66.172.9.3 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 66.172.9.3 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: projects.symbisystems.com host1.itwest.net www.meyerconsultinginc.com covid19plustesting.com peacgolf.net symbisystems.com meyerconsultinginc.com itwest.net

Malware Detected on Host

Count: 3 7217b974542ea8e3d69211c4280f10b451f0a5d9df60a8ea091d89aa73a78160 53cdde158630cd2dce5fe7fbfe29a93ba496738e8a307a167f19c71ee1ccfa88 8d6e3434a48837acee248b939a334046bee989c8a45b98eb7b12f73a5a9d34eb

Open Ports Detected

110 143 2077 2082 2083 2086 2087 21 22 23 25 3134 3306 465 53 587 993 995

CVEs Detected

CVE-2014-2957 CVE-2014-2972 CVE-2016-1531 CVE-2016-9963 CVE-2018-6789 CVE-2019-15846 CVE-2020-12783 CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010 CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014 CVE-2020-28015 CVE-2020-28016 CVE-2020-28017 CVE-2020-28020 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2020-8015 CVE-2021-27216 CVE-2021-38371 CVE-2022-3559 CVE-2022-37451 CVE-2022-37452 CVE-2023-42114 CVE-2023-42115 CVE-2023-42116 CVE-2023-42117 CVE-2023-42119 CVE-2023-51766 CVE-2024-39929

Map

Whois Information

• NetRange: 66.172.0.0 - 66.172.63.255
• CIDR: 66.172.0.0/18
• NetName: CYBERVERSE06
• NetHandle: NET-66-172-0-0-1
• Parent: NET66 (NET-66-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Evocative, Inc. (EVOCAT-2)
• RegDate: 2001-09-20
• Updated: 2018-04-11
• Ref: https://rdap.arin.net/registry/ip/66.172.0.0
• OrgName: Evocative, Inc.
• OrgId: EVOCAT-2
• Address: 26 Centerpointe Dr. Suite 110
• City: La Palma
• StateProv: CA
• PostalCode: 90623
• Country: US
• RegDate: 1998-11-17
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/EVOCAT-2
• OrgAbuseHandle: VPLSA-ARIN
• OrgAbuseName: VPLS-ARIN
• OrgAbusePhone: +1-213-406-9018
• OrgAbuseEmail: abuse@vpls.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/VPLSA-ARIN
• OrgTechHandle: NOC1709-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-888-365-2656
• OrgTechEmail: abuse@evocative.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC1709-ARIN
• OrgTechHandle: NETWO813-ARIN
• OrgTechName: Network Engineering
• OrgTechPhone: +1-866-599-9593
• OrgTechEmail: abuse@vpls.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NETWO813-ARIN
• OrgNOCHandle: NETWO813-ARIN
• OrgNOCName: Network Engineering
• OrgNOCPhone: +1-866-599-9593
• OrgNOCEmail: abuse@vpls.net
• OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO813-ARIN