50.62.172.157 Threat Intelligence and Host Information

Dec 28, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 50.62.172.157 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

View other sources: Spamhaus VirusTotal
Contained within other IP sets: hphosts_emd, hphosts_fsa, hphosts_psh

Country: United States
Network: AS398101 godaddy.com llc
Noticed: 1 times
Protcols Attacked: SSH

Malware Detected on Host

Count: 15 b27f1957eb2774f296aa516bed876be72d555dc9c1dc165d82c8226e03afbdfa 21c1675b8c302114b9bbdbd6e94f43d0980151c00d20485af0063f799b51cb4d 4e8236f39ea9d2fba1f4d25a4fa43774733155d935c76e1d9265b1879d75bdcc b01b63d689f1eb5586212e4d48597b580b79b06c92a99f7457b57e0976d4f55d 9ca0d85b8a82f5d206b6fe79803a66ce047ef5d6c784e135c8d24ce0d9d62f40 8917ba66972892a3b1ec33a24242f30f69462516cc35f52f868d600dc9484cfd 1b3459a5147080a6c288240f5e7c03d351b58ddff4b05ef78598bc251cbacc09 7f2d24af903b07c7074740e3287dc23118928a4c1ac5a1ce6e335674d4bbea22 9e04e23c9dd3c1968949a4108df2ef8b32435c511caf197ce07285f876ae4e43 8699505ddc94571b0c5ac84363dd7acca893574041f222b7a2fe9637e15d9362

Open Ports Detected

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-51384 CVE-2023-51385

Whois Information

NetRange: 50.62.0.0 - 50.63.255.255
CIDR: 50.62.0.0/15
NetName: GO-DADDY-COM-LLC
NetHandle: NET-50-62-0-0-1
Parent: NET50 (NET-50-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS26496
Organization: GoDaddy.com, LLC (GODAD)
RegDate: 2011-02-02
Updated: 2014-02-25
Comment: Please send abuse complaints to abuse@godaddy.com
Ref: https://rdap.arin.net/registry/ip/50.62.0.0
OrgName: GoDaddy.com, LLC
OrgId: GODAD
Address: 2155 E GoDaddy Way
City: Tempe
StateProv: AZ
PostalCode: 85284
Country: US
RegDate: 2007-06-01
Updated: 2023-12-19
Comment: Please send abuse complaints to abuse@godaddy.com
Ref: https://rdap.arin.net/registry/entity/GODAD
OrgAbuseHandle: ABUSE51-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-480-624-2505
OrgAbuseEmail: abuse@godaddy.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
OrgNOCHandle: NOC124-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-480-505-8809
OrgNOCEmail: noc@godaddy.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
OrgTechHandle: NOC124-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-480-505-8809
OrgTechEmail: noc@godaddy.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
RTechHandle: NOC124-ARIN
RTechName: Network Operations Center
RTechPhone: +1-480-505-8809
RTechEmail: noc@godaddy.com
RTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
RAbuseHandle: ABUSE51-ARIN
RAbuseName: Abuse Department
RAbusePhone: +1-480-624-2505
RAbuseEmail: abuse@godaddy.com
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
RNOCHandle: NOC124-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-480-505-8809
RNOCEmail: noc@godaddy.com
RNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN

Links to attack logs

****** ****** ******

Share on: