204.93.172.14 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 204.93.172.14 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: www.haty.epicsyst.com haty.epicsyst.com www.powerpro.epicsyst.com powerpro.epicsyst.com www.arzak.epicsyst.com total.epicsyst.com www.total.epicsyst.com portfolio.epicsyst.com www.portfolio.epicsyst.com eladltools.com www.therocks.epicsyst.com www.aladl.epicsyst.com aladl.epicsyst.com www.newtopservices.epicsyst.com newtopservices.epicsyst.com einvoice.epicsyst.com www.einvoice.epicsyst.com www.newtest.epicsyst.com newtest.epicsyst.com www.sobek.epicsyst.com sobek.epicsyst.com www.zahraa.epicsyst.com zahraa.epicsyst.com inspire.epicsyst.com www.inspire.epicsyst.com eta.epicsyst.com www.eta.epicsyst.com www.erp.epicsyst.com erp.epicsyst.com www.etacore.epicsyst.com etacore.epicsyst.com test.epicsyst.com www.test.epicsyst.com www.eta.epicsyst.org eta.epicsyst.org www.epicmar.epicsyst.com epicmar.epicsyst.com www.trendcovid19.com trendcovid19.com afitaliane.com www.magic-letters.com nouh.epicsyst.com www.nouh.epicsyst.com www.epicsyst.org www.myclinicv.com www.demo.epicsyst.com demo.epicsyst.com www.epicsyst.com www.bridgespirit.com mroilegypt.com www.mroilegypt.com www.khassmy.com www.howada.com epicsyst.com cpcontacts.epicsyst.org www.webservices.bridgespirit.com webservices.bridgespirit.com cpcalendars.khassmy.com cpcontacts.khassmy.com khassmy.com epicsyst.org cpcalendars.epicsyst.org meeting.howada.com www.meeting.howada.com www.meetings.howada.com meetings.howada.com cpcontacts.howada.com cpcalendars.howada.com howada.com cpcontacts.myclinicv.com cpcalendars.myclinicv.com myclinicv.com bridgespirit.com cpcontacts.bridgespirit.com cpcalendars.bridgespirit.com cpcontacts.magic-letters.com magic-letters.com cpcalendars.magic-letters.com

Malware Detected on Host

Count: 1 5d55b3c45aa8603dbed41072c4bc15a13d1b8af45644b157e7692241ff809d65

Map

Whois Information

• NetRange: 204.93.128.0 - 204.93.255.255
• CIDR: 204.93.128.0/17
• NetName: SCN-6
• NetHandle: NET-204-93-128-0-1
• Parent: NET204 (NET-204-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS23352
• Organization: DEFT.COM (SL-2063)
• RegDate: 2009-06-12
• Updated: 2024-11-15
• Ref: https://rdap.arin.net/registry/ip/204.93.128.0
• OrgName: DEFT.COM
• OrgId: SL-2063
• Address: 2200 Busse RD
• City: Elk Grove Village
• StateProv: IL
• PostalCode: 60007
• Country: US
• RegDate: 2021-06-29
• Updated: 2024-11-21
• Ref: https://rdap.arin.net/registry/entity/SL-2063
• OrgAbuseHandle: ABUSE1669-ARIN
• OrgAbuseName: Abuse Department
• OrgAbusePhone: +1-312-829-1111
• OrgAbuseEmail: abuse@deft.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1669-ARIN
• OrgNOCHandle: NETWO1779-ARIN
• OrgNOCName: Network Operations
• OrgNOCPhone: +1-312-829-1111
• OrgNOCEmail: support@deft.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO1779-ARIN
• OrgRoutingHandle: IST36-ARIN
• OrgRoutingName: IPXO Support Team
• OrgRoutingPhone: +1 (650) 564-3425
• OrgRoutingEmail: support@ipxo.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IST36-ARIN
• OrgRoutingHandle: HOUTZ5-ARIN
• OrgRoutingName: Houtz, Dan
• OrgRoutingPhone: +1-224-361-1491
• OrgRoutingEmail: dan@packetwise.co
• OrgRoutingRef: https://rdap.arin.net/registry/entity/HOUTZ5-ARIN
• OrgRoutingHandle: NETWO1779-ARIN
• OrgRoutingName: Network Operations
• OrgRoutingPhone: +1-312-829-1111
• OrgRoutingEmail: support@deft.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/NETWO1779-ARIN
• OrgTechHandle: NETWO1779-ARIN
• OrgTechName: Network Operations
• OrgTechPhone: +1-312-829-1111
• OrgTechEmail: support@deft.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NETWO1779-ARIN
• NetRange: 204.93.172.0 - 204.93.172.255
• CIDR: 204.93.172.0/24
• NetName: SCNET-204-93-172-0-24
• NetHandle: NET-204-93-172-0-1
• Parent: SCN-6 (NET-204-93-128-0-1)
• NetType: Reassigned
• OriginAS:
• Customer: Mochanin Corp. (C02492509)
• RegDate: 2010-05-12
• Updated: 2010-05-12
• Ref: https://rdap.arin.net/registry/ip/204.93.172.0
• CustName: Mochanin Corp.
• Address: 2880 Zanker Rd.
• City: San Jose
• StateProv: CA
• PostalCode: 95134
• Country: US
• RegDate: 2010-05-12
• Updated: 2011-03-19
• Ref: https://rdap.arin.net/registry/entity/C02492509
• OrgAbuseHandle: ABUSE1669-ARIN
• OrgAbuseName: Abuse Department
• OrgAbusePhone: +1-312-829-1111
• OrgAbuseEmail: abuse@deft.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1669-ARIN
• OrgNOCHandle: NETWO1779-ARIN
• OrgNOCName: Network Operations
• OrgNOCPhone: +1-312-829-1111
• OrgNOCEmail: support@deft.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO1779-ARIN
• OrgRoutingHandle: IST36-ARIN
• OrgRoutingName: IPXO Support Team
• OrgRoutingPhone: +1 (650) 564-3425
• OrgRoutingEmail: support@ipxo.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/IST36-ARIN
• OrgRoutingHandle: HOUTZ5-ARIN
• OrgRoutingName: Houtz, Dan
• OrgRoutingPhone: +1-224-361-1491
• OrgRoutingEmail: dan@packetwise.co
• OrgRoutingRef: https://rdap.arin.net/registry/entity/HOUTZ5-ARIN
• OrgRoutingHandle: NETWO1779-ARIN
• OrgRoutingName: Network Operations
• OrgRoutingPhone: +1-312-829-1111
• OrgRoutingEmail: support@deft.com
• OrgRoutingRef: https://rdap.arin.net/registry/entity/NETWO1779-ARIN
• OrgTechHandle: NETWO1779-ARIN
• OrgTechName: Network Operations
• OrgTechPhone: +1-312-829-1111
• OrgTechEmail: support@deft.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NETWO1779-ARIN

Links to attack logs

****** ****** ******