52.173.83.49 Threat Intelligence and Host Information

Aug 10, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 52.173.83.49 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

JARM: 2ad2ad00000000022c42d42d00042d201e6f6a84d7c3cb0fe3d908d1bb1307
View other sources: Spamhaus VirusTotal

Country: United States
Network:
Noticed: 1 times
Protocols Attacked: SSH
Passive DNS Results: client-back-beta-tinq.tinq.com sync-prod-func.azurewebsites.net abpos.com abpos.us www.abpos.us qa2thirdpartyintegrations.megacorplogistics.org ebc.promoteengage.com hpa-stage-highlandhub.hasdev.net story.flinkit.io app.daruyanagi.com www.promoteengage.com anceliteplus.promoteengage.com stg.charterdura-bar.com cnws-qa01-aeris-uatjv-mockcallback.cubictelecom.com outdoor.yourfriendinreykjavik.com club-genesis.com appcamacari.asteba.com cmail-df-stg-tfmgr-gbl.trafficmanager.net www.asg.com vendabem.azurewebsites.net c-portal.net premios.redvoucher.com.mx anselite.promoteengage.com ebs.promoteengage.com cnws-qa01-aeris-uat-mockcallback.cubictelecom.com app.asteba.com report1.enhancedmetrics.com www.itsmytrp.com www.signsetconline.com abgo.app prod-hellohealthy.azurewebsites.net prod-hellohealthy-staging.azurewebsites.net client-back.tinq.com back.tinq.com waws-prod-dm1-047.centralus.cloudapp.azure.com demo.amplidex.com api.poolmathapp.com meetingcatchupportalappservice-test.azurewebsites.net docs.asg.com abpayus.com www.abpayus.com www.themidtowngr.com themidtowngr.com abgoeats.net www.gotbrosllc.com pl.qmscapital.com www.tsidata.com www.listeningroomgr.com access.asg.com accesscreateticket01.asg.com pd.asg.com cust.asg.com sw.asg.com isp.asg.com distribution.odysseyenergysolutions.com www.proyectosqro.mx proyectosqro.mx redbear.mx www.redbear.mx reporting.trinoveon.net www.studioparkgr.com www.fourseasonflora.com scipavinginternal.com aztst1-secure-c.comed.com aztst1-secure.comed.com aztst1-secure.delmarva.com aztst1-secure-c.delmarva.com aztst1-secure-c.peco.com aztst1-secure.peco.com aztst1-secure-c.atlanticcityelectric.com aztst1-secure.atlanticcityelectric.com orderstatus.ecolab.com ab-login.com read.trinoveon.net www.123gr.com mcstst.mobileenv.peco.com mcstst.mobileenv.delmarva.com mcstst.mobileenv.bge.com mcstst.mobileenv.atlanticcityelectric.com trinoveon.net carpetfranchise.searsclean.com adpmw.gurug.com portal.lpi-ip.com mgtcon.trinoveon.net cockpit.trinoveon.net safestakeholder.com class2.playsqor.com www.praisio.com praisio.com jpfcapital.com www.jpfcapital.com go.radiowaves.com app.eml.radiowaves.com secure.radiowaves.com sedmslicenseweb.schneider-electric-dms.com www.flightproconnect.com dessertposs.com www.cwlogic.com www.omnidocspro.com www.crmtix.com www.iteachky.org odp2.247ctrl.com www.partridge.partners www.dessertpos.com dessertpos.com www.captra.com mn.mapsouth.hockey stg.chartersteel.com s1.signaloneservices.com ota-devicetwin-mw-qa.otiselevator.com www.goldmedalflour.com web.koopvendas.com.br hpa-stage-foodsafety.hasdev.net www.artsbeatstech.com test.hackazure.net www.leyantilavado.com.mx timesheet.nowintelligence.com huddle.reactiv.com app.livingroomanalytics.com www.aperturaalapalabrapuebla.mx aperturaalapalabrapuebla.mx www.bitsideas.com drtalkcovidapp-develop.azurewebsites.net drtalkcovidapp-test.azurewebsites.net www.admin.heavyhelp.com admin.heavyhelp.com perseverant.com customsearch.azurewebsites.net stg.chartermfg.com www.eventsonwhim.com coolthings.live www.openceas.co.jp www.bismarckindians.org hpa-sr-foodsafety.hasdev.net hpa-sr-highlandhub.hasdev.net www.pillsbury.ca academy.skillmeup.com backoffice-delta.revain.org backoffice-epsilon.revain.org backoffice-gamma.revain.org app.bestfloorplans.com hisx.portsoft.com.ar app.proplate.pro backoffice-alpha.revain.org www.cleanwater2020.com zerossl.daruyanagi.work buypass2.daruyanagi.work buypass.daruyanagi.work rev19.net app-api.cormonitor.peerbridgehealth.com inventory-api.cormonitor.peerbridgehealth.com www.aufbauprinzip.com www.brontobot.com alpha.revain.org the-frames.org www.emmaronco.com innoventspecmate.com www.tools.deepwatersoftware.com faithfoundationchildrenshome.org codentech.org codentechcommunity.com tools.deepwatersoftware.com www.spinglobal.mx spinglobal.mx maps.modus.org tris-universe.com www.swcolormixrsvp.com www.swlocalevents.com conegte.com www.datacette.com dashboard.deepwatersoftware.com www.crick.deepwatersoftware.com tools.playsqorr.com backoffice.playsqorr.com www.partners.deepwatersoftware.com partners.deepwatersoftware.com www.dashboard.deepwatersoftware.com www.partners-api.deepwatersoftware.com partners-api.deepwatersoftware.com genesiscode.org sweetmecreamery.com blcks.io www.blcks.io swlocalevents.com datacette.com ilpi.me ilg2019.com msteams.pandadoc.com forwardit.global www.sweventexpress.com moci-test.com collegepuzzlechallenge.com downhillsupplycompany.com raceowl.com lmcotems.com cap-hosting.com alliancesinc.com proplate.pro enix.re pillsbury.ca swcolormixrsvp.com cleanwater2020.com error.daruyanagi.work azklinik.com webapp-engineering-dev-dwgus.rmg.designworksgames.com www.jsnover.net www.chisholmcreekfarm.com physicianprofiler.mycsi360.com p1.daruyanagi.work oxvc.health beta.revain.org texasrangers.playsqor.com mcstst.mobileenv.pepco.com api.500towon.com api.playsqorr.com www.ameschicago.com www.dsd.gov.za www.iquorum.pe iquorum.pe themachinery.info demo.playsqor.com games.playsqor.com orchestration-ppe.paymentsinstrument.commerce.microsoft.com jumiaan.com delta.revain.org rsa4096.daruyanagi.work ec256.daruyanagi.work sustainablesoft.com timbrado.dcsis.com.mx timbradows.dcsis.com.mx conciliazioni.net naming.daruyanagi.work custom.daruyanagi.work app.showmeplatform.com e-v.re irl.ai epsilon.revain.org machinadigital.co.uk rnetworkglobal.in platform-fa-dev.guyana-rs-uitsno.xom.cloud www.ebhatta.com ebhatta.com sieutoccargo.com gamma.revain.org panel.chatcompose.com claims-int.pi.dps.microsoft.com server-app.intellimails.com app.intellimails.com passwordreset2.sysco.com passwordreset.sysco.com www.saasyucatan.mx saasyucatan.mx aztst1-secure.pepco.com www.myfirelog.cloud qc.highlandhub.com ianputtergill.com www.naturalhealthlabs.com naturalhealthlabs.com sand-boxpos.sandbox.operations.dynamics.com sand-boxret.sandbox.operations.dynamics.com staging.daruyanagi.work dev.daruyanagi.work iteachky.org login.daruyanagi.work www.illumicode.com portal.praelatus.com e5.praelatus.com token.simcita.com staging.getcubed.io theteamgames.com staging.revain.org theupsstore-prodpos.operations.dynamics.com theupsstore-prodret.operations.dynamics.com flightproconnect.com coarc.com listeningroomgr.com webdads.com studentfollowup.cteis.com analysis-api.cormonitor.peerbridgehealth.com device-api.cormonitor.peerbridgehealth.com uploadmanager-api.cormonitor.peerbridgehealth.com logger-api.cormonitor.peerbridgehealth.com qadc.ul.com api.captra.com daruyanagi.work dev.daruyanagi.com staging.daruyanagi.com cds-covid19-fa-cs.azurewebsites.net cybersechub.com.au esz.com.mx hosts.cds-covid19-fa-cs.azurewebsites.net codica.municipiocampeche.gob.mx wallet-management.com kath-tech.com skillmeup.com leyantilavado.com.mx find.wherible.com abhiverse.com mtvcorp.com justonlybusiness.com illumicode.com holbox.games artsbeatstech.com advancedfireinc.com sirtaf.net mybikeconnect.com nimok.com copartemployeeportal.com gopplus.website sinpag.com cteis.com ihydrantapi.com bismarckindians.org codentech.net contentservices.tech contentservices.tips homesteadfp.com grupojacha.com govirtualconference.com papeleriaguacamayas.com bitsideas.com fanero.co xn–x8j9a4a5g8a.xyz chisholmcreekfarm.com imdbexplorer.com horse-tender.com 939tech.com segan.io wespeakcloud.store dream2000mobile.com thegoodnews.church vlcgv.thegoodnews.church onq.life garyquince.com 123gr.com contorae.com mobilemod.com chivoexpiatorio.org parkhillsmo.net simporter.trafficmanager.net simporter.com pickawinner.app digitalmeetings.xyz attackforge.com captra.com goldmedalflour.com sourcelogictech.com aliviaphoto.com revain.io ancillarymanager.com tinq.com bitsideasacademy.com brontobot.com houmsworld.com faithfoundationchildrenshome.com celebrationcinema.com mygreenhead.com www.gotsheart.com weberwieners.com studioparkgr.com revain.me jafetapp.com invosuite.net crunchsoft.tech promonet-flix.com www.escape.boynecountrysports.com kane.enjaysolution.com eventsonwhim.com thesteelyard.co.za hosts.pwcollectperformancedata.azurewebsites.net bucknergroups.com home.uceusa.com gleziers.com experiemceidea.com grayhealthcares.com www.marketplace.vtrina.com bhnetswork.com parksfuel.com geotrackny.com decedo.com rnetwork.io xbean.com signsetconline.com mineralarea.edu hifi-utils.jollysoft.com letsgoraid.com maxjs.org deepcoz.com api.qspilotsis.com historyofhometownheroes.com marketplace.vtrina.com estebantty.com knotbump.com sportivo.app icgmb20181010024209.azurewebsites.net sweventexpress.com algdb.net premiosmovistar.com icgmb20181010024209.scm.azurewebsites.net www.luckycharms.com luckycharms.com sacredkart.com grupopll.com revain.org welfaredenmarkmvc2018.azurewebsites.net thelegaldraft.com realauth-app.azurewebsites.net acc.azurewebsites.net waws-prod-dm1-047.state.azurewebsites.windows.net waws-prod-dm1-047.api.azurewebsites.windows.net tutorwyse.com tutorials.visualstudio.com spadeworx.com pozitive.io acadaccbootcamp.azurewebsites.net bbklaw.com www.algdb.net manjoecar.azurewebsites.net pump-guard-dev.azurewebsites.net lewisperformancehorses.com ksextontech.com clixyz.com app.luckyday.co waws-prod-dm1-047.cloudapp.net www.premiosmovistar.com www.ace.edu search.incentifind.com doverdixon.com daruyanagi.com ameschicago.com grupobscit.com beta.zignyl.com app.zignyl.com www.radiowaves.com www.payhero.co.nz www.neoshoyouthwrestling.org www.coverranker.com www.bettercoder.io qa.neoshoyouthwrestling.org neoshoyouthwrestling.org coverranker.com bettercoder.io api.neoshoyouthwrestling.org www.ddh.law ddh.law zegazte.cf nwndig.com ishitatest.com hiremarkkraus.com www.dashboard.getflamingo.com dashboard.getflamingo.com booksrite.com aspnet.daruyanagi.com uptimeit.net unicornstorymaker.com phuriastudios.com icaalebanon.com www.tutorwyse.com showmeplatform.com freshbeer.com.br www.ironmantires.com www.enterpriserecruit.com o365portal.stratusinnovations.com ironmantires.com enterpriserecruit.com khub.azurewebsites.net alejandrocruza.com win.daruyanagi.com retro-spielekonsole.de PINERACER.COM awzure.com pldeepdive.com crmtix.com cwlogic.com cloud.fastbound.com sample.daruyanagi.com aztst1-secure.bge.com aztst1-secure-c.bge.com aztst1-secure-api-c.bge.com www.takeaction-ec.com takeaction-ec.com app.realauthentication.com www.stenaura.com www.daruyanagi.com www.bail-money.com sbaydanang.com melodyhills.com bubblethefun.com bail-money.com www.scherrerwedding.net vincentianpersons.cdm.depaul.edu scherrerwedding.net dashboard.revain.org www.247ctrl.com 247ctrl.com admin.qb-app.com www.kemps.com joesamigos.com www.spitball.co unleashed-xr.com

Open Ports Detected

443 80

Map

Whois Information

NetRange: 52.145.0.0 - 52.191.255.255
CIDR: 52.148.0.0/14, 52.145.0.0/16, 52.160.0.0/11, 52.152.0.0/13, 52.146.0.0/15
NetName: MSFT
NetHandle: NET-52-145-0-0-1
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-11-24
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/52.145.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN

Links to attack logs

****** ****** ******

Share on: