194.58.112.173 Threat Intelligence and Host Information

Oct 19, 2025 ipinfopage

General

IP Address
194.58.112.173
IPv4 Address
Location
🇷🇺 Russia
RU
Network
AS197695
Domain names registrar REG.RU, Ltd
Threat Score
75/100
Critical
AmadeyaurorastealerAuroraStealerauto-generatedsecuritycyber
Attack Intelligence
MITRE ATT&CK Techniques
T1036 - Masquerading, T1083 - File and Directory Discovery, T1113 - Screen Capture, T1119 - Automated Collection
Open Ports Detected
80
Geographic Location
Country
Russia
City
Unknown
Region
Unknown
Coordinates
55.7386, 37.6068
Network Information
ASN
AS197695
Organization
Domain names registrar REG.RU, Ltd
Network
AS197695 Domain names registrar REG.RU, Ltd
WHOIS Information
inetnum
194.58.112.0 - 194.58.113.255
netname
REGRU-NETWORK
descr
Reg.Ru
country
RU
admin-c
MS55099-RIPE
tech-c
MS55099-RIPE
status
ASSIGNED PA
mnt-by
REGRU-MNT
mnt-routes
REGRU-MNT
created
2014-10-27T09:37:02Z
last-modified
2014-10-27T09:37:02Z
role
Reg.Ru Network Operations
address
Russia, Moscow, Vassily Petushkova st., house 3, Office 326
phone
+7 (495) 580-11-11
fax-no
+7 (495) 491-55-53
nic-hdl
RGRU-RIPE
abuse-mailbox
abuse@reg.ru
route
194.58.112.0/24
origin
AS197695

  • Country: Russia
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 13 02bc3cf75ae0c533725f3684ffdc5017c5a246971306b5994cc42c9d71cd58c9 6e35881a7ffdb6be5800384767cdb86085393287f6c326fcf8a32f19d29381f6 d4ccf7b8dcc51b39518850037ed118fdf9e07d9726662ba8943d35a35496f67c ea0237574d2a11fd7a713d1f03d4059dbc93ed2efededfa92643ebfab9b97324 f69125eafdd54e1aae10707e0d95b0526e80b3b224f2b64f5f6d65485ca9e886 a60f4a353ea89adc8def453c8a1e65ea2ecc46c64d0d9ea375ca4e85e1c428fd 83e0316e0a99d17c58d6a77415ba464485f53452599de31bf7f67becf23aeced 383fbf1978eb768c6569b7d1b2a0a5a29839632a2bac74b640b0e555c632b0ef 7a5c6a3f48d1e9298b5f2b1a95d463c8d0d73148c57488248708ea9ab8ba6c8e 0d3e79f093723b199f935dd8e815f69854c0659bbdc10d0489589b7a876ff647

Disclaimer
This page contains threat intelligence information for the IPv4 address 194.58.112.173 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.