5.39.10.93 Threat Intelligence and Host Information

Dec 29, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 5.39.10.93 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1056.001 - Keylogging, T1059.007 - JavaScript, T1059 - Command and Scripting Interpreter, T1068 - Exploitation for Privilege Escalation, T1071.001 - Web Protocols, T1071.004 - DNS, T1071 - Application Layer Protocol, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1114 - Email Collection, T1176 - Browser Extensions, T1491 - Defacement, T1497 - Virtualization/Sandbox Evasion, T1566 - Phishing, T1571 - Non-Standard Port, T1573 - Encrypted Channel, TA0011 - Command and Control

  • Tags: acint, agent, agent tesla, agenttesla, alexa, alexa top, all octoseek, appdata, apple, apple ios, artemis, as141773, as15169 google, as17506 arteria, as17806 mango, as19969, as32244 liquid, as49505, as61317, as63932, ascii text, asnone united, asyncrat, attack, azorult, bank, banker, bazaloader, bazarloader, beginstring, bitminer, blacklist, blacklist http, blacklist https, bladabindi, blockchain, body, bradesco, cisco umbrella, class, cleaner, click, cobalt strike, communicating, conduit, contacted, core, covid19, crack, critical, cry kill, cve201711882, cyberstalking, cyber threat, cymulate2, dapato, date, detection list, detplock, dllinject, domain, downldr, download, downloader, driverpack, dropped, dropper, emotet, encpk, encrypt, engineering, entries, error, et tor, exit, expired, facebook, fakeinstaller, falcon, fali contacted, fali malicious, file, files, filetour, formbook, fusioncore, general, generator, generic, generic malware, gmt content, gmt contenttype, hacktool, heur, hostname, hybrid, iframe, immediate, indicator, installcore, installer, installpack, internet storm, iobit, ip summary, ipv4, japan unknown, keep alive, keylogger, known tor, kraddare, kyriazhs1975, loadmoney, local, lockbit, look, malicious, malicious site, maltiverse, malvertizing, malware, malware norad, malware site, media, mediaget, meta, meterpreter, million, miner, mirai, misc attack, moved, msil, name verdict, nanocore, nanocore rat, netwire rc, networm, next, njrat, node traffic, noname057, null, open, outbreak, passive dns, pattern match, paypal, phish, phishing, phishing site, phishtank, png image, pony, predator, presenoker, pulse pulses, qakbot, qbot, quasar, raccoon, ransom, ransomexx, ransomware, redline, redline stealer, referrer, refresh, relayrouter, remcos, response, restart, riskware, rostpay, runescape, russia unknown, safe site, sample, samples, scan endpoints, script, search, service, silk road, site, smokeloader, softonic, span, spyrixkeylogger, spyware, ssl certificate, stealer, strings, summary, suppobox, swrort, systweak, tag count, team, threat report, tools, trojan, trojanspy, tsara brashears, twitter, type, union, united, unknown, unsafe, urls, url summary, verify, vidar, wacatac, win64, windows nt, xcnfe

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: hphosts_emd, hphosts_fsa, hphosts_pha, hphosts_psh

  • Country: France
  • Network: AS16276 ovh sas
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Bangladesh, Malaysia, United States of America
  • Passive DNS Results: www.skgp.tools xcoffee.org imtexo.org imtexo.net dobavka.info starobykivske.farm seredivske.farm bobrovytske.farm rozhnivka.farm mukachivske.farm p2p.estate velykodivytske.farm adsdna.com dbovs.com coreserra.com cafesevil.com vrborder.com ukrtorf.com egowo.com fastcash4homescharlotte.com tradicia.top olber-wood.shop agendaflowapp.net socet.info studiosy.info asu-integra.com am-ukr.com aeroguardiansolutions.com misfundas.com im-trainings.com olberwood.shop cybersitch.org ycgun.org cybersich.net cybersich.info sich.city cybersich.biz agendaflowapp.com arion-trans.com avgust-trade.com cybersitch.com yevhenbobrov.com ycgun.com bordervr.com grant-kh.com groupcosmetics.com gainti.com nuroled.com krasa.vip saft.one alshair.clinic asapport.com atria-project.com courchevel-express.com olber-wood.com svit-gamantsiv.com.ua anzaatelier.com vipcosmetolog.com help.papers.npp.net.ua fxtr.pro fixator.pro easy-app.info neotrac.app alphagymmma.com lovedangel.com i8brands.com puzzlestitch.com gezelex.com olberwood.com mvom.shop finstabilizator.org e-flagman.fish efes.cloud anvarix.com medici-accounting.com labcolab.com busineu.com orderdm.com finacaffe.com www.ukrsao.com www.czn.events giftok.top tkhome.shop katon.shop bilgorod.net serenatystyle.info kuzminykh.info vysoka.coffee xpo-int.com avalon-bali.com aqua-myrgorod.com asgdao.com aquamyrgorod.com dahnoclinic.com clo-cab.com svitklimatu.com myhomoria.com mrjeffamz.com pragmainsurance.com pzkyiv.com edrockets.com konotopvodokanal.com brama.wine fyra.pro uadonorhub.org lsukraine.org uamilreserve.org topcosmetics.info savedefenders.info pavlenko.info medaria.info inscience.business wondertonecosmetics.com augusta-foods.com vaasoft.com sibollealpine.com poligontrop.com bexman-sweden.com 1bit-invest.com rerebureau.com vpn.gitlab.asmo.org.ua amill.win good-life.fitness mava.design avtoexpert.biz energyinnovations.biz veryrealestatebali.com saludcosmetics.com mindyourfree.com lapaus.com ismgua.com ic-ces-timesheet.com 201things.com folixidil-ua.com natafes.info reason.community lystopad.art service.ukragroexpert.com.ua www.atmospheredance.camp atmospheredance.camp parq.villas brobro.org poehalisnami.net mimibon.net brobro.biz www.strawberry.casino www.skladok.org www.avtodomivochka.com ranishnirosy.com convertstep.com mytskan.com mayakglobal.com mayak-global.com parqocean.com parqcities.com parqcity.com parqcitadel.com parqsoho.com gtaok.com neuroexpanse.com www.booking.uz.ua i-gra.od.ua konura.school shapochka.photo apc-service.net moiseenko.info mediapost.net.ua secretlifeofwoman.com mimibonicecream.com maolcompany.com mimibon.com mimibonsweets.com mimibonpastry.com mimibondesserts.com mimiboncakes.com mimibonbakery.com lulitres.com improemail.com ukrainespeaks.com nikakos.com www.defen.tech skgp.tools unbored.space bariatriccases.org olekart.net anketa.info 13floor.company 13floor.agency worldofdancemoldova.com techmatrix18.com yourmegabox.com reis-ua.com dawinchi.win tprop.info dawinchi.biz whitebedouin.com woodandme.com wigwamjewellery.com shelest-resort.com sosbuild.com bank-payment-page.com barvery.com upcomingcosmetics.com futuralli.com booknet.kiev.ua karkusha.school madmaks.pro arseniyyatsenyuk.org frontlinesociety.org criticalhuman.one arseniyyatsenyuk.net ayatsenyuk.net yatsenyuk.net ctrlartd.info lalka.info watchcatcher.com arseniyyatsenyuk.com ayatsenyuk.com select-deals.com ex-gardens.com redrealtydubai.com www.xn--d1abafkhjfrdb4apb.com www.vrm-technica.com www.amurun.com www.pan.poker www.vizagroup.org onlyone.voyage lviv.tennis sklad.od.ua lawtest.org happiness4people.org kubowatt.org kubowatt.net zvezdar.info kubowatt.info savoy.energy kubowatt.biz happiness4people.academy valsamaki-bags.com happiness4people.com baczewskich.com uandrew.com www.edyna.academy www.dimclub.biz grandpharm.net aybolit.poltava.ua intracomukraine.com promoche.com psyholab.com getjapa.com www.linksi.info www.juradres.info grandpharm.org butterflydiagnostic.net sokany-ua.com gambler-ua.com gamblerua.com in-sight.pro butterflydiagnostic.org slovopacana.net gebr-pfeiffer.info knizh.club xpaidgroup.com taro78.com histelle.com pivasov.com orantadefence.com kratop.com bakota.wine irc-nano.org forgeofhelp.org czn.events tuning.boutique life-and-safety.com lehendatrans.com knivesuniverse.com svalterazp.com.ua carside.team modamilano.shoes direktorpokera.org nazovsim.org direktorpokera.net globalagrotech.net nazovsim.net fitbalance.live direktorpokera.info nazovsim.info seeprojects.gallery direktorpokera.biz uwise.biz direktorpokera.com quest-epic.com parqbusinessclub.com goobd.com nebokrai.com nazovsim.com kratomukraine.com bitgeforce.com exchangescointr.com www.inlove.biz navlux.store navlux.shop culinara.org kulinara.org culinara.online kulinara.online navlux.net navlux.ltd yimapa.info navlux.group gatrade.company funnels.business culinara.biz kulinara.biz navlux.biz culinara.app kulinara.app tara-bougies.com taromistic.com leks-workshop.com bs-target.com jaguar-vodka.com jaguar-beverage.com 3anuda.com www.agamalubricants.com diatools.shop ukr-auto.parts ukr-auto.shop pega.pro dexstudios.net neruhomist.info firecare.info wonderlandfly.com allevfix.com supplescore.com olaright.com ukr-auto.com komfortwolle.com renovacia-n.com www.ugoda.app ensuria.tech oleksandrmoskalyuk.pro strimix.pro dexstudios.org dexstudios.games strimix.dev galaxy.kiev.ua www.look.com.ua optimazepr.org optimazepr.net optimazepr.info optimazepr.biz strimix.app alyonaprilepa.com vector-hc.com solidbullets.com shendcraft.com optimazepr.com redandwhitebrand.com defen.tech smbmalta.org fashionburo.org skgp.one alijurist.net fastdeer.ltd nonamepm.info tifoodio.com vertokyivka.com smbmalta.com primavertebra.com ponory.com otivas.com eatahit.com kyivestate.com raeflecta.com coffeeday.today airontrade.pro coffeedaytoday.news csp.network coffeedaytoday.com medovisvichky.com mhealthzdravo.com gromuz.com browsers.dn.ua kyocera.kyiv.ua bakuba.world respublica.team kyivreklama.org eurojas.org eleksgives.org aiwiser.net aiinnovations.info dachazakarpatti.info buyapple.company vintage-fun-living.boutique cimbor.com cheeky-jay.com vsevsim.com vintage-fun-living.com sobornaukraine.com highriseiq.com lindzori.com balsamlife.com nordwayomega.com friendsandyachts.com trl.net.ua lottohub.win yakmonet.studio respublica.store dtools.shop respublica.shop vizagroup.org vizagroup.net vrm-technica.info mediabunker.info expert-consulting.info br-idge.info strawberry.casino xn–d1abafkhjfrdb4apb.com arriventfurtherstudy.com amurun.com a2ffc.com anukagroup.com vrm-technica.com sim-ya.com maltasmb.com gazotrade.com glynar.com uav-fund.com kochevrin.com agroplace.kz dimclub.org skladok.org dimclub.net edyna.media symbol.management dimclub.info veneziasurfaces.info valmax.email sveaverken.info bibliotheque-de-parfum.company dimclub.biz edyna.academy vikibooks.art avtodomivochka.com dianapsychologist.com shkirya.com monteilmedical.com pinquine.com getmagics.com euroizolpl.com www.flat.express juradres.info linksi.info funtarget.fun linksi.app cor-int.com svitveletniv.com recovery.win spsgroup.vip nlfb.ltd komora.farm timco.apartments luxart.art tagtatag.com insightsready.com vatican.trade horsebooks.net 7days.market andwhoareyou.info pep.contact takeitfizi.com chumaky.com zlagodazznvk.com irrmaax.com peoniesholland.com brigoldencats.com e-instrumentariy.com kantor-poland.com karat-odessa.com romanchaly.com rovellicats.com www.ho-land.com medevas.org equi-book.net art-ua.info equi-book.info alefclinic.com darianirings.com vilnafitstudio.com partnergroupnetwork.com bankofnikolai.com oneq-school.com nunsios.com kantor-warszawa.com kantor-krakow.com alps.voyage fik-fap.info culturalfront.info inlove.biz

Malware Detected on Host

Count: 7 7076f34641c9f33a66a86a452e1a895034f75b69159b71e6dbe01f465bee0729 b5f327ef096701aabe5f54c1a3362dc267ddc0a882743e89e706ee80f583834a 5cdc3deb82408d1ef7bb8a23ff6e5db9a738f22392483a128e583f4cbbb3b92e 61935960686cc90477ae3752fb090a43cd1a478cc97c20b65aa4cbebafd66d38 6909f7fc3a3208297059aef844ce7bb77bb8a240355743f77f4263406a31abd7 0b7244d9902416c5e111a946bbea64d0af47253e3b77126669e3fd58d40cc16d 372eaa041f1ff8937f33ebd9dad601fb4532abf150f883df6e1dd839b53d5821

Open Ports Detected

80

Map

Whois Information

  • inetnum: 5.39.10.80 - 5.39.10.95
  • netname: OVH_61293784
  • descr: OVH
  • country: FR
  • org: ORG-IILP1-RIPE
  • admin-c: OTC2-RIPE
  • tech-c: OTC2-RIPE
  • status: ASSIGNED PA
  • mnt-by: OVH-MNT
  • created: 2014-05-30T17:58:13Z
  • last-modified: 2014-05-30T17:58:13Z
  • organisation: ORG-IILP1-RIPE
  • org-name: Internet Invest Ltd. Pavel Blotsky
  • org-type: OTHER
  • address: Gaidara, 50 str.
  • address: 01033 Kyiv
  • address: UA
  • phone: +380.442010102
  • mnt-ref: OVH-MNT
  • mnt-by: OVH-MNT
  • created: 2014-05-30T17:56:03Z
  • last-modified: 2017-10-30T16:28:50Z
  • role: OVH Technical Contact
  • address: OVH SAS
  • address: 2 rue Kellermann
  • address: 59100 Roubaix
  • address: France
  • admin-c: OK217-RIPE
  • tech-c: GM84-RIPE
  • tech-c: SL10162-RIPE
  • nic-hdl: OTC2-RIPE
  • abuse-mailbox: abuse@ovh.net
  • mnt-by: OVH-MNT
  • created: 2004-01-28T17:42:29Z
  • last-modified: 2014-09-05T10:47:15Z
  • route: 5.39.0.0/17
  • descr: OVH ISP
  • descr: Paris, France
  • origin: AS16276
  • mnt-by: OVH-MNT
  • created: 2012-05-15T09:38:46Z
  • last-modified: 2012-05-15T09:38:46Z

Links to attack logs

****** ****** ******

Share on: