72.52.10.14 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 72.52.10.14 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

• Mitre ATT&CK IDs: T1052.001 - Exfiltration over USB, T1052 - Exfiltration Over Physical Medium, T1401 - Device Administrator Permissions

• Tags: accept, analysis, ansi, apt, click, close, cyber security, data, date, decrypted ssl, download, general, hosts, http://ftp.tandberg.com/pub/software/endpoints/movi/movi4/S85000, hybrid, indonesia, ioc, local, malicious, malware, Nextray, online, patch, path, pcap, pcap processing, phishing, runtime data, sample, sandbox, sha256, size, strings, submit, suspicious, threat level, trojan, voice, vxstream

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: cleanmx_phishing, hphosts_ats, hphosts_emd, hphosts_fsa, hphosts_psh

• Country: United States
• Network: AS32787 akamai technologies inc.
• Noticed: 1 times
• Protcols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: kfc.com.sa kp2.appcenterhq.com voltarengelsample.com www.starburst.ca starburst.ca bakerwa.com illuminagenomicsforum.com hcatodayblog.com www.hcatodayblog.com statefarminsurance.co statefarmcentr.com myrrdcareers.com reebokclassic-shop.com robinhood3.com xn–i8s964ckgl2lu.xn–ses554g www.xn--i8s964ckgl2lu.xn–ses554g westlawprecision.com caregiversoftomorrow.com permissiontolivefreebook.com myrittersport.us my-ritter-sport.us signiaatl.com jobsrb.com 1statefarmgroup.com theovationnetwork.com madisonwealthnj.com leclubtoutouetronron.com barksnpurrsclub.com reebok-shop.com scupinwealthmanagement.com scupinwm.com scupinwealth.com precisionspinecolorado.com allbirdsshoessale.com allbirdsoutletnz.com statefarmev.com verizonvalue.com wonbarnes.com 1barnes.com rondesantisbook.com www.fantasyfootballboss.com download.iheartaudiobooks.com www.timewhackers.com www.celebsauce.com download.playpoptrivia.com download.bringmeapps.com www.ultimategamesbar.com awsmerchstore.com www.centuryfarmsfamilypractice.com www.descontoproplaneta.com.br descontoproplaneta.com.br coolsculpting.cn laprotectionsurmesure.ca protectionmesures.ca paperlessi9.com www.paperlessi9.com sportsillustratedeats.com 24hrathlete.com www.elancoexclusive.com entercomintranet.com eiaasw003awsd.devcma.devcomerica.net eiaasw002awsd.devcma.devcomerica.net originpointcali-internal.com pmiopen.ch www.iamnumberfourfans.com www.momsnightoutthemovie.org www.aeropostale87.info aeropostale87.info gettingheretothere.net www.dole5aday.com zesprikiwilovers.com www.stanleysecurite.fr www.bscapply.com opencarbonplatform.net ninewest.mobi ninewest.biz ninewest.asia iconicimagesgaller.com ninewest-argentina.com ninewest-netherlands.com ninewestitaly.com ninewest-africa.com ninewestbrazil.com ninewestvietnam.com ninewest-ukraine.com ninewestsouthafrica.com ninewestrussia.com ninewest-india.com ninewest-belgium.com ninewestafrica.com ninewest-venezuela.com ninewest-mexico.com ninewest-russia.com ninewestsweden.com ninewestjapan.com ninewest-greece.com ninewest-uk.com ninewesthongkong.com ninewestchile.com ninewestpoland.com ninewest-peru.com ninewestgreece.com ninewest-newzealand.com ninewestnewzealand.com ninewest-us.com ninewestvenezuela.com ninewestnetherlands.com ninewestukraine.com ninewest-hongkong.com ninewest-portugal.com ninewest-korea.com ninewestportugal.com ninewestkorea.com ninewest-poland.com ninewest-denmark.com ninewest-taiwan.com ninewesttaiwan.com ninewestdenmark.com ninewest-sweden.com ninewest-china.com ninewest-brazil.com ninewest-france.com ninewest-japan.com ninewestperu.com ninewest-vietnam.com ninewestaustralia.com ninewest-italy.com www.onepeloton.co digita.co.uk www.digita.co.uk opencarbonplatform.org opencarbonplatform.info zalora.eu westernunion.aw atmustechnologies.com atmustech.com atmusfiltrationtechnologies.com atmusfiltrationtech.com atmusfiltration.com linkedin-apistatus.com ninewest-colombia.com www.dqcakes.ca www.plexiglas.com www.gradecrossings.com originpoint-internal.com gradecrossings.com www.1stconstitution.com www.aramarkhighered.com www.kellyeducation.com www.ecco.dk footjoygolfskoherre.com awc-hash.qa.r53comerica.net nash-sh.com xn–rssv39a.biz www.wizoo.com yahooo.us download.dailywellnessguide.com media.addict.com atn.addict.com www.yourwayisourway.net tentezlaventure.ca optionsforra.ca norvasc.ca yourraoptions.ca healthy-savings.ca getbackrelief.ca yourwayisourway.net dormirsansdouleur.ca douleuretdormir.ca calculatenutrition.ca douleuretsommeil.ca careconnection.ca amazinggracebook.com hiring.amazom.com alexaschema.com www.goglobalwithtwitter.com.hk www.soccerinferno.com mountainstarcarepartners.com invictuswaevents.com engie-censo.com reservationscom.hipchat.com www.guiltgroup.org www.giltgroupee.com guiltgroup.org tommyhilfigeralesuomi.com stats2.lightningcast.net stats.lightningcast.net web.lightningcast.net fastfabs.store cortellis.thomsonreuterslifesciences.com tomblininvestmentgroup.com centuryfarmsfamilypractice.com brookstomblin.com www.jellystonegp.com aeromexico.co.ni platformwealthservices.com elancoexclusive.com www.barneysnewyorkresidences.com www.seoul.intercontinental.co www.errorsweep.com www.fixcleaner.org www.flicker.com www.registrynext.com www.pahriskcalculators.com pahriskcalculators.com www.eazet.com www.appliedaustralia.com tommyhilfigerukstores.com www.kingspanlightandair.fr luckybrandjeans.biz alamo-mx.info namemycat.com www.implisit.com authenticcorporate.com intouchshopper.com www.tax-software.com.au www.accounting-practice.com.au www.accountant-software.com.au cobverse.com cc3.paypal-shopping.co.il www.cumminseuro6.com keevercapital.com rjvfan.com www.pinterest.com.hk www.rougekill.org www.paypal-givingfund.com www.cleanerfix.org www.erroreasy.org otmlb.tateandlyle.com www.hiltondirect.com www.kohlerrental.com surrenderyourstory.com jesusvevangelicals.com jeeponlyparts.com iqos.ge www.flsb09.com www.easyroommate.co.nz ilriccio.catering indeedjobs.online moneygram.ro www.authortracker.com alirocumab.us hiltongbmsupport.com healthcarenewhampshire.org healthcarenewengland.com nhhealthcareservices.com fmhpmcprh.com bitbucket-prod-new.shared.r53comerica.net download.privacycontrolpro.com regeneron.nl www.regeneron.nl pricelessmarketingengine.com iconicimages.shop download.guffins.com thestylistbyaventuramall.com thestylistbyam.com iconicimagesshop.com barneysnyresidences.com www.intouchshoppers.com www.hcadigital.design www.boursesgoodspark.ca goodsparkgrants.ca boursesgoodspark.ca www.goodsparkgrants.ca test-sisense.cpaglobal.com statefarm.security www.bibliateologica.com insidecfc.sharepoint.nterprise.net www.librosdeitielarroyo.com authentic-entertainment.com alexaambienthome.com abg-entertainment.com messickpeacock.com messickpeacockandassociates.com www.paragon-re.com extremeshopping.com df.axe.rsw-uat.servier.com www.df.axe.rsw-uat.servier.com www.df.axe.rsc-uat.servier.com df.axe.rsc-uat.servier.com www.barbarakice.net barbarakice.net amazonmusiclive.com barneysnewyorkresidences.com www.eeropoe6.com www.ringalarmprobasestation.com www.kingspanklargester.com www.thoughttrace.uk thoughttrace.uk precor.lat www.apr.com fico.win gmoorewealth.com tristarchildrenshospital.com www.techfor.care cardboiled.net theexcitenetwork.net cleanerfix.net spywarebot.net erroreasy.net bathandbodyworks.boo centennialchildrenshospital.com chevroletmissoula.com caissedesjardinstheresedeblainville.ca caissedesjardinstheresedeblainville.com www.caissedesjardinstheresedeblainville.ca www.caissedesjardinstheresedeblainville.com driverupdate.sucks ask.sucks slimcleanerplus.sucks slimware.sucks slimcleaner.sucks wittkieffer.scot theexcitenetwork.org cleanerfix.org erroreasy.org myslimware.org fixcleaner.org javafix.org roguekill.org rougekill.org mindspark.nyc cleanerfix.info ask.directory theexcitenetwork.biz cardboiled.biz xn–marchdespme-fbb.com antispyreviewer.com antispyreviews.com tnbibles.com thinkinsidethecard.com destroyallspyware.com clean-pc.com connecttomyfiles.com connecttofiles.com cleanerfix.com connectmyfiles.com sysoptimizer.com syncfast.com sysupdatetool.com screensaversandwallpapersfree.com smarterrorfix.com spywarelite.com spywareremovalreviwer.com systemupdatetool.com speedupcleaner.com slimwareone.com slimware1.com slimversioning.com slimcleanerplus.com sexiestcards.com screensaverdaddy.com homegardeninglife.com historyeater.com historydemon.com healthwellnesslife.com historyremove.com myfilesconnect.com myfreebirthdaycards.com myfileconnect.com myfunnyfree-ecards.com yourpremiumsupport.com privacyadvance.com pcperformancegeeks.com pcperformancecheck.com privacysweeper.com privacyadvanced.com pcupdatetool.com pcperformancesquad.com backupsafe.com updateauto.com update-auto.com ukfinancialgroup.com errorsmartpro.com errorupdatetool.com errorscantool.com expressregistryrepair.com errorremovaltool.com errorupdates.com evidencefinder.com errorfixsmart.com errorfixpro.com errorfixlite.com ez-free-ecards.com errorsweep.com evidencebot.com errorfixbot.com errorfixtool.com 7-cleaner.com 7cleaner.com recimgmanager.com regrepairer.com roguekill.com registryrepairbot.com regerrorfix.com rougekill.com regrepairbot.com registryrepairer.com registrycleanerreviews.com regclearplus.com registryultra.com recimgpro.com registryclear.com regultra.com registrynext.com funnyhouseofcards.com registryassist.com fixtsupport.com freehahacards.com fix-os.com fixifysupport.com fix-7.com www.bigstockphotos.com www.grupobestway.cl www.hinartum.fr tranquillo.cghub.com victoriassecretbeauty.in www.cognexsensors.com www.mydettol.org mydettol.org www.kaisercommunity.org www.bongeniegrieder.ch curv.co www.curv.co curv.cc www.curv.cc www.aamtech.co.nz thebig5.com.au www.myherbalife.se www.cinergywealth.com www.cinergywll.com www.insularesearch.info alexbrowncoasttocoast.com abcoasttocoast.com howwerelatebook.com lifecouncilbook.com www.zondervanpremiercollection.com www.redbullsoapboxrace.it www.givemewings.to www.redbull.dm www.redbulletin.at www.redbull.com.uy www.redbullstudio.co.za www.redbull.com.bd www.redbulllinecatcher.fr www.thrifty.co.il www.redbull.co.mz www.rampagevote.com www.moneygram.co.uk bibbyfinancialservices.be www.bibbyfinancialservices.be auth.bibbyfinancialservices.be dgc.gdr-prod.r53comerica.net cdr.bestbuymobile.com innovations.bestbuymobile.com www.sami.bestbuymobile.com upgradechecker.bestbuymobile.com scheduling2.bestbuymobile.com www.upgradenow.bestbuymobile.com www.cryovac.com www.cryovacgraphics.com spotlightcampro.com statefarmonlineautoclaims.com lithiaconcierge.com blinkpantiltcamera.com blinkpantilt.com blinkfloodlightcampro.com blinkwiredcam.com blinkwiredfloodlightcamera.com blinkminipan-tilt.com blinkminipantilt.com blinkfloodlightcamwiredpro.com blinkfloodlightcamwired.com blinkpantiltcam.com blinkpan-tilt.com eeroproinstall.com eeroforbusinesses.com eerobuiltin.com omniqled.com omniqledseries.com eeroproinstallers.com eeroforbusiness.com eero6powerstation.com eerointernetbackup.com eerobuilt-in.com eeropoe6.com eeropoegateway.com eeroproinstaller.com eeropowerstation.com eeroforproproinstallers.com ringspotlightcampro.com ringalarmprobasestation.com firetvomniqled.com firetvambientexperience.com firetvomniqledseries.com www.lululemonoutletca.com tae-isam-sds-nlb.prod.r53comerica.net infiniti.nl www.colorpro.com collegehumor.com

Malware Detected on Host

Count: 137 e5d1397fd318531ba1f482be00b1d200472eec94f724faca246709588e91fb49 b43eec3f5d89c12cb7827249621145e4e50f1e1aa81c82341b47a22f4b880c23 96cf01629e6fc853ed4faa13c1e5e71fc1ba30e247dfbc70449759b66d7888a6 7bbb2da34c2fe24d6c1acf78f19acc218600fc85f04a885d89edf886d8710386 b5be06c4210cce05b32e62ab9b09da4f5849582a6340901b2853ad7a840429f9 58b8822ff401c3bb49331f159dc592264268f6721a69584300bd6ebf47e26f13 712c3f90b4d5486a602efae1936157f2d61ce192412234ff6dc42009a24acc66 54e3c93584be2e95f76452fcdb0db8531ad309df0dd91e464544027eb9343cc5 e81d984a6e4d97024a25638b9d58c8e0b6ddb396dccafe08756fbd830030a756 791ff760f7b1c44ed4643457105f0c5c931319a7060872fa6d7bbc8330b3d160

Open Ports Detected

80

Map

Whois Information

• NetRange: 72.52.0.0 - 72.52.63.255
• CIDR: 72.52.0.0/18
• NetName: PROLEXIC
• NetHandle: NET-72-52-0-0-1
• Parent: NET72 (NET-72-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Akamai Technologies, Inc. (AKAMAI)
• RegDate: 2005-07-11
• Updated: 2019-10-21
• Comment: —–BEGIN CERTIFICATE—–MIIDdzCCAl+gAwIBAgIUaslWeAvf/CWj08gH/XuWiQ5Ji5wwDQYJKoZIhvcNAQELBQAwSzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkZMMRwwGgYDVQQKDBNBa2FtYWkgVGVjaG5vbG9naWVzMREwDwYDVQQLDAhQcm9sZXhpYzAeFw0yMDAxMTQxMjI3MTNaFw0yMDA3MTIxMjI3MTNaMEsxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJGTDEcMBoGA1UECgwTQWthbWFpIFRlY2hub2xvZ2llczERMA8GA1UECwwIUHJvbGV4aWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC//TFN3KontV+irLlBVvgRYBCkOYSj8KPmudusbuNVTLbqAN2o2kt4wAvDxwIjMOUITxjsvygLzu6pWe5dYC2lo8gVOZygLKBMaMKNqJvhbld80hRzSQOMnlYqeKDNcwKdo/tYhaR5Kz9MXoZZoYR4++TabEnDtp7+TkcREYI+zfF4ZIuY86OpR0MNe/zzBC30qyE2Q9r5nk0AmjbZDQ6UPeZHy1nJ49K9Qi9c2+gv2cwQR0sDkURZkDmPiu6BZtu7bAW9KFBCoBzIlSO8kPsxsPyo1AKn+5S0kB4GYMJ/bK3E/YMZjsQUfSYR+E+w3HQ1yK0kSrAB0gS3F4ltXvJ3AgMBAAGjUzBRMB0GA1UdDgQWBBQ+8WqAnvLs+7hnSalNkEjf7P4SdjAfBgNVHSMEGDAWgBQ+8WqAnvLs+7hnSalNkEjf7P4SdjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxurT3HhR8NB8RdUurubne7v0yJhn1RSIgWosgI7zqBP7DCWWP3tzPURqiFeX2DvE8PV4rMR/X+PBWSE0BMCJeRzj4VIGZAozGbqHO3xH/jP0D6bN0XDRTj4j5QVipN9sohA2MZPjRCMihZuItRD1c8YssNjhgDoECzDqjlAbUgyQqSbnqmt8bNOgC6ZTOIDkx2mSI/8tFkaQ6NGftZU5DKUC2ZIOVgR934b57qhLa9C9Th0+tvlwp1s2FF1Fleu+aXiHaHFQviAGoRdWxIUqsQWxrknX3BZwMIwkekblEsyklFXesMvgNoM+pFq5U4uQtnO4w0PBl9rZ71x2X142W—–END CERTIFICATE—–
• Ref: https://rdap.arin.net/registry/ip/72.52.0.0
• OrgName: Akamai Technologies, Inc.
• OrgId: AKAMAI
• Address: 145 Broadway
• City: Cambridge
• StateProv: MA
• PostalCode: 02142
• Country: US
• RegDate: 1999-01-21
• Updated: 2023-10-24
• Ref: https://rdap.arin.net/registry/entity/AKAMAI
• OrgAbuseHandle: NUS-ARIN
• OrgAbuseName: NOC United States
• OrgAbusePhone: +1-617-444-2535
• OrgAbuseEmail: abuse@akamai.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NUS-ARIN
• OrgTechHandle: IPADM11-ARIN
• OrgTechName: ipadmin
• OrgTechPhone: +1-617-444-0017
• OrgTechEmail: ip-admin@akamai.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPADM11-ARIN
• OrgTechHandle: SJS98-ARIN
• OrgTechName: Schecter, Steven Jay
• OrgTechPhone: +1-617-274-7134
• OrgTechEmail: ip-admin@akamai.com
• OrgTechRef: https://rdap.arin.net/registry/entity/SJS98-ARIN

Links to attack logs

****** ****** ******