50.115.18.137 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 50.115.18.137 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: hphosts_emd

• Country: United States
• Network: AS53861 kgix
• Noticed: 1 times
• Protcols Attacked: SSH

Malware Detected on Host

Count: 7 8cbed69679c775caf3065e2d07e1e8f9bb3dbbed0a1a27a28bb088817b9f1f07 8c3c0d94c08e632dd4722bcff03d497ef9cab8ba237a5aa47b7be3275fb0e215 35818ef0aeeb9eb148e2fab5c33d50edd7383f16ed8c1eaef2b3273caa37442b 36305067983bac156ad89780a6163a4a8939f33421778062ca8e54db01df84bb c8d0db2eb9ed470c66c5d5cefae3ce4aa7ab87f6820847768e58eb21f3fd4a82 9bf8a15e2cb2ee23ef253098c0654ba6d7d3a7697c56dfa643834c1b6d75670c 0428f34397a1c4f1206535f250c68f1dfe2d5d45a4c39f2b768b3244628894b6

Open Ports Detected

110 2077 2082 2083 2086 2087 443 465 80

Map

Whois Information

• NetRange: 50.115.16.0 - 50.115.31.255
• CIDR: 50.115.16.0/20
• NetName: KGIX-IPV4-NET1
• NetHandle: NET-50-115-16-0-1
• Parent: NET50 (NET-50-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS53861
• Organization: KGIX (KL)
• RegDate: 2011-09-07
• Updated: 2015-07-02
• Comment: Standard NOC hours are 7am to 5pm EST
• Ref: https://rdap.arin.net/registry/ip/50.115.16.0
• OrgName: KGIX
• OrgId: KL
• Address: 3902 Henderson Blvd
• City: Tampa
• StateProv: FL
• PostalCode: 33629
• Country: US
• RegDate: 2011-02-23
• Updated: 2017-01-28
• Comment: Standard NOC hours are 7am to 5pm EST
• Ref: https://rdap.arin.net/registry/entity/KL
• OrgAbuseHandle: ABUSE2925-ARIN
• OrgAbuseName: Abuse Team
• OrgAbusePhone: +1-813-441-0407
• OrgAbuseEmail: abuse@kgix.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2925-ARIN
• OrgNOCHandle: NETWO1234-ARIN
• OrgNOCName: Network Administration
• OrgNOCPhone: +1-813-441-0407
• OrgNOCEmail: netadmin@kgix.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO1234-ARIN
• OrgTechHandle: NETWO4207-ARIN
• OrgTechName: Network Operations
• OrgTechPhone: +1-813-441-0407
• OrgTechEmail: netops@kgix.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NETWO4207-ARIN

Links to attack logs

****** ****** ******