195.161.114.130 Threat Intelligence and Host Information

Jan 11, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 195.161.114.130 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 51/100

Host and Network Information

Mitre ATT&CK IDs: T1036 - Masquerading, T1204.002 - Malicious File, T1221 - Template Injection, T1566.001 - Spearphishing Attachment
Tags: all cve, cve20130074 add, domains http, ellenmmm cve, expl, exploit, exploits, explorer, files, Gamaredon, iocs files, metasploit, msil, oval oval, Primitive Bear, scan endpoints, targeted
View other sources: Spamhaus VirusTotal

Country: Russia
Network:
Noticed: 3 times
Protocols Attacked: SSH
Countries Attacked: Ukraine
Passive DNS Results: mentona-nvrsk.159dz.spectrum.myjino.ru stmarket.biz wbloook.online laifhouse.ru twittcher.com radenvuy.com yaratami.com stableai.fun www.laifhouse.com lrvl.dkslv.ru www.lrvl.dkslv.ru www.k.my37.ru k.my37.ru xn—-btbdvamfqnbn4am7a1g4a.xn–p1ai www.xn----btbdvamfqnbn4am7a1g4a.xn–p1ai spec24.spb.ru kdc-timashevo.ru www.kdc-timashevo.ru static.dfiles.ru cpkiot.net www.new.bioamin-rus.ru new.bioamin-rus.ru rumicrozaimy.ru craft-pc.ru kuhninazakaz.su msk.tz-pt.ru www.msk.tz-pt.ru dormost.pro www.dormost.pro www.alter-premium.ru alter-premium.ru forabetpartners.com www.dfiles.ru dfiles.ru telderi.pro laifhouse.com promosales.store www.dkslv.ru spb.gazosilikatstroi.ru www.spb.gazosilikatstroi.ru www.svet.siladob.ru svet.siladob.ru www.brsys.tk brsys.tk www.taxi-sochi-aeroport.ru prosto-seo.site www.rubeech.com rubeech.com www.ofssp.ru ofssp.ru www.perekrestok69.ru perekrestok69.ru www.icarpetsolutions.com icarpetsolutions.com www.red.parus1.ru red.parus1.ru www.doverievl.ru doverievl.ru potters-house.ru saharovomos.ru www.saharovomos.ru geouslugispb.ru www.geouslugispb.ru domboga.lemarkauto.ru www.domboga.lemarkauto.ru www.marta.itbezgranits.ru marta.itbezgranits.ru skill-master.ru sirpiter.ru www.corporatestrategy.ru www.medalmarket.ru medalmarket.ru www.0na.ru 0na.ru www.xn--80ajachankdwnanp2n.xn–p1ai xn–80ajachankdwnanp2n.xn–p1ai nixg.ru co.siladob.ru www.co.siladob.ru www.site812.ru s.saratovru.ru qr.geely-ivanovo.ru www.earn.expsp.ru earn.expsp.ru www.earn.onewebpage.ru earn.onewebpage.ru xn–h1afegalqigf.xn–p1ai www.xn--h1afegalqigf.xn–p1ai xn–e1adeadahckn9azae0j.xn–p1ai pim-rf.com www.pim-rf.com eicoach.ru www.apteka-medlux.ru apteka-medlux.ru www.kum.ru www.miniroom.fun skill-master.online remontskill.online www.semstart.ru semstart.ru www.xn--e1aaaflcpm7bg.xn–p1ai xn–e1aaaflcpm7bg.xn–p1ai belozerovcoach.ru www.vishka.siladob.ru vishka.siladob.ru spec.siladob.ru www.spec.siladob.ru www.downloadbrawl.ru downloadbrawl.ru pdo.dkslv.ru www.pdo.dkslv.ru www.grad-st.com www.bnb56.ru bnb56.ru www.feedback.ottokar39.ru feedback.ottokar39.ru ksimogilev.ru www.ksimogilev.ru www.pnd-truba.ru pnd-truba.ru tutlek-info.ru www.tutlek-info.ru zapsp.ru www.red-builders.tk red-builders.tk fn63.ru ik13.ru www.avto-provereno.ru avto-provereno.ru xn—–7kcbqaq6bccliad8a2auz5i.xn–p1ai www.araks74.ru www.xn-----6kcaabbidfsmtuagwc3armdsegbg2ao8d8f5n.xn–p1ai www.manipulyator.ru manipulyator.ru www.lamiapasta.ru lamiapasta.ru bgintegration.ru www.bgintegration.ru trucknova.ru microcentrifu.ga www.elprom.ru elprom.ru www.qr.kia-asauto.ru qr.kia-asauto.ru grad-st.com inform-apteki.ru www.inform-apteki.ru hramsretenie.ru www.hramsretenie.ru kuzovnoi-remont-gruzovikov.ru www.zzz.kia-samara.ru zzz.kia-samara.ru imdada.online www.standart72-lab.ru standart72-lab.ru www.lk.my37.ru lk.my37.ru hotel-aitar.com www.hotel-aitar.com dom-zagoryanka.ru www.dom-zagoryanka.ru qr.kia-radar.ru teamspectrum.ru xn—–6kcaabbidfsmtuagwc3armdsegbg2ao8d8f5n.xn–p1ai www.tutlek.com estyle61.ru www.estyle61.ru xn–80adgpach5cd.xn–p1ai tryto.ru www.tryto.ru www.mediatrue.org mediatrue.org dk-media.ru www.tsn.saratovru.ru tsn.saratovru.ru btxt.ru www.demprice.online aspectrade.ru www.aspectrade.ru mechanika.su zapravka-avtokondicionera03.ru www.uk-tura72.ru uk-tura72.ru bricksman.site to.kia-samara.ru www.to.kia-samara.ru www.tgconsult.ru tgconsult.ru www.vostok-zp.ru vostok-zp.ru xn—-7sbbfct6a0adadt1a7k.xn–p1ai www.moto.saratovru.ru moto.saratovru.ru www.sudebnoe-buro.ru sudebnoe-buro.ru roev.site www.roev.site ceglar.ru red-builders.ml www.red-builders.ml www.red-builders.gq red-builders.gq www.red-builders.ga red-builders.ga red-builders.cf www.red-builders.cf www.fixquick.ru fixquick.ru www.1-audit-spb.ru 1-audit-spb.ru 01111111.ru www.01111111.ru tonlaunchbot.online demprice.online tonlaunchbot.ru www.tonlaunchbot.ru artclassica.store artclassica.shop garant-plus-pro.ru onegaonline.ru www.roev.tk roev.tk www.ganso.ru www.clientproject.space clientproject.space moto.motobos.ru motobos.ru www.motobos.ru godrights.online sozdanie-na-1sbitriks.gq www.sozdanie-na-1sbitriks.gq sozdanie-na-1sbitriks.ml www.sozdanie-na-1sbitriks.ml sozdanie-na-1sbitriks.ga www.sozdanie-na-1sbitriks.ga www.et-okna.ru et-okna.ru www.podarok-na.store podarok-na.store sworroo.me muchomorka.ru www.muchomorka.ru www.admin-kom.ru admin-kom.ru donxuanbeatz.ru www.donxuanbeatz.ru www.kia-szr.ru www.xn--80ab2afhuoar.xn–p1ai www.1-audit-spb.online xn—-itbjbqddhcuefal.xn–p1ai www.xn----itbjbqddhcuefal.xn–p1ai wikilinx.ru www.wikilinx.ru 1-audit-spb.online www.1limpieza.com www.restaurant.tpl.garant-plus.pro restaurant.tpl.garant-plus.pro teamspectrum.ru www.masteravto76.ru masteravto76.ru www.admin-kom.store admin-kom.store www.viewers.monster viewers.monster tutlek.com cpkiot.su cpkiot.ru xn–29-9kcpb0bd6k.xn–p1acf www.xn--29-9kcpb0bd6k.xn–p1acf gov-ua.pw antimorgenshtern.ru www.antimorgenshtern.ru thwd.ru slsksi.ru www.rise.sworroo.me rise.sworroo.me kovka161.ru ovkshop-vrn.ru www.ovkshop-vrn.ru www.stroika17.ru tessts.ru sozdanie-na-1sbitriks.tk www.sozdanie-na-1sbitriks.tk www.sozdanie-na-1sbitriks.cf sozdanie-na-1sbitriks.cf www.potolkivluki.ru potolkivluki.ru www.appwill.co appwill.co www.minecraftpeandroid.ru minecraftpeandroid.ru www.lasermade.ru ninofilm.online rialtosteads.com notarius-kravec.ru www.notarius-kravec.ru www.donxuanbeatz.store donxuanbeatz.store engineer37.ru www.engineer37.ru centos.gafar.ru go-dreams.online xn—-7sbaabidijyn2b6agbj9amg1h.xn–p1ai www.xn----7sbaabidijyn2b6agbj9amg1h.xn–p1ai www.xn--72-6kcisou1b0a.xn–p1ai xn–72-6kcisou1b0a.xn–p1ai evakuator-tob.ru www.evakuator-tob.ru gafar.ru www.gafar.ru 1limpieza.com www.yonco.ru yonco.ru web3dev.pro www.bamspb.ru bamspb.ru mamapmr.ru www.mamapmr.ru miniroom.fun servis.my37.ru www.servis.my37.ru b24.novseo.ru www.b24.novseo.ru persright.com maxkirpichev.ru www.roster.dkslv.ru roster.dkslv.ru xn–80aqu.xn–90ahwfeq2hn.xn–p1ai www.xn--80aqu.xn--90ahwfeq2hn.xn–p1ai willpro.ru www.willpro.ru 650669030.ru potolok-v-chite.ru www.willbest.ru willbest.ru www.moryachok.site www.alevita.ru alevita.ru rguk.work atrails.ru potolochek-v-irk.ru www.voronezh.tz-pt.ru voronezh.tz-pt.ru www.potolki03.online www.quiz.my37.ru quiz.my37.ru prokuratura-rf.ru www.prokuratura-rf.ru www.plan-ban.xyz www.gala-cveti.ru gala-cveti.ru zhavoronki-1.shop zhavoronki-1.website www.zhavoronki-1.website www.loverostov.com loverostov.com privetpmr.ru potolki-v-krasnoyarske.ru potolki-krasnoyarsk.ru www.pashante.by pashante.by pashante.com www.pashante.com www.pashante.ru pashante.ru sluhvl.ru www.sluhvl.ru www.friday-night-funkin.ru friday-night-funkin.ru www.pndtrub.ru pndtrub.ru garden-city72.ru www.garden-city72.ru mag-mix.ru potolok-v-ulan-ude03.ru potolok-v-ulan-ude.ru tasksadminbot.tk autorentcentr3.ru dom-savvino.ru www.skyengineering.ru skyengineering.ru www.dush-sochi.tk dush-sochi.tk its-365.ru www.its-365.ru www.global37.ru global37.ru notaura.com www.zhilischnaya-lotereya.ru zhilischnaya-lotereya.ru www.pesnitekst.ru pesnitekst.ru yarcargo.ru www.yarcargo.ru materinskij-kapital-03.ru xn–90ahwfeq2hn.xn–p1ai www.lodki-baikal.ru lodki-baikal.ru anna-bezinger.com www.anna-bezinger.com www.plk34.ru plk34.ru imdada.site www.mp3.retroportal.ru mp3.retroportal.ru sochi.retroportal.ru www.sochi.retroportal.ru zhq.magicnow24.ru lc.magicnow24.ru w5r.magicnow24.ru x32.magicnow24.ru ov.magicnow24.ru znakomstvachat24.site www.herzhotels.de www.ribamgprom.ru ribamgprom.ru potolki-v-ulan-ude03.ru veles-stroj.ru www.veles-stroj.ru navi-line.ru tofiles.site ribamgprom.site www.ribamgprom.site xn–80aibljanprmd6j.xn–p1ai www.xn--80aibljanprmd6j.xn–p1ai vitroen.ru www.vitroen.ru gunsguns.ru www.gunsguns.ru www.genroenko.ru www.webkopylov.site www.makeupchloe.com magicnow24.ru plan-ban.xyz saharovommc.ru www.saharovommc.ru avdall.ru www.avdall.ru www.sahorovo.ru sahorovo.ru dostavka-piva-na-dom-uao.store electricon.site designhustler.ru aug-apk.ru www.aug-apk.ru zpr-apk.ru www.zpr-apk.ru www.lg-apk.ru lg-apk.ru www.ld-apk.ru crw-apk.ru www.crw-apk.ru www.crd-apk.ru crd-apk.ru cofc-apk.ru www.cofc-apk.ru www.bd-apk.ru bd-apk.ru ba-apk.ru www.ba-apk.ru www.retroportal.ru retroportal.ru realstroitel.ru www.realstroitel.ru www.virtualyakutia.com marketplacestudio.ru potolki-v-chite.ru natyazhnie-potolki-38.ru xn——5cdabb4bidctqjozccvat5dg6rj5h.xn–p1ai moryachok.site gramotnyjstroitel.ru www.gramotnyjstroitel.ru www.gliderrr.site www.lovevoronezh.com www.azbuka-office.ru beloptblok.ru www.beloptblok.ru www.geometriyadashfull.ru geometriyadashfull.ru potolok-krasnoyarsk.ru pvbk.spb.ru belkirpich.ru ironzoo.ru www.ironzoo.ru ostolica.ru www.ostolica.ru files.notaura.com gazosilikatstroi.ru www.osm-maps.ru osm-maps.ru downloadandroid.ru www.downloadandroid.ru www.fh.notaura.com fh.notaura.com buster.uz igrauchi.ru www.igrauchi.ru 3ngl.ru svk-perila.ru www.svk-perila.ru

Malware Detected on Host

Count: 83 f25f4a78760bf0644c06814a3439b772610d7d62f6c5efde8fb314cc58697b01 611e4b4e3fd15a1694a77555d858fced1b66ff106323eed58b11af2ae663a608 0d91e2ec22cbbc0c5612af42d09d342f42bfdb63667afc07606e7cd5cd0fbdfc 7266bf63e84941be9ead4f8ccba2d0c0f78735f58e2eba3a0cb277b2c68cb0a5 e12c6b63c6216338aa645b63f589d2e96e868f9b1f6402520649cfeb7c053c83 63da0b2abb744a5c92c3a1fff2c3e5940f5c969890f3f16fd8dca0a1363da494 36ed18f16e5d279ec11da50bd4f0024edc234cccbd8a21e76abcfc44e2d08ff2 4c12713ef851e277a66d985f666ac68e73ae21a82d8dcfcedf781c935d640f52 6b2a77bbd4a8daa4be10c32ffb9212ef6464e313b8ccfe1bb8208f5d6071be74 404ed6164154e8fb7fdd654050305cf02835d169c75213c5333254119fc51a83

Map

Links to attack logs

****** ****** ******

Share on: