79.98.25.1 Threat Intelligence and Host Information

Oct 21, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 79.98.25.1 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1036.004 - Masquerade Task or Service, T1036 - Masquerading, T1040 - Network Sniffing, T1045 - Software Packing, T1053 - Scheduled Task/Job, T1055 - Process Injection, T1060 - Registry Run Keys / Startup Folder, T1082 - System Information Discovery, T1129 - Shared Modules, T1140 - Deobfuscate/Decode Files or Information, T1199 - Trusted Relationship, T1410 - Network Traffic Capture or Redirection, T1448 - Carrier Billing Fraud, TA0011 - Command and Control

  • Tags: aber zuerst, added active, address, admin country, agency, algorithm, alles sehr, apple ios, april, ascii text, associated urls, asyncrat, available from, avast avg, awful, backdoor, beacon, blondine, body, body length, brian, brian sabey, brnette, c2 activity, ca1 odigicert, canada, carrier billing, certificate, charles, checkin, ck ids, claim reversal, cnc ids, code, command, contacted, contact email, contact phone, contentencoding, control, copy, core, crlf line, crypto, cus cndigicert, cus odigicert, cyber warfare, data, data upload, date, date checked, deep panda, delete, detections type, dns replication, dnssec, doctype, domain, domain hos, domain status, elqaid16867, elqat1, elqcst272, email, emails, emotet, empr.online, enter, enter source, entries, error, es wre, exclude, exclude data, execution, expiration, express, extra, extraction, extra data, failed, families, fieldlastname, fieldssn, filehashmd5, filehashsha1, files, final url, find s, formbook, formbook att, formbookatt, formbook cnc, fraud, fraud endpoint, full name, gb registrant, generic malware, global g2, hacktool, hall render, hast, hasty hacker, hcpruxi include, headers nel, healthcare, heur, high, historical ssl, home, hos hos, hosting, hostname, hostname add, html document, html info, http response, https, https://www.virustotal.com/graph/embed/g17b255d00de64c0faa707968, ica7nvfarux, ids detections, iis windows, inc cndigicert, include, include review, inc validity, iocs, ip address, ip sun, ipv4, ipv4 add, ireland, islands, javascript, kb body, key identifier, key info, language, law firm, learn more, legal, location virgin, lost, macho restore, macintosh disk, malicious, malware, markus, masquerade task, medium, micromedia, milton keynes, mk14, module load, moved, name, name servers, naser rony, new relic, noname057, north wales, number, nummern, ogainwell, organization, packing, panda, parent domain, parker lisa, passive dns, please, portal, portal account, possible deep, post, postal code, present dec, present feb, present jan, present jul, present jun, present may, privacy tech, provider portal, provider web, pulse, pulse pulses, pulses, read c, rebel ltd, record type, record value, redacted for, redirection, redline, referen, referen data, referen hcpruxi, referrer, regdword, registrant fax, registrar, registrar abuse, registry domain, registry tech, regsetvalueexa, reimer, related pulses, relationship, render, reply lisa, resolutions, returnurl, review exclude, role title, run keys, sabey, sakurel, sat dec, sat jun, scan, sc data, search, search otx, security scan, se review, server, server response, service, serving ip, se source, sha256, show, showing, sniffing, specialist, srs ab, ssl certificate, status, status code, subject public, sugges, sun jan, t1040, t1045, t1053, t1060, t1129, t1199, t1410, t1448, ta0011, tags, taskjob, tax id, tech email, text, texurag, title, title charles, tls rsa, trojan, tsara brashears, ttl value, tue nov, twitter, type, type indicator, type name, typ url, united, unknown cname, unknown ns, uregistruotas, url hostname, url http, url https, url or, urls, urls url, us registrant, v3 serial, value a, view, view charles, virgin islands, virtool, white insane, whois record, whois whois, win32, win32 exe, windows, wiza meta, write, writeconsolea, x509v3 subject, xloader, yara detections, zusammen

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: hphosts_emd, hphosts_psh

  • Country: Lithuania
  • Network:
  • Noticed: 12 times
  • Protocols Attacked: SSH
  • Passive DNS Results: beikus.lt metacore.lt srssigns.eu bluecoin.lt teresaterra.lt www.ketokodas.com www.fordelux.fun isminavimas.lt venzu.eu averisbau.com convertxhub.com averisgroup.com averisprojects.com holdmylemonade.com balticoliverealty.com trenivus.com aurevisgroup.com whattoseeinmadeira.com rptle.com amberrituals.com girtekacarriers.pl promoid.us celofanas.store rapolas.tech sudokuszone.online www.isgyvenimorinkinys.lt isgyvenimorinkinys.lt niekamnemoku.lt podswinebar.lt repowersolutions.eu valsir.lt www.bikerentgrandcanaria.com www.geriangarai.com vitahub.lt www.fordelux.org www.fordelux.site celofanas.tech dailyportal.space kitokiajuvelyrika.store orre.store dailycalendar.space celofanas.space celofanas.site celofanas.org dayhub.online kitokiajuvelyrika.online mydailyportal.online celofanas.online dailyportal.online mydailyhub.online celofanas.fun hellcorporation.fun mypeptidepen.com bunnyanddragonstudio.com evalik.com bysonke.com amberosrituals.com mydailyportal.com noharsh.com infosecurify.com lapomene.com sudokuszone.com digialchemylab.com celofanas.com grazioda.com 1clickpharma.fr veloa.ee aseaglobal.ee www.aseaglobal.ee fordelux.fr www.ujoyfamily.org www.fordelux.fr keral.lt flame-sport.ee www.cp2mods.com www.faceaboutme.com daimex.tech hellcorporation.org lexoncall.com locktoy.com rude-health.ee www.rude-health.ee www.goloburda.com www.newsec-baltics.ee shopium.ee newsec-baltics.ee www.shopium.ee moontroops.com domainshop.lv www.ordoliner.ee ordoliner.ee giatsu.ee lacivilization.ee www.twinsbetcasino.ee www.lacivilization.ee twinsbetcasino.ee www.toycity.ee www.geodomex.ee www.giatsu.ee geodomex.ee toycity.ee www.synopticom.ee synopticom.ee smartagent.ee www.smartagent.ee www.logismart.ee pricebee.ee storexhallid.ee vitaminlab.ee www.pricebee.ee www.storexhallid.ee logismart.ee www.vitaminlab.ee www.kuberjulgeolekuakadeemia.ee www.pharmamint.ee herbavel.ee pharmamint.ee www.givrer.com www.herbavel.ee kuberjulgeolekuakadeemia.ee towel-dryers.com www.noother.ee noother.ee www.top-safes.ee sustain.ee www.sustain.ee top-safes.ee emblemos24.lt www.ujoyfamily.com kaisiadarskas.lt finoera.lt lexoncall.org deimantai.net seenext.biz shopolab.com defenseammunition.com ididitclean.com elektromobiliams.eu faraga.lt 0to100.lt murmurapranga.lt baltai.eu www.explorinity.com explorinity.com dreametf.com hamburgaviationforum.com gh365.app greenhouse365.app getdpp.app dspart.com qbstars.com okidaybaltics.com theinsulinbible.com fridgeroast.com theinsulinrevolution.com thestorieshouse.com saugiosidejos.com reisequest.com insulinbible.com 4motoracing.com boutiquevinylday.com dubaiaviation-forum.com parisaviation-forum.com vilniusaviation-forum.com hamburgaviation-forum.com warsawaviation-forum.com parisaviationforum.com frankfurtaviationforum.com vilniusaviationforum.com amsterdamaviationforum.com dubaiaviationforum.com adgmotors.com warsawaviationforum.com berlinaviationforum.com amsterdamaviation-forum.com frankfurtaviation-forum.com geltonibotai.com berlinaviation-forum.com londonaviation-forum.com londonaviationforum.com themedicalima.com vens-group.com thearuelle.com dukrana.com loomyflow.com adagiosostenuto.com gastropaprastai.com b2bmanufaktura.com b2bmanufacturing.com jssportshop.com blazepack.com deezcrow.com onaoma.com teraservicehub.com lingutor.com rustychain.lt sociallubricant.store sociallubricant.online sociallubricant.fun primebeautystore.us assemblebyengineer.com dollsfestival.com dwychina.com celebratecontrarians.com celebratingcontrarians.com hiaceremonies.com openrietavas.com uaeweeklyadsdeals.com homebeecoffee.eu uaeweeklydeals.com hilook.lt aireceptionist.solutions madeineu.lt ntmatch.org thatso.online greenhouse365.net grhooks.eu autoestetika.com autoamadeus.com testmysauna.com castiplex.com nootropicstandard.com ntmatch.com rnyhybridlab.com todomo.online solveigabake.com atvyrasrysys.com mxthey.com keefone.com aode.tech littera.lt dirbkeu.com drinkarba.com cookiein.com skarklingarba.com myphotoalive.com braukylos.com baltija.tech statyba.tech neridata.tech solointelligent.store solo-int.store wowtick.com arosholding.com solo-int.com solointelligent.com mebyface.com luvoclean.com isidaart.com psyradmila.com per4m-media.com ondori-izakaya.com neridata.com keetel.com faceaboutme.com agentas.tech thedigitalid.org utoolsai.org saltiniobankas.net laikoratai.lt boxfish.fi escrowcode.org ntbrokeriumokymai.online aboutdetail.com staskaatelier.com mickevicius.com pokerfacechef.com doncor.co.uk sielostekme.tech saltiniotekme.tech saltinio.tech sielostekme.store saltiniotekme.store sielostekme.space saltiniotekme.space sielostekme.site saltiniotekme.site saltiniotekme.org sielostekme.org sielostekme.online saltiniotekme.online mumirage.net saltiniotekme.fun sielostekme.fun saltiniotekme.cloud wrapmoon.com wrappmoon.com topcabinrank.com turnitonagency.com themetamark.com cntrlhoops.com comparecabins.com sielostekme.com saltiniotekme.com mostfunnypicture.com playandwin11.com gilesprojektai.com fortarmour.com prestaflow.tech prestaflow.store prestaflow.space prestaflow.site paddle-sports.shop prestaflow.org mumirage.online bookably.net zuvisirpliazas.fun prestaflow.fun fishandbeach.fun wheel4s.com autobindo.com trackbees.com chatenetauto.com mumirage.com ew4s.com 56journal.com fragre.com www.patariu.lt patariu.lt nvproject.store gopaddle.shop friendsinpaddle.shop danu.gallery ru.uzpildai.lt r6wood.eu cybercorpus.net www.covidkaukes.lt augaliukas.com arcustudio.com mafiavmods.com mafia5mods.com mafiaivmods.com zennalab.com britunited.com niranse.com fn26.tacsent.com islacosmetics.store qbstars.net erefu.net www.danaribas.ee greenbee.biz 2kart2.lt help.iv.lt qbstars.org pvs-demo.online qbstars.info www.tiltees.com www.vpsc.lt garageculture.store www.lokihouse.com www.onaoma.tech drinkfirstwater.com www.shpix.com tiltees.com sbs.666.lt getdpp.tools mydpp.tools viaseer.space customsless.com viaseer.com vasarosstovykla.com olimeet.com ekopuosmena.com nishiparfum.com newsitehunt.com nishiparfums.com riden4.com pinkemall.lt www.pinkemall.lt ennerio.fr matematika.tech salarycheck.online eptrade.online konservai.fun focuson.lt www.focuson.lt drivestorage.pl aviovis.com aviovis-group.com arcus3dbox.com aviovisgroup.com domeiva.com sodybkaimis.com orileya.com ekokupolas.com konservai.com autof1rst.com consultationnr1.com sidestorygrp.com sidegrp.com haulcrest.com mugic-things.com ignedru.com paskadeditor.com fleetcrest.com vitalhealth.tech avectoria.com autoasista.com defencebriefing.com defensedailynews.com startupfinancehub.com pqc-hqc.com globaldefencenews.com raisezap.com coposcapital.nl ardeston.com citystatemetropolismods.com mylagunavista.com martynaslape.com litvakechoes.com lifractals.com blocknd.com goal2grow.com forzahorizon6mods.com atviras-kodas.lt flinersproceduros.lt www.flinersproceduros.lt walksy.tech parenty.store parenty.tech walksy.space emvyi.space parenty.site parenty.space lovelyrita.fun siltnameliai.fun crew3.fun parenty.fun parenty.cloud emvyi.cloud bramkitchen.com target2growth.com target4growth.com target4grow.com target2grow.com detagamatacho.com detagamapro.com herrelationshipguide.com flexycode.com e-pharmacy.tech wplay.space curonianspit.store curonianspit.site newtro.pro holytime.org curonianspit.online manoas.online curonianspit.fun aurumetic.com herbaray.com hornac.com gfvgyms.com orimea.com rmlogistika.com www.malonususipazinti.lt malonususipazinti.lt e8.0d.lt 52.0d.lt 41.0d.lt climateatscale.org atscalefoundation.org frutea.fun atscalefoundation.com climateatscale.com surgytravel.com megamasgroup.com peasnlove.com balticlongevity.com radiental.com www.vincentaspetrosius.com www.mindorysolution.com www.moonloungeresort.com www.roadkingsmods.com www.kogitoys.com www.mcloak-europe.com www.roadkingsmodding.com www.asiaoceaniabank.tech motostata.lt wifeinbusiness.com wagyu4.com wagyu2.com hprlink.com pajudriopalivarkas.com 53.0d.lt top-choices.com tomasjuskevicius.com broskifix.com beegummy.com ensoway.com ltmeshnet.tech ltmesh.tech dontforget.tech ltmesh.online digitalpylon.eu bad-stay.com elektrobaze.com arvify.online claims-spot.com claim-spot.com qortos.com

Malware Detected on Host

Count: 2370 58ad732e14385ec03178f9a1a22e214f340ad6608b00b97f02ca26b9ffde77ea dde9d821331531b09cb135d898ae3fbddf5b3816834bca0d239c609cdc5ec5a9 e2153198cc52fbf70a87f51b7d57a86150d306bdedba61dd01d71fac74986a7f 251d91440c7c630de5c9471d430d29cfb24d2f62949cdf71013ed7251c3c6257 332f07675d56a1cf60a0fd32b7f1da77d72ae45e2a721b81afb578b3ad1c8037 3b7f3ed54d08ae1359d61bf5a8852c5f6bfb885d8b2d550ba7a1249466273412 ea51096741a6d046b6685d1e6294dd0a3fb1471520b7989d4c98fdf0f771577d 162f7fe1787871ae7c989dc8aed397219d3e514593a253f9f93a22d8042500f0 70a5e82a5e8b011a00acb3dc0e07695298c9a389c89dd57c4a430fcaac22a8d6 21f18c5448db788a66151c773afefdcf13383d7e66ee154fadd991a47fefbae3

Open Ports Detected

80

Map

Whois Information

  • inetnum: 79.98.24.0 - 79.98.31.255
  • netname: LT-LITHUANIA-20071023
  • country: LT
  • org: ORG-Uv2-RIPE
  • admin-c: IVH-RIPE
  • tech-c: IVH-RIPE
  • status: ALLOCATED-ASSIGNED PA
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: SERVERIAI-LT
  • mnt-lower: SERVERIAI-LT
  • mnt-routes: MNT-LT-RACKRAY
  • geofeed: https://ip.serveriai.lt/geofeed/AS212531_geofeed.csv
  • created: 2007-10-23T13:31:39Z
  • last-modified: 2025-05-28T10:50:06Z
  • organisation: ORG-UV2-RIPE
  • org-name: UAB “Interneto vizija”
  • country: LT
  • org-type: LIR
  • address: J. Kubiliaus g. 6
  • address: 08234
  • address: Vilnius
  • address: LITHUANIA
  • phone: +37052324444
  • fax-no: +37052077944
  • admin-c: IVH-RIPE
  • abuse-c: IVAB-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: SERVERIAI-LT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: SERVERIAI-LT
  • created: 2007-09-13T12:04:08Z
  • last-modified: 2020-12-16T12:23:48Z
  • person: INTERNETO VIZIJA Hostmaster
  • address: UAB “Interneto vizija”
  • address: J. Kubiliaus g. 6
  • address: 08234 Vilnius
  • address: Lithuania
  • phone: +37052324444
  • fax-no: +37052077944
  • nic-hdl: IVH-RIPE
  • mnt-by: SERVERIAI-LT
  • created: 2006-04-15T09:22:23Z
  • last-modified: 2017-10-30T21:48:54Z
  • route: 79.98.24.0/21
  • descr: InternetoVizija
  • origin: AS212531
  • mnt-by: MNT-LT-RACKRAY
  • created: 2021-08-03T07:36:16Z
  • last-modified: 2021-08-03T07:36:16Z
  • route: 79.98.24.0/21
  • descr: LT-RACKRAY
  • origin: AS62282
  • mnt-by: MNT-LT-RACKRAY
  • created: 2017-02-14T11:37:05Z
  • last-modified: 2017-02-14T11:37:05Z

Links to attack logs

****** ****** ******

Share on: