172.93.194.60 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 172.93.194.60 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

• Tags: aaaa, algorithm, all search, as13335, body, code, contact phone, cookie, creation date, cus cngts, cyber security, data, date, dns replication, dnssec, domains, domain status, facebook, file size, file type, first, format, full name, general full, gmbh version, google, hash, hashes, identifier, info, ioc, ipv4, kb script, key algorithm, key identifier, key info, legal, llc validity, magic iso8859, magic pdf, malicious, march, namecheap, namecheap inc, Nextray, number, ogoogle trust, open ports, otx octoseek, passive dns, pdf document, phishing, pulse pulses, record type, registrar abuse, registrar url, resource, reverse dns, san francisco, scan endpoints, search, server, service privacy, showing, software, ssdeep, status page, subject key, subject public, text, text text, trid adobe, trid file, ttl value, type name, united, unknown, url http, usage, v3 serial, vhash, x509v3 key

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts

• Country: United States
• Network: AS20278 nexeon technologies inc.
• Noticed: 38 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 5 1b4dfb6652129e11269534c50d8382aad097b2bf26e6d9bb99157380067770db f5f29de34d9033ffa21a9e940ed8deaf420d01a5eb3ff4034906db0fcfe0c861 28171d3a531f0de3c5d79911582537d42943b52a3cbaf91c5c32f3118391ef8c 8971b47544b3cae679f2cef55f87cff807a2119fc7538999f54168568b72c6d4 d58e7755cbd53812f4a013e4a7510189403fa2e193338cc147eaa6492d6fed62

Open Ports Detected

443 53 80 8080

Map

Whois Information

• NetRange: 172.93.128.0 - 172.93.255.255
• CIDR: 172.93.128.0/17
• NetName: NEXEON-IPV4-5
• NetHandle: NET-172-93-128-0-1
• Parent: NET172 (NET-172-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS20278
• Organization: Nexeon Technologies, Inc. (NEXEO-2)
• RegDate: 2015-06-01
• Updated: 2015-06-01
• Comment: Please send all abuse and DMCA reports to abuse@nexeontech.com
• Ref: https://rdap.arin.net/registry/ip/172.93.128.0
• OrgName: Nexeon Technologies, Inc.
• OrgId: NEXEO-2
• Address: 13308 Redfish Ln Ste 101
• City: Stafford
• StateProv: TX
• PostalCode: 77477
• Country: US
• RegDate: 2010-02-17
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/NEXEO-2
• OrgNOCHandle: NETWO3628-ARIN
• OrgNOCName: Network Operations
• OrgNOCPhone: +1-877-639-3660
• OrgNOCEmail: noc@nexeontech.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO3628-ARIN
• OrgAbuseHandle: ABUSE2544-ARIN
• OrgAbuseName: Abuse Department
• OrgAbusePhone: +1-877-639-3660
• OrgAbuseEmail: abuse@nexeontech.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2544-ARIN
• OrgTechHandle: IPADM506-ARIN
• OrgTechName: IP Administration
• OrgTechPhone: +1-877-639-3660
• OrgTechEmail: ipadmin@nexeontech.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPADM506-ARIN
• NetRange: 172.93.192.0 - 172.93.207.255
• CIDR: 172.93.192.0/20
• NetName: CHI1-172-93-192-0-20
• NetHandle: NET-172-93-192-0-1
• Parent: NEXEON-IPV4-5 (NET-172-93-128-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: Nexeon Technologies, Inc. (NT-63)
• RegDate: 2017-03-23
• Updated: 2017-03-23
• Ref: https://rdap.arin.net/registry/ip/172.93.192.0
• OrgName: Nexeon Technologies, Inc.
• OrgId: NT-63
• Address: 13308 Redfish Ln Ste 101
• City: Stafford
• StateProv: TX
• PostalCode: 77477
• Country: US
• RegDate: 2014-02-25
• Updated: 2022-01-27
• Comment:
• Comment: Please e-mail abuse to: abuse@nexeontech.com
• Comment:
• Comment: Letters and other postal mail should be sent to the following mailing address:
• Comment:
• Comment: ATTN: Network Operations Center
• Comment: Nexeon Technologies, Inc.
• Comment: 13308 Redfish Ln Ste 101
• Comment: Stafford, TX 77477
• Comment: United States
• Ref: https://rdap.arin.net/registry/entity/NT-63
• OrgNOCHandle: NETWO3628-ARIN
• OrgNOCName: Network Operations
• OrgNOCPhone: +1-877-639-3660
• OrgNOCEmail: noc@nexeontech.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO3628-ARIN
• OrgAbuseHandle: ABUSE2544-ARIN
• OrgAbuseName: Abuse Department
• OrgAbusePhone: +1-877-639-3660
• OrgAbuseEmail: abuse@nexeontech.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2544-ARIN
• OrgTechHandle: IPADM506-ARIN
• OrgTechName: IP Administration
• OrgTechPhone: +1-877-639-3660
• OrgTechEmail: ipadmin@nexeontech.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPADM506-ARIN
• OrgTechHandle: TECHN1380-ARIN
• OrgTechName: Technical Support
• OrgTechPhone: +1-281-860-2364
• OrgTechEmail: ipadmin@nexeontech.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHN1380-ARIN

Links to attack logs

****** ****** ******