162.214.80.15 Threat Intelligence and Host Information

Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 162.214.80.15 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • JARM: 29d29d00029d29d00042d42d0000000a5f02847ec7d262f8dcbfaa6508ecf9

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network: AS46606 unified layer
  • Noticed: 29 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 13 a814b0dfc5f6c9782a5642ea2605bbf8ec0c9b483eac3933aca7beea45689aca 8f58dc6fe28ed6bb02272151e610480fff2952e35627b841d2e5975397df6e5d 7c6260b2545793bd6cda1192e9476eccebad9ddae35db5398d7c42c062587b0b f8612ea8ab764a3d09157a9b90dc418ec2a7b8af22b29ce63d375896f9ec9a28 5a116045f9e40be64ae46a63626844ed4dcc5a921485b681ebdbd217664e1342 93f5fb7632c1a4747b9542f88167448fd8d88790880a7041ef60a4e0617ee9d2 9f58da9a331da1b762238f8575744c4ce31c3d6df9ea451080a7c22aca205972 3aa4af0201ef7ce1d8ff45e1bf08b47ec3b1c9039e060a12ccd428a779b1989f 795d4a4c98181143e0be699aed6fbb6e22ae91b26c8d077345e824d2e567b7e5 70eb3857b235b6374a891d8d2136506b52e660ed1339921b913af29a0be6e9dc

Open Ports Detected

110 143 2082 2083 2086 2087 21 22 2222 26 3306 443 465 53 80 993 995

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

  • NetRange: 162.214.0.0 - 162.215.255.255
  • CIDR: 162.214.0.0/15
  • NetName: UNIFIEDLAYER-NETWORK-15
  • NetHandle: NET-162-214-0-0-1
  • Parent: NET162 (NET-162-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS46606
  • Organization: Unified Layer (BLUEH-2)
  • RegDate: 2013-05-22
  • Updated: 2013-12-19
  • Comment: This space is statically assigned.
  • Comment:
  • Comment: —–BEGIN CERTIFICATE—–MIIDjjCCAnYCCQDwxS01pbJjyDANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVUMQ4wDAYDVQQHDAVQcm92bzEMMAoGA1UECgwDRUlHMQ8wDQYDVQQLDAZOZXRvcHMxEjAQBgNVBAMMCWF3c19ieW9pcDEpMCcGCSqGSIb3DQEJARYaZWlnLW5ldC10ZWFtQGVuZHVyYW5jZS5jb20wHhcNMTgxMTEyMTg1ODAwWhcNMjgxMTA5MTg1ODAwWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVUMQ4wDAYDVQQHDAVQcm92bzEMMAoGA1UECgwDRUlHMQ8wDQYDVQQLDAZOZXRvcHMxEjAQBgNVBAMMCWF3c19ieW9pcDEpMCcGCSqGSIb3DQEJARYaZWlnLW5ldC10ZWFtQGVuZHVyYW5jZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhYkPGFYv/471uwfSNRUiGwx1WiF7iM0GYbmwHBY7KAOruObkhZrgVUwFXVVlZZED1BPxigOsgGdUVQ01BYBTxcBCaxim9hnJW3dVROdZg4HS0zuHnntveWfhkalBeGJGPhsdyE7zULg8jf+18I9fRtG32Qmm6E35CuDp9HwKrHlhgqIYIQ9JQiUykkdwfgWr4ho1JSP4pl/79WFgrv+0Hw7Ml0E2ZoTLIkgacr+9kLxmg82q+xWegYmcfPRC/Eh+g5Ln4mYkyzyLlTSyuHNnGI0wi3QYUX3ITBoPeex1ly5rPxYA3KM+4boKcxFR1DGS0RU+jzZnhKbxVw6YP5VpPAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAMGzeUx283P9ophMPjguepuCn+vWl+ZLh0qjCneT6vS29/COAaR97obMfpnI4XPIbdj8Jch3M10q1yvjptzkeRcSN2MXCiC6QiNG7D4yeUu+dlQz3o9vBAp8asfG/jfU7qx2wxRLkf8vi1q+v52Z5jPpnUAZ1au6urhbSTpE/VLDGcBPxVIQQeohbzJvT/0WRbUVPojZ9ixKX7lI93V79na74AOD1d5/4PzW5myxQjNZpThR/mBG7C0c9sdI04/fxDAY7XTlwHxwaTxslZYhUtEIyqztIo80P7LGdhuKNBVbPP2rvrf2z7K78gsCMnLfAtUtM4Cv62k5H/4uE7WBwKI=—–END CERTIFICATE—–
  • Ref: https://rdap.arin.net/registry/ip/162.214.0.0
  • OrgName: Unified Layer
  • OrgId: BLUEH-2
  • Address: 1958 South 950 East
  • City: Provo
  • StateProv: UT
  • PostalCode: 84606
  • Country: US
  • RegDate: 2006-08-08
  • Updated: 2020-01-31
  • Ref: https://rdap.arin.net/registry/entity/BLUEH-2
  • OrgTechHandle: ENO74-ARIN
  • OrgTechName: EIG Network Operations
  • OrgTechPhone: +1-781-852-3200
  • OrgTechEmail: eig-noc@endurance.com
  • OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
  • OrgNOCHandle: ENO74-ARIN
  • OrgNOCName: EIG Network Operations
  • OrgNOCPhone: +1-781-852-3200
  • OrgNOCEmail: eig-noc@endurance.com
  • OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
  • OrgAbuseHandle: NOC2320-ARIN
  • OrgAbuseName: Network Operations Center
  • OrgAbusePhone: +1-801-765-9400
  • OrgAbuseEmail: abuse@bluehost.com
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC2320-ARIN
  • network:Class-Name:network
  • network:ID: NETBLK-UL.162.214.0.0/15
  • network:Auth-Area: 162.214.0.0/15
  • network:Network-Name: UL-162.214.0.0/15
  • network:IP-Network: 162.214.0.0/15
  • network:Organization: Unified Layer
  • network:Tech-Contact: netops@unifiedlayer.com
  • network:Admin-Contact: netops@unifiedlayer.com
  • network:Abuse-Contact: abuse@unifiedlayer.com
  • network:Created: 20121119
  • network:Updated: 20121119
  • network:Updated-By: netops@unifiedlayer.com

Links to attack logs

****** ****** ******

Share on: