IPMediumSignal 72/100

`162.144.78.141`

Location

United States

Provo, Utah

ASN

AS46606

Unified Layer

First Seen

May 9, 2026

Last Seen

Jun 2, 2026

May 9

First Seen

34d ago

Jun 2

Last Seen

10d ago

Reports

source reports

72%

Confidence

medium

Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

72%

Signal Score

72 / 100

IDS Rule

Threat Context

Network Information

Country

United States

RegionProvo, Utah

ASNAS46606

OrganizationUnified Layer

Feed Intelligence Summary

10 reports72% confidence

Source reports

72%

Confidence score

Category tags

active scanaggressive-detectionbad web botbotnet activitybrute forcebrute-forcebruteforceconnection-resetddosddos attackdigital oceanexploitexploitation activityexploited hostftp brute-forcehackingindicatornetworknorth americaphishingprotocol-probingresearchedscannerspamsshssh attacktpotunited statesusvulnerability scanvulnerability-exploitationweb app attackweb spam

Activity Timeline

1 total obs

Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, represents a significant and active threat to organizational security. With a high score of 72.31, it is strongly implicated in malicious activities, including widespread SSH bruteforcing and botnet operations, as evidenced by multiple threat intelligence feeds and recent activity detections. Its involvement in exploit attempts targeting various services underscores the severe risk of unauthorized access and potential system compromise. If lef…

Threat ScoreHigh Risk

SIGNAL

Signal Score

72%

Confidence

Reports

First seenMay 9, 2026

Last seenJun 2, 2026

GeolocationUS

CountryUnited States

LocationProvo, Utah

ASNAS46606

OrgUnified Layer

Coords40.2338, -111.6586

VirusTotal

Not checked

WHOIS

description: Score: 100/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:ddos, abuseipdb:exploited-host, abuseipdb:ftp-brute, abuseipdb:hacking. Attacker IP 162.144.78.141 observed using SSH client fingerprint 'Unknown SSH Client (d27c75dad3e9)' 2 times when connecting to db1lapetro between 2026-05-25 04:04 and 2026-05-25 04:04 UTC.
raw: NetRange: 162.144.0.0 - 162.144.255.255 CIDR: 162.144.0.0/16 NetName: UNIFIEDLAYER-NETWORK-14 NetHandle: NET-162-144-0-0-1 Parent: NET162 (NET-162-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Unified Layer (BLUEH-2) RegDate: 2013-03-01 Updated: 2026-04-27 Comment: OCITOKEN::162.144.244.0/22:4c31d7cc480c3faa5a6b9ce9c1424ade8679daf13f2a56e72a1a72dd088ca4bd Comment: OCITOKEN::162.144.16.0/23:807b3fec3cf47e4cdd5da63cd5618706abe5c76880e5ff05e914b7a32470c9b3 Comment: OCITOKEN::162.144.22.0/23:2222c46ff831716305e973b3ca5b69650fef041cd144c0c0efc1d1b6754bed54 Comment: OCITOKEN::162.144.24.0/22:39942887b658c6ef416fdcfb0b34f3ae3473c1cdf2e433c1c40787505be2937e Comment: OCITOKEN::162.144.28.0/23:a192e89c789e2510484e702cbc3764900112d77a6b39ef778534b7b7a0b79990 Comment: OCITOKEN::162.144.176.0/22:5a94ca20d91432bd045ad0852c438f718e274f1079dc21cd0dcb0966031bd63e Comment: OCITOKEN::162.144.182.0/23:f94c41709357f137e78efc6472ca5af3bf1d8aa9ae753b736ebe161f6873765d Comment: OCITOKEN::162.144.188.0/23:6c8649b5e0c681e318914aa16925005cecf30b643c65f012e41aca17ea639496 Comment: OCITOKEN::162.144.232.0/21:3ad94b94a863aa87c4839bd037046a81deedecf2b1a2bc4480dd8d1659c270f8 Comment: OCITOKEN::162.144.0.0/21:a8fda732ca34526c6d58392e30a6c8064454cc8cc8a3047077decd62f906a0a8 Comment: OCITOKEN::162.144.12.0/22:cffc8e06291d331219b6c8a3417d9464f7aa7d43c4392c24ce3547f28fd82544 Comment: OCITOKEN::162.144.18.0/23:95475d060560720e43052bc4aa958af352f02cc4bf42a50ef52cf46f92b9ae95 Comment: OCITOKEN::162.144.20.0/23:2f4ce41bc78141da66d82743c13cfc94e05cd5b8ef2252c44ac0f97e60f7e5d0 Comment: OCITOKEN::162.144.184.0/22:d3084807f99aa056a1640a3892c03e39588d29b57e8cbc2e36520348b29ce6b0 Comment: OCITOKEN::162.144.248.0/21:25f8019e1a10c00d183e5fb2570b207140177ecd87783dc8aee4edf3b654aa2c Ref: https://rdap.arin.net/registry/ip/162.144.0.0 OrgName: Unified Layer OrgId: BLUEH-2 Address: 1958 South 950 East City: Provo StateProv: UT PostalCode: 84606 Country: US RegDate: 2006-08-08 Updated: 2025-07-24 Ref: https://rdap.arin.net/registry/entity/BLUEH-2 ReferralServer: rwhois://rwhois.unifiedlayer.com:4321 OrgTechHandle: ENO74-ARIN OrgTechName: EIG Network Operations OrgTechPhone: +1-877-659-6181 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN OrgAbuseHandle: EIGAB1-ARIN OrgAbuseName: EIG-Abuse Mitigation OrgAbusePhone: +1-877-659-6181 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/EIGAB1-ARIN OrgNOCHandle: ENO74-ARIN OrgNOCName: EIG Network Operations OrgNOCPhone: +1-877-659-6181 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN OrgAbuseHandle: NOC2320-ARIN OrgAbuseName: Network Operations Center OrgAbusePhone: +1-801-765-9400 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC2320-ARIN

`162.144.78.141`

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy