IOC Radar
IPHighVerifiedSignal 46/100

162.214.152.27

Location
United StatesUnited States
Provo, Utah
ASN
AS46606
Unified Layer
First Seen
May 16, 2023
Last Seen
Apr 24, 2026
May 16
First Seen
1125d ago
Apr 24
Last Seen
51d ago
5
Reports
source reports
46%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

4 techniques

Network Information

CountryUSUnited States
RegionProvo, Utah
ASNAS46606
OrganizationUnified Layer

Feed Intelligence Summary

5 reports46% confidence
5
Source reports
46%
Confidence score
Category tags
asiachinaeuropefedexindicatorm365metamoneynetworknorth americaphish_pdf_macler_aslphish_url_evasiveqrfrompdf_fresearchedsellingt1192t1204.001t1204.002t1566united kingdomunited statesview-doc

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, signals a potential moderate threat to the organization, primarily associated with phishing and initial access attempts. Its detection suggests that adversaries may be leveraging this infrastructure to host malicious content, serve phishing pages, or act as a command-and-control (C2) endpoint. If this IOC is contacted by organizational assets, it could lead to severe consequences, including credential compromise, malware execution, or a broade…

Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
5
Reports
First seenMay 16, 2023
Last seenApr 24, 2026
Verified IOC
GeolocationUS
CountryUnited States
LocationProvo, Utah
ASNAS46606
OrgUnified Layer
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
CC=US ASN=AS46606 unified layer
raw
NetRange: 162.214.0.0 - 162.215.255.255 CIDR: 162.214.0.0/15 NetName: UNIFIEDLAYER-NETWORK-15 NetHandle: NET-162-214-0-0-1 Parent: NET162 (NET-162-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Unified Layer (BLUEH-2) RegDate: 2013-05-22 Updated: 2025-12-12 Comment: This space is statically assigned. Comment: Comment: -----BEGIN CERTIFICATE-----MIIDjjCCAnYCCQDwxS01pbJjyDANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVUMQ4wDAYDVQQHDAVQcm92bzEMMAoGA1UECgwDRUlHMQ8wDQYDVQQLDAZOZXRvcHMxEjAQBgNVBAMMCWF3c19ieW9pcDEpMCcGCSqGSIb3DQEJARYaZWlnLW5ldC10ZWFtQGVuZHVyYW5jZS5jb20wHhcNMTgxMTEyMTg1ODAwWhcNMjgxMTA5MTg1ODAwWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVUMQ4wDAYDVQQHDAVQcm92bzEMMAoGA1UECgwDRUlHMQ8wDQYDVQQLDAZOZXRvcHMxEjAQBgNVBAMMCWF3c19ieW9pcDEpMCcGCSqGSIb3DQEJARYaZWlnLW5ldC10ZWFtQGVuZHVyYW5jZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhYkPGFYv/471uwfSNRUiGwx1WiF7iM0GYbmwHBY7KAOruObkhZrgVUwFXVVlZZED1BPxigOsgGdUVQ01BYBTxcBCaxim9hnJW3dVROdZg4HS0zuHnntveWfhkalBeGJGPhsdyE7zULg8jf+18I9fRtG32Qmm6E35CuDp9HwKrHlhgqIYIQ9JQiUykkdwfgWr4ho1JSP4pl/79WFgrv+0Hw7Ml0E2ZoTLIkgacr+9kLxmg82q+xWegYmcfPRC/Eh+g5Ln4mYkyzyLlTSyuHNnGI0wi3QYUX3ITBoPeex1ly5rPxYA3KM+4boKcxFR1DGS0RU+jzZnhKbxVw6YP5VpPAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAMGzeUx283P9ophMPjguepuCn+vWl+ZLh0qjCneT6vS29/COAaR97obMfpnI4XPIbdj8Jch3M10q1yvjptzkeRcSN2MXCiC6QiNG7D4yeUu+dlQz3o9vBAp8asfG/jfU7qx2wxRLkf8vi1q+v52Z5jPpnUAZ1au6urhbSTpE/VLDGcBPxVIQQeohbzJvT/0WRbUVPojZ9ixKX7lI93V79na74AOD1d5/4PzW5myxQjNZpThR/mBG7C0c9sdI04/fxDAY7XTlwHxwaTxslZYhUtEIyqztIo80P7LGdhuKNBVbPP2rvrf2z7K78gsCMnLfAtUtM4Cv62k5H/4uE7WBwKI=-----END CERTIFICATE----- Comment: Comment: OCITOKEN::162.214.80.0/23:2f4b29d8bc05dda0df20a0825841f2ff21c6a1e1af23501ad8fa80df6b1d768e Comment: OCITOKEN::162.214.48.0/21:d9ac0c7f37607b5552427e818b39d475ccbea645b8f9495fba8f4f05b567b4ec Comment: OCITOKEN::162.214.88.0/21:17738e1fce2623c223e721f62c49458284ec5495ad569bfd177d7626138d50a2 Comment: OCITOKEN::162.214.104.0/21:7eea0b280d083a1576abace27eb88114bfd8707aa25386085d654f753b0f7fbe Comment: OCITOKEN::162.214.112.0/20:27c8bbf6ff854063b41d15e9ebe5b6cb33c90d1f024620c3c63cceb8098099ba Comment: OCITOKEN::162.214.144.0/21:7ac8ca8a22c2469f1b3affe3616e44e9b9b88938eedb81b392d63b8af69c6257 Comment: OCITOKEN::162.214.160.0/20:eb7f01bf02730ac5b7f4b84cfe7d8ab37d7dfa5733d3285990d7893d9afdc6fe Comment: OCITOKEN::162.214.184.0/21:3f63a084e425be4a8e8e0f2682e22bbcce3f24e77fb9776a505acbb2fc394895 Comment: OCITOKEN::162.214.192.0/21:50b1c95bbb3b52b760f319845aef1e3cae0e5c3a31b7db612b0c93ba260d49c5 Comment: OCITOKEN::162.214.208.0/21:c55e53d78ae93c06a3a2a4dff84d9dded4f5f2e6c79ef731f7d5929e6a4fb888 Comment: OCITOKEN::162.214.224.0/21:3bec5ce38f4181e3e34a9deff7a1702885d061ecf5bfbbd5bec5fd032d861d8d Ref: https://rdap.arin.net/registry/ip/162.214.0.0 OrgName: Unified Layer OrgId: BLUEH-2 Address: 1958 South 950 East City: Provo StateProv: UT PostalCode: 84606 Country: US RegDate: 2006-08-08 Updated: 2025-07-24 Ref: https://rdap.arin.net/registry/entity/BLUEH-2 ReferralServer: rwhois://rwhois.unifiedlayer.com:4321 OrgTechHandle: ENO74-ARIN OrgTechName: EIG Network Operations OrgTechPhone: +1-781-852-3200 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN OrgAbuseHandle: EIGAB1-ARIN OrgAbuseName: EIG-Abuse Mitigation OrgAbusePhone: +1-877-659-6181 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/EIGAB1-ARIN OrgNOCHandle: ENO74-ARIN OrgNOCName: EIG Network Operations OrgNOCPhone: +1-781-852-3200 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN OrgAbuseHandle: NOC2320-ARIN OrgAbuseName: Network Operations Center OrgAbusePhone: +1-801-765-9400 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC2320-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 3 years ago · Last seen 1 month ago
Appeared in 5 threat reports