5.141.85.241 Threat Intelligence and Host Information

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 32/100

Host and Network Information

• Tags: Nextray, cyber security, ioc, malicious, phishing

• View other sources: Spamhaus VirusTotal

• Country: Russian Federation
• Network: AS12389 pjsc rostelecom
• Noticed: 1 times
• Protcols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 3 454395a1b7e037a3e7796012db0b913220def46e22a7de201573bfef8252ad48 454395a1b7e037a3e7796012db0b913220def46e22a7de201573bfef8252ad48 b8d348c7d0a4ba800c53ed2f7274c710b6a3c1e4291e237c88b21c6fb49e3c72

Map

Whois Information

• inetnum: 5.141.0.0 - 5.141.127.255
• netname: Ural_Branch
• country: RU
• admin-c: RTNC-RIPE
• tech-c: RTNC-RIPE
• status: ASSIGNED PA
• mnt-by: ROSTELECOM-MNT
• created: 2022-12-01T18:31:11Z
• last-modified: 2022-12-01T18:31:11Z
• role: PJSC Rostelecom Technical Team
• address: PJSC Rostelecom
• address: Russian Federation
• abuse-mailbox: [email protected]
• admin-c: IE1277-RIPE
• tech-c: IE1277-RIPE
• nic-hdl: RTNC-RIPE
• mnt-by: ROSTELECOM-MNT
• created: 2007-11-27T13:28:11Z
• last-modified: 2022-12-12T07:46:18Z
• route: 5.141.84.0/23
• descr: Rostelecom networks
• origin: AS12389
• mnt-by: ROSTELECOM-MNT
• created: 2018-10-09T06:37:12Z
• last-modified: 2018-10-09T06:37:12Z

Links to attack logs

bruteforce-ip-list-2021-06-21