94.73.188.44 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 94.73.188.44 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts

• Country: Turkey
• Network:
• Noticed: 29 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: webmail05.natrohost.com mail.urganinvest.com mail.karanfiltour.com mail.uskaf.net mail.berencevre.com mail.maknel.com ahtmail.com aydinsaglik.com.tr mail.omptextile.com mx-out05.natrohost.com mail.polkima.com.tr

Malware Detected on Host

Count: 14 68baedde98de0b2c5988b4afed250d8e946846e67093b3ecb42e2cfc722578e7 0903961ba7ce91a965ee42d92da305ecf174b588351dbac5bd7f53506cc5a0f3 0ece5e54f6bbaadff2df34a63daf8abaa69fe8b59ca1e2c9cab404246b065c02 5113277c1b398d2dffb144f828c812bfb146f6b91ce0488352843d0232f5e79e 3ac3748f98de8ce538ed82c9f47d7cb072f6894dc8de7e288ae5e66f2d3e0cb9 7e141725ddf18cf34bd1697c3a887cf9a7112391aedfa17c7fc8cf468fa0b724 3638c87c59f4bdbd619dbab6cd10f7632754f5d10dabbf92db5a0e36d260b501 80eebb9aa533f5228cd97afde404c196212eeeb85aa57ad0b91b2bb92f998539 f03e12e59ca2f553253802233bdc7fbab3499ca5455c28d5345f07447a768614 fb7dadd4d1dab7da64d2c5d094c726c4e727b6bc541a0a9670efbb56b6a656b8

Open Ports Detected

25 587

Map

Whois Information

• inetnum: 94.73.128.0 - 94.73.191.255
• netname: TR-CIZGI-20080710
• country: TR
• org: ORG-CBSS1-RIPE
• admin-c: NCBG1-RIPE
• tech-c: NCBG1-RIPE
• status: ALLOCATED PA
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: CIZGI-MNT
• mnt-domains: CIZGI-MNT
• mnt-routes: CIZGI-MNT
• created: 2008-07-10T08:55:32Z
• last-modified: 2022-10-17T20:28:58Z
• organisation: ORG-CBSS1-RIPE
• org-name: CIZGI TELEKOMUNIKASYON ANONIM SIRKETI
• country: TR
• org-type: LIR
• address: Kustepe Mah. Mecidiyekoy Yolu Trump Tower No:12
• Ic Kapi No:470 Sisli
• address: 34387
• address: ISTANBUL
• address: TURKEY
• phone: +902122131213
• fax-no: +902123564407
• admin-c: HC973-RIPE
• admin-c: CTBG2-RIPE
• admin-c: NTR976-RIPE
• mnt-ref: RIPE-NCC-HM-MNT
• mnt-ref: CIZGI-MNT
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: CIZGI-MNT
• abuse-c: CTA12-RIPE
• created: 2005-02-23T10:03:43Z
• last-modified: 2025-10-27T10:39:13Z
• role: Natro Backbone Group
• address: Gulbahar Mah. Elif Sok. No:4 Kat:1 SISLI
• address: Istanbul - Turkey
• phone: +90 212 213 1213
• fax-no: +90 212 356 4407
• admin-c: NN1321-RIPE
• tech-c: NN1321-RIPE
• nic-hdl: NCBG1-RIPE
• abuse-mailbox: abuse@natro.com
• mnt-by: CIZGI-MNT
• created: 2011-08-01T11:25:59Z
• last-modified: 2024-10-01T18:00:05Z
• route: 94.73.188.0/24
• descr: CIZGI TELEKOM BLOCK
• origin: AS34619
• mnt-lower: CIZGI-MNT
• mnt-routes: CIZGI-MNT
• mnt-by: CIZGI-MNT
• created: 2012-11-02T11:12:29Z
• last-modified: 2012-11-02T11:12:29Z

Links to attack logs

****** ****** ******