162.241.2.20 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 162.241.2.20 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: hphosts_emd, hphosts_fsa, hphosts_psh

• Country: United States
• Network: AS46606 unified layer
• Noticed: 1 times
• Protocols Attacked: SSH

Malware Detected on Host

Count: 10 d1dbf824a19cbb65b94b987724594711db3c074e82f62d6619bf95f225c110a4 c12e85c7b688270b94275c90d0449b321af6ddf5b94fc88d3080b1b9306fbeb1 ad9e5b59ed2bd8f0bea18940c3238e615a2266a9828e66b690f71a484161e303 dac2883a8f3e6b14cd40b4fdc2971bae4ff398a3755c4c0e52a9ee5cb7a38d2a 8e087c7f98dd768f12c2aec81c748af2722971fd19b2487ef80550342f428dd6 8bcda20cb08a22ac69c955d031d834bb523ce1f5f236d937b13d367fc4abf492 2b75ad83de77a09c76dd35dd9a8a5e8a2be59ad8e51da07a3eb9dafc062f5d54 b70e3c871b611f1aadd71b767c0b1dff9788742f5e15bac656734153dbda1c89 4d54854b04cdabb77fc3644bd9cf1e9b2797ba6042df689a8429cd21f2c5b54d d80067e00e6b6807beeba5e65c321c4d239e7dc2c8f36c17e9d2af39f6aaf101

Open Ports Detected

110 143 2082 2083 2086 2087 21 22 2222 26 3306 443 53 587 80 993 995

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

• NetRange: 162.240.0.0 - 162.241.255.255
• CIDR: 162.240.0.0/15
• NetName: UNIFIEDLAYER-NETWORK-16
• NetHandle: NET-162-240-0-0-1
• Parent: NET162 (NET-162-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS46606
• Organization: Unified Layer (BLUEH-2)
• RegDate: 2013-08-22
• Updated: 2013-08-22
• Ref: https://rdap.arin.net/registry/ip/162.240.0.0
• OrgName: Unified Layer
• OrgId: BLUEH-2
• Address: 1958 South 950 East
• City: Provo
• StateProv: UT
• PostalCode: 84606
• Country: US
• RegDate: 2006-08-08
• Updated: 2020-01-31
• Ref: https://rdap.arin.net/registry/entity/BLUEH-2
• OrgTechHandle: ENO74-ARIN
• OrgTechName: EIG Network Operations
• OrgTechPhone: +1-781-852-3200
• OrgTechEmail: eig-noc@endurance.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
• OrgNOCHandle: ENO74-ARIN
• OrgNOCName: EIG Network Operations
• OrgNOCPhone: +1-781-852-3200
• OrgNOCEmail: eig-noc@endurance.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
• OrgAbuseHandle: NOC2320-ARIN
• OrgAbuseName: Network Operations Center
• OrgAbusePhone: +1-801-765-9400
• OrgAbuseEmail: abuse@bluehost.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC2320-ARIN
• network:Class-Name:network
• network:ID: NETBLK-UL.162.240.0.0/15
• network:Auth-Area: 162.240.0.0/15
• network:Network-Name: UL-162.240.0.0/15
• network:IP-Network: 162.240.0.0/15
• network:Organization: Unified Layer
• network:Tech-Contact: netops@unifiedlayer.com
• network:Admin-Contact: netops@unifiedlayer.com
• network:Abuse-Contact: abuse@unifiedlayer.com
• network:Created: 20121119
• network:Updated: 20121119
• network:Updated-By: netops@unifiedlayer.com

Links to attack logs

****** ****** ******