78.140.7.239 Threat Intelligence and Host Information

Share on:
May 06, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force, T1498 - Network Denial of Service
  • Tags: Cyclops, DDOS, Gamardeon, HermeticWiper, IsaacWiper, KillNet, Nextray, PartyTicket, WhisperGate, attack ddos, botnet, cyber security, ddos, ioc, list ips, malicious, phishing, russia, russian, ukraine, vnc
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: nixspam, proxylists_1d, proxylists_30d, proxylists_7d, proxz_30d, socks_proxy_1d, socks_proxy_30d, socks_proxy_7d, stopforumspam, stopforumspam_180d, stopforumspam_365d, stopforumspam_90d

  • Country: Russian Federation
  • Network: AS31357 limited company information and consulting agency
  • Noticed: 48 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Russian Federation, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 5 5ee96cce83902ae9cb52fafac4479412f4d12bfc9b699cb81763f140e7b979a8 c4ad00d7360fc45e1c35cb76b174818ad6462f13fa9b66cec85e1774a170b674 e2d0a5551b98e14ba6696a65e0cdb3358e9fc20707cd0361ff2b0f13f14fdd4b 46be21d2f95f5567a696ee3f681f5321b2871cb13d40d94864fe7a8ceb2d956a 46be21d2f95f5567a696ee3f681f5321b2871cb13d40d94864fe7a8ceb2d956a

Map

Whois Information

  • inetnum: 78.140.0.0 - 78.140.15.255
  • netname: TOMICA
  • descr: Limited Company Information and Consulting Agency
  • descr: 55, Lenina St. Tomsk, 634050 Russia
  • country: RU
  • admin-c: TM458236-RIPE
  • tech-c: TM458236-RIPE
  • status: ASSIGNED PA
  • mnt-by: TOMICA-MNT
  • created: 2007-06-27T08:42:00Z
  • last-modified: 2019-10-03T07:28:59Z
  • role: NOC TOMICA
  • abuse-mailbox: [email protected]
  • address: Tomsk City
  • address: pr. Lenina 55 office 101
  • address: Russian Federation
  • admin-c: SAG2-RIPE
  • tech-c: SAG2-RIPE
  • nic-hdl: TM458236-RIPE
  • mnt-by: TOMICA-MNT
  • created: 2013-05-14T11:10:03Z
  • last-modified: 2022-02-28T10:40:45Z
  • route: 78.140.0.0/19
  • descr: Limited Company Information and Consulting Agency
  • origin: AS31357
  • mnt-by: TOMICA-MNT
  • created: 2015-02-05T08:16:52Z
  • last-modified: 2015-02-05T08:16:52Z

Links to attack logs

roxy-ip-list-2023-05-03 roxy-ip-list-2023-05-05