasonal.promoaddict.shop www.pmeseasonal.promoaddict.shop oneproperties.promoaddict.shop www.oneproperties.promoaddict.shop www.christmas.promoaddict.shop christmas.promoaddict.shop local.promoaddict.shop horizon.promoaddict.shop www.horizon.promoaddict.shop gibbonsfire.promoaddict.shop www.gibbonsfire.promoaddict.shop www.u11aaprovincialsteir4.promoaddict.shop u11aaprovincialsteir4.promoaddict.shop aaprovincials.promoaddict.shop www.aaprovincials.promoaddict.shop tuscany.promoaddict.shop www.tuscany.promoaddict.shop yardstick.promoaddict.shop www.yardstick.promoaddict.shop www.canderel.promoaddict.shop canderel.promoaddict.shop www.yonedas.com www.cardinals.promoaddict.shop cardinals.promoaddict.shop www.saltocoach.promoaddict.shop saltocoach.promoaddict.shop rally.promoaddict.shop www.rally.promoaddict.shop hrm.promoaddict.shop www.hrm.promoaddict.shop www.cobras.promoaddict.shop cobras.promoaddict.shop yonedas.com naitsa.promoaddict.shop www.naitsa.promoaddict.shop www.littlepotatowear.com littlepotatowear.com www.local.promoaddict.shop safety.littlepotatowear.com www.safety.littlepotatowear.com www.mail.mail.birddesign.ca www.mail.mail.lyconsulting.ca innovatorindustrial.promoaddict.shop www.innovatorindustrial.promoaddict.shop www.bagbeaver.com bagbeaver.com www.strathconacreative.promoaddict.shop strathconacreative.promoaddict.shop kag.promoaddict.shop www.kag.promoaddict.shop aimco.promoaddict.shop www.aimco.promoaddict.shop victoriagolf.promoaddict.shop www.victoriagolf.promoaddict.shop www.holidayshop.promoaddict.shop holidayshop.promoaddict.shop www.sgc.promoaddict.shop sgc.promoaddict.shop wasteconnections.promoaddict.shop www.wasteconnections.promoaddict.shop products.promoaddict.shop www.products.promoaddict.shop ncsg.promoaddict.shop www.ncsg.promoaddict.shop www.birddesign.ca birddesign.ca www.lyconsulting.ca youneedabbq.com www.youneedabbq.com covid19.promoaddict.shop www.covid19.promoaddict.shop www.stayhome.promoaddict.shop stayhome.promoaddict.shop morrisonhomes.promoaddict.shop www.morrisonhomes.promoaddict.shop shipping.promoaddict.shop www.shipping.promoaddict.shop stay-home.promoaddict.shop www.stay-home.promoaddict.shop lyconsulting.ca www.salto-mag.promoaddict.shop salto-mag.promoaddict.shop eomasks.promoaddict.shop www.eomasks.promoaddict.shop bbq.promoaddict.shop www.bbq.promoaddict.shop vegas2020.promoaddict.shop www.vegas2020.promoaddict.shop salto.promoaddict.shop www.salto.promoaddict.shop academyofgymnastics.promoaddict.shop www.academyofgymnastics.promoaddict.shop www.homewardhound.promoaddict.shop homewardhound.promoaddict.shop www.brittlestore.promoaddict.shop brittlestore.promoaddict.shop www.internationalsos.promoaddict.shop internationalsos.promoaddict.shop fluordriver.promoaddict.shop www.fluordriver.promoaddict.shop eotb.promoaddict.shop www.eotb.promoaddict.shop www.spccmasks.promoaddict.shop spccmasks.promoaddict.shop sklocalwaste.promoaddict.shop www.sklocalwaste.promoaddict.shop highlands.promoaddict.shop www.highlands.promoaddict.shop bee-clean.promoaddict.shop www.bee-clean.promoaddict.shop www.promoaddict.shop promoaddict.shop www.thepromoaddict.ca thepromoaddict.ca saltomasks.promoaddict.shop www.saltomasks.promoaddict.shop www.ats.promoaddict.shop ats.promoaddict.shop www.blanks.promoaddict.shop blanks.promoaddict.shop unit23.promoaddict.shop www.unit23.promoaddict.shop admin.akv.ehx.mybluehostin.me infycletechnologies.com fortunebrandcare.com app.akv.ehx.mybluehostin.me www.app.akv.ehx.mybluehostin.me murugappanannamalai.com www.admin.akv.ehx.mybluehostin.me akv.ehx.mybluehostin.me testashwinvpsjuly22.com

Open Ports Detected

110 111 143 2077 2079 2082 2083 2086 2087 2095 2096 21 22 3306 443 465 53 587 80 993 995

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617

Map

Whois Information

  • NetRange: 162.214.0.0 - 162.215.255.255
  • CIDR: 162.214.0.0/15
  • NetName: UNIFIEDLAYER-NETWORK-15
  • NetHandle: NET-162-214-0-0-1
  • Parent: NET162 (NET-162-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS46606
  • Organization: Unified Layer (BLUEH-2)
  • RegDate: 2013-05-22
  • Updated: 2013-12-19
  • Comment: This space is statically assigned.
  • Comment:
  • Comment: —–BEGIN CERTIFICATE—–MIIDjjCCAnYCCQDwxS01pbJjyDANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVUMQ4wDAYDVQQHDAVQcm92bzEMMAoGA1UECgwDRUlHMQ8wDQYDVQQLDAZOZXRvcHMxEjAQBgNVBAMMCWF3c19ieW9pcDEpMCcGCSqGSIb3DQEJARYaZWlnLW5ldC10ZWFtQGVuZHVyYW5jZS5jb20wHhcNMTgxMTEyMTg1ODAwWhcNMjgxMTA5MTg1ODAwWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVUMQ4wDAYDVQQHDAVQcm92bzEMMAoGA1UECgwDRUlHMQ8wDQYDVQQLDAZOZXRvcHMxEjAQBgNVBAMMCWF3c19ieW9pcDEpMCcGCSqGSIb3DQEJARYaZWlnLW5ldC10ZWFtQGVuZHVyYW5jZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhYkPGFYv/471uwfSNRUiGwx1WiF7iM0GYbmwHBY7KAOruObkhZrgVUwFXVVlZZED1BPxigOsgGdUVQ01BYBTxcBCaxim9hnJW3dVROdZg4HS0zuHnntveWfhkalBeGJGPhsdyE7zULg8jf+18I9fRtG32Qmm6E35CuDp9HwKrHlhgqIYIQ9JQiUykkdwfgWr4ho1JSP4pl/79WFgrv+0Hw7Ml0E2ZoTLIkgacr+9kLxmg82q+xWegYmcfPRC/Eh+g5Ln4mYkyzyLlTSyuHNnGI0wi3QYUX3ITBoPeex1ly5rPxYA3KM+4boKcxFR1DGS0RU+jzZnhKbxVw6YP5VpPAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAMGzeUx283P9ophMPjguepuCn+vWl+ZLh0qjCneT6vS29/COAaR97obMfpnI4XPIbdj8Jch3M10q1yvjptzkeRcSN2MXCiC6QiNG7D4yeUu+dlQz3o9vBAp8asfG/jfU7qx2wxRLkf8vi1q+v52Z5jPpnUAZ1au6urhbSTpE/VLDGcBPxVIQQeohbzJvT/0WRbUVPojZ9ixKX7lI93V79na74AOD1d5/4PzW5myxQjNZpThR/mBG7C0c9sdI04/fxDAY7XTlwHxwaTxslZYhUtEIyqztIo80P7LGdhuKNBVbPP2rvrf2z7K78gsCMnLfAtUtM4Cv62k5H/4uE7WBwKI=—–END CERTIFICATE—–
  • Ref: https://rdap.arin.net/registry/ip/162.214.0.0
  • OrgName: Unified Layer
  • OrgId: BLUEH-2
  • Address: 1958 South 950 East
  • City: Provo
  • StateProv: UT
  • PostalCode: 84606
  • Country: US
  • RegDate: 2006-08-08
  • Updated: 2020-01-31
  • Ref: https://rdap.arin.net/registry/entity/BLUEH-2
  • OrgAbuseHandle: NOC2320-ARIN
  • OrgAbuseName: Network Operations Center
  • OrgAbusePhone: +1-801-765-9400
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC2320-ARIN
  • OrgTechHandle: ENO74-ARIN
  • OrgTechName: EIG Network Operations
  • OrgTechPhone: +1-877-659-6181
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
  • OrgNOCHandle: ENO74-ARIN
  • OrgNOCName: EIG Network Operations
  • OrgNOCPhone: +1-877-659-6181
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN

Links to attack logs

bruteforce-ip-list-2020-12-16