162.241.24.140 Threat Intelligence and Host Information

Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 162.241.24.140 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

JARM: 29d29d00029d29d00042d42d0000000a5f02847ec7d262f8dcbfaa6508ecf9
View other sources: Spamhaus VirusTotal
Contained within other IP sets: hphosts_fsa

Country: United States
Network: AS46606 unified layer
Noticed: 1 times
Protocols Attacked: SSH

Malware Detected on Host

Count: 39 f141cbbccea6b6d8a2d875ba6f12e65bd85532c22fe51d149cda6237a1f4e625 fdaeef5a0e7ad9d59b55e99a22e36ed0755dcd68cf7fd10f6c4d03f4ec397b1a abf2993e8546be21da5b804c172aa40fa3ece5fa286a48d6cf8496442fe55e5a 64e988d0c0a51778feacc15b0146eddf41ef1525bfaf6131bb967e950b1478eb ef9323e9090bfc9cc48886781a4dc6710ec04734dc91f26be275544dff81181c 9b032a0e6204ba105a6931191629e41d4035628a14b8140f2a3b8aba7a6beaa1 457a5208dd4b4109560de6b32f6e36a3cc22d2aa0ac2eec4461a0ea2df27141f 2c5cf2a158604fda7c2635c46af3d482a4415bc10eb98e94b43075a8739d12fb 8c3ac7e1785e97cab241654ca9a7b9ab91357be2843398a00e0129cd25cb01fc 25f3ff2d28e5bbae5008814e68ad6f3556b028490d48c7489a80054d7ac948ef

Open Ports Detected

110 143 2082 2083 2086 2087 2095 21 22 2222 26 3306 443 465 53 5432 80 993 995

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

NetRange: 162.240.0.0 - 162.241.255.255
CIDR: 162.240.0.0/15
NetName: UNIFIEDLAYER-NETWORK-16
NetHandle: NET-162-240-0-0-1
Parent: NET162 (NET-162-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS46606
Organization: Unified Layer (BLUEH-2)
RegDate: 2013-08-22
Updated: 2013-08-22
Ref: https://rdap.arin.net/registry/ip/162.240.0.0
OrgName: Unified Layer
OrgId: BLUEH-2
Address: 1958 South 950 East
City: Provo
StateProv: UT
PostalCode: 84606
Country: US
RegDate: 2006-08-08
Updated: 2020-01-31
Ref: https://rdap.arin.net/registry/entity/BLUEH-2
OrgNOCHandle: ENO74-ARIN
OrgNOCName: EIG Network Operations
OrgNOCPhone: +1-877-659-6181
OrgNOCEmail: eig-net-team@endurance.com
OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
OrgAbuseHandle: NOC2320-ARIN
OrgAbuseName: Network Operations Center
OrgAbusePhone: +1-801-765-9400
OrgAbuseEmail: abuse@bluehost.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC2320-ARIN
OrgTechHandle: ENO74-ARIN
OrgTechName: EIG Network Operations
OrgTechPhone: +1-877-659-6181
OrgTechEmail: eig-net-team@endurance.com
OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN
network:Class-Name:network
network:ID: NETBLK-UL.162.240.0.0/15
network:Auth-Area: 162.240.0.0/15
network:Network-Name: UL-162.240.0.0/15
network:IP-Network: 162.240.0.0/15
network:Organization: Unified Layer
network:Tech-Contact: netops@unifiedlayer.com
network:Admin-Contact: netops@unifiedlayer.com
network:Abuse-Contact: abuse@unifiedlayer.com
network:Created: 20121119
network:Updated: 20121119
network:Updated-By: netops@unifiedlayer.com

Links to attack logs

****** ****** ******

Share on: