173.212.203.104 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 173.212.203.104 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

• JARM: 2ad2ad0002ad2ad00042d42d00000000f78d2dc0ce6e5bbc5b8149a4872356

• View other sources: Spamhaus VirusTotal

• Country: Germany
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy

Malware Detected on Host

Count: 6 b3272c0cccc8a11e145ff2c1cfaf4083c9ab5619c0bbaf304e97dff116b286a3 dfe0ba595467101ba020be2f968abc376b82112b818019f2cf993ca1a67cb433 658698794f0f8ffeb830e95a5777f6c9c2f3747ba488806a35f1791840ea6020 456163d77f5785b22a6e0535cb75c12218ba0a7169559951ca0c192c11cfa70a c36cb4000691fc4e33014c21f831de331bded72b7d980654d29bc56cdef83717 0c74b6ce15d8cf2370e1f533b7cbd7b9e68c70e95c88ae04893b35f4a15a34de

Open Ports Detected

10000 22 443 5555 6379 80 8083 8888 9081

CVEs Detected

CVE-2007-3205 CVE-2013-2220 CVE-2021-29477 CVE-2021-29478 CVE-2021-32761 CVE-2024-3566 CVE-2025-1220 CVE-2025-1735 CVE-2025-6491

Map

Whois Information

• NetRange: 173.212.192.0 - 173.212.255.255
• CIDR: 173.212.192.0/18
• NetName: RIPE
• NetHandle: NET-173-212-192-0-1
• Parent: NET173 (NET-173-0-0-0-0)
• NetType: Early Registrations, Transferred to RIPE NCC
• OriginAS:
• Organization: RIPE Network Coordination Centre (RIPE)
• RegDate: 2016-06-20
• Updated: 2025-02-10
• Ref: https://rdap.arin.net/registry/ip/173.212.192.0
• OrgName: RIPE Network Coordination Centre
• OrgId: RIPE
• Address: P.O. Box 10096
• City: Amsterdam
• StateProv:
• PostalCode: 1001EB
• Country: NL
• RegDate:
• Updated: 2013-07-29
• Ref: https://rdap.arin.net/registry/entity/RIPE
• OrgTechHandle: RNO29-ARIN
• OrgTechName: RIPE NCC Operations
• OrgTechPhone: +31 20 535 4444
• OrgTechEmail: hostmaster@ripe.net
• OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
• OrgAbuseHandle: ABUSE3850-ARIN
• OrgAbuseName: Abuse Contact
• OrgAbusePhone: +31205354444
• OrgAbuseEmail: abuse@ripe.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN

Links to attack logs

****** ****** anonymous-proxy-ip-list-2023-06-22 ******