81.169.145.159 Threat Intelligence and Host Information

Nov 24, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 81.169.145.159 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 70/100

Host and Network Information

  • Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1053 - Scheduled Task/Job, T1080 - Taint Shared Content, T1102 - Web Service, T1210 - Exploitation of Remote Services, T1486 - Data Encrypted for Impact, T1490 - Inhibit System Recovery, T1566 - Phishing

  • Tags: agent tesla, cobalt strike, cobaltstrike, cyber security, desktop, domains, emotet, emotet malware, eternalblue, fake net, fallout, first, flawedammyy, hashes, ioc, iocs ip, malicious, malware, microsoft, Nextray, phishing, qbot, systembc, trickbot, trojan, wannacry, wannycry, wcry

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: bambenek_banjori, coinbl_hosts, cta_cryptowall, hphosts_emd, hphosts_fsa, hphosts_psh

  • Country: Germany
  • Network: AS6724 strato ag
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: world-choir.org gold-verkaufen-muenchen.net averdijk.info titus-petronius-arbiter.art ah-naturalface.com hermaias.com mygrowage.com level22apparel.com punctum-holding.com golbanconsulting.com u-dek.com www.durasi-essentials.com frankkabisch.tech podsystem.jetzt mdglamshop.info nexchangehub.info adipositas-diabetes.hamburg aml-id.com houseofbrbn.com mvhproductiondesign.com mach-montage.com pewi-technik.com bosveldhorses.com nadjaundco.com nalan-hair.com looptwin.store herrbraunundich.shop hestgmbh.online hairfashion.email airsoftinsight.com allgaeuerknetmanufaktur.com dalacada.com divecampaign.com hansen-jesper.com benno1aultra.com gyropanorama.com noegels-hofladen.com knitsi-fritzi.com freetbyou.com konfliktkompass.training xn–gpfert-wxa.org wirvermittelndeinauto.online pieck.online scb-elektronik.net ikhebeenjob.net dreschers.info cuisyn.info bonsenreuling.accountant amlro.com dr-ruempel.com villa4vibes.com studionyah.com safeontrack.com militantdemocracy.com lukas-uptmoor.com yildiz-nord.com gebhardt-legal.com elbkreativ.com duftexpress.shop meinhonig.online modulbroker.com podologie-lingen.com giuliaemanuel.com eko-drive.com kitchenduchef.com free-and-easy.com cgwebdev2003.com gd-will.space mywill.tech everythingisform.info wilberz.com lexxa-gmbh.com gassner-design-studios.com juma-finanz-gmbh.com ebike-dealer.com rsg1830.com www.citecopharma.net fsb24.tech fuehrerschein-fuer-chinese.org www.salixbcn.com xn–gebudereinigung-osmani-24b.com ambervelthuisfotografie.com fida-designs.com femodrive.com www.docsdel.net www.reifenhandel-lehmann.com www.allgemeine-messedienstleistungen-mt.net bat-polarion.tech buerro.shop egecd.org aisessie.online zollarchiv.online www.pflegdeinefinanzen.com www.peeters-group.com xn–reitverein-bdingen-wolferborn-wbd.de tido-mobility.com studiojujo.com holzvorderhuette.com zimmermann-trapezbleche.com irisframework.com yapdate.com umme-umzuege.com eenbeterbedrijf.com neonalpacas.com www.bavariannature.video phohanoi-lpz.de zahlhaas.tech susgum.org authega.online perma-farm.net umlautfilms.hamburg inkternational.gmbh perleth.email mmm1642.com mom-circle.com mika-autism.com litigationquant.com pascal-brisset.com patrick-bensch.com ferienhaus-oranienburg.com www.toyopress.com www.eu-vermittlung.com eu-vermittlung.com code0.tech zelfzorgmanagement.store turmsanierung.org meinnewsletter.org zzbug.org scheiberaufscheiberunter.org irmtraud.org ffm-beratung.info power2them33pl3.games frederix.digital parun.dev www.machtanalyse.org xn–vindfljel-57a.com apacaw.com studioachtzig.com h3-concept.com lip-lymphoedem.com ybrato.com undoingdisaster.com ernst-uaclub24.com rukitis.com flora-season.com babalabab.shop dwarie.shop unsere-verwaltung.org compliance-academy.online nucserverke.online philippbarth.net furnitureprotection.net baxtrax.info xn–hfner-gra.biz stefanangele.com maas-sebastian.com planetare-gesundheit.com jurakoffiemachine.com ktmarkt.com kinder-stark.com strategischebeschaffung.tech vistaahome.site lindenhof.shop wendepunkt-reutlingen.org nordia-design.net xn–lilianaschtzl-kfb.com complete-clapton-tribute-band.com carinaharsch.com schlanktogo.com sven-meixner-transporte.com pusch-your-health.com boomhut505.com body-soul-in-balance.com espanol-toolbox.com www.direxfit.net com-passion-coaching.org picaria.net was-ist-deine-fitness.nrw thepalestinianarchive.info willgerodtsales.com wagner-gartengestaltung.com da-dachbau.com selzerbachschule.com mo-hamid.com mountainebikebears.com itm-center.com influence2inspo.com yesstravels.com bjk-it.com jaklienverham.com www.aftersmoke.store www.schreinerei-fegg.de zapfhahn.info carecard.cloud www.algenpapier.com tv-kahl.com domingo-photo.com deinyogaweg.com sv-germania-ansbach.com multitoolslijper.com rolaelhalabi.com eyelogistics.org innenweltdesign.net kreis305.net praxora.care alloutpartners.com durasi-essentials.com dragon-reptiles.com vanderesttechniek.com schwittepartner.com melanieschlachter.com md-transport-umzug.com pillenheld.com onlineshop-euro-carat.com resinpinselgalerie.com djk-sv-schaibing.de www.lieplink.com machtanalyse.org roxc.store double-trouble.org mineyouself.org realpsytrance.org hof-eichelbrunn.info immobilienfotografin.hamburg getcannapass.digital zahnarztlichterfelde.berlin xn–studiebnken-r8a.com xn–lttchen-90a.com amber-spark.com thekillingtapes.com vtmf-management.com sommelierpaul.com mocrochannel.com letraefel.com olafspowerbites.com www.hundpuls.se hundpuls.se www.augwen.com dkav.org grundschule-bestenheid.info mse-solar.info alles-steht-zum-verkauf.com trageberatungfulda.com thomasoehl.com childofgaza.com vetibau.com schicke-schnauze.com stillgestanden.com samadi-shop.com leben-erfahren.com lofdahlecommerce.com redbatcat.com www.schwitzen-friedberg.com www.leadtek-eu.com www.heimathafen-friesland.com hahn-web.tech mx-shky-23485838929-dev.tech sqoogan-safety.online enjoypics.net ohanapflege.info diadema.events elbdeich.email mementomortu.cloud fboeck.cloud tauro-shop.com digitalbridgeconsultancy.com daanwolfsmusic.com cicliq.com seifrau.com blackhandcommando.com balteberga.com kindergartenbegleitung-hannover.com restaurantaltwaren.com fortisdesk.com twenty4talk.com www.plugrental.com www.nolimitsgmbh.com fraublauthetahealing.saarland www.videobuyin.com dccacademy.org testonlinerg.online rm-foto.net hohenbucko.info timo.land das-wird-unser-tag.com dietmarhanke.com core-yachts.com zangelou.com palazzoluxe.com n-wedding2024-s.com kleines-auszeithaus.com www.medicalgradecompounds.com haarologie.org burwitz-art.org space-cloud.online rsg-emsdetten.info maty.dev trauerkomet.com til-mueller.com celebre-hochzeiten.com beststudio-hairstyle.com yourenergy24.com extrapriser.com www.xn--gynkologie-im-veedel-dzb.de www.torqeedoaustralia.com www.ketoxpress.info xn–gynkologie-im-veedel-dzb.de reistop5.com elektrotechnik-rouland.de www.cvb.immo krachschmidt.net cruisefox.info karajalo.info dental-stories.digital abenteuerkompass.academy dalmacija-apartments.com skhlmshopping.com grantdate.com jaenrobert.com oneye-visions.com earthrescuerangers.com www.sb-development.info certainsomething.studio hildebrand.onl xn–sprhunde-smyrek-0vb.net hobby-and-more.net idexq.net brightsideup.games mocro.amsterdam xn–msingenieurbro-rsb.com welcome-to-the-dark-empire.com tryggfrakt.com the-dangeroo.com thebutchersisters.com cyber-circuits.com valentin-film.com systemische-arbeit.com siebenschoen-lovestories.com mvpedia-ewiv.com luxusproben.com id-x-benchmark.com pauzeplek.com botec24-sps.com bengal-lovers.com jennis-generationencafe.com www.derraumtegernsee.com www.scan2pdfa.com stimmreichsein.com scan2pdfa.com forromagdeburg.org sophiekush.net stadtstreichler.info free-e-post.email climatechanger.academy aim-coach.com traumzeit-auszeit.com chaletdeveste.com climateforeststandard.com sagsmithumor.com huf-oberberg.com myeyfarm.com zweites-leben.com bp-brandingpage.com btnnuernberg.com gssjansen.com gintaste.com oya-wedding-aesthetics.com www.par-consulting.com www.flexbeweging.com bocholt-pride.org petrabeuthel.online potttastisch.net notification-overload.net ix-i.net rascam.dev www.pasarbaroe.se pasarbaroe.se dimension-mag.com cake-a-day.com kiyokoyama.com emmas-futterwelt.de holye.store lumberskill.shop fratelli.shop wissenschaft.science digitization-hub.org coldin-test.org innerlighthealing.online fritzw.info alt-naechtlichestheater.digital seeliger.cloud www.quantumfieldtechnology.org xn–umusc-q4a.com studiosvahn.com simon-chocolaterie.com sebastianpapst-engineering.com homi-studio.com matthiasebelconsuling.com brandtsmarkenmanuktur.com groenopgelost.com klimagaerten.com www.kirche-golzow.info ahlborn-unimog.online direxfit.net xn–dnergame-n4a.net lause.berlin lektorat-textpatin.com gymhool.com osell-os.com www.dangelei.com dreamlife-energy.org kings-and-states.org balticpunk.online homer.haus xn–ferienwohnung-knigssee-8hc.info su-haustechnik.com helicero.com herbsthochzeit.com lukekrayworker.com peeters-group.com kommunikationsberaterin.com kinder-der-bronx.com sandow.tech alpenlandtouristik.reisen sharp4.one silbennudel.info glaubensursprung.info talents4work.com zzu-immpress.com rgs-holding.com fastenpause.com www.atrateboysclub.com aftersmoke.store versicherungsmanager.digital hypersecure.cloud algenpapier.com topcazino11.com cease-fire-now.com vechtawaagen.com gedankenmeer.com freedom-of-future.com www.sgg-coaching.com www.unterriker.com www.coqoon.design frankroth.org fruitel.info kreutzberger.info jurpad.digital www.xn--gnnis-mnzenhandel-22bg.info medienberater-gesucht.de xn–gnnis-mnzenhandel-22bg.info architecture-designs-plans.com timeless-fur.com silkegrobert.com lxrybox.com lxryvoucher.com inventire-inventur.com livinglightkirche.de www.wendepoint.com www.reinders-reniers.com www.dawiko.net patriciahealingart.store planetepneu.net fewo-digital.info augwen.com cafe8samkeit.com ma-labels.com liljemail.com instrumentosandinos.com photovoltaik-anbieter-bewertung.com jinbv.com 223dregrees.com www.eventsrheinmain.com dnbuergergegenrechts.org planetaryjustice.org herzwerk-taschen.net buendnis-sarah-wagenknecht.info flippers.digital third-wave.cafe seangossler.com prezor-exclusive.com elbzahn-chirurgie.com 7-stark.com ruhrpottmobililty.com fmundt.com www.actioninresilience.org actioninresilience.org www.unexpectedsubjects.info thunderbae.store pferdeauktion.online xn–neumller-95a.biz basketdragonsmarzahn.berlin xn–trsties-b1a.com demokratikalevifederasyonu.com sandylein.com schwitzen-friedberg.com modelar-bau.com manatisimulator.com funker-funkt.com bookwarm.store

Malware Detected on Host

Count: 72 033850899bd78fa5b95e57b756d1000a202fbf5133c2fe07d2d1d84964daed83 46b2f063baf487df3097167dc2756d92ca6726847f9578ba3d8a332d8d050812 9b2052107c7881d1cf35e5a7e7614806b9dbe2987c8547e37a07e8725aa33d3d e61dda7bdcb0860b878de96605f9490ce7dea989f516124d68bb864065167c38 cfd5ba244f7551300b0dcefb1b5c45863cf9b51cfc050280c23d8d2de8e2933c 2689c419bfbe55bbfccf9898fc0f3589fe6f3f905e0ce33e5b65944e9a01e597 fcaf0a782d0ab1755413bb336b6f8a38952bd4948cf100638875dc50b6fb3412 408bb157f1e6f144432def41e9561a681d8e3fa829d92862b777df3a74f7115c f918f5437493f237daf5598b02665c49456180c7a63a2071a905dd322c0d7cf7 315a392112fd9b8acf655afd0f20ddc2d6b9eb4aa660c0ee3e6ca54bb91790d9

Open Ports Detected

21 443 80 8080

Map

Whois Information

  • inetnum: 81.169.144.0 - 81.169.148.255
  • descr: STRATO AG
  • netname: STRATO-RZG-KA
  • org: ORG-SRA1-RIPE
  • descr: Strato Rechenzentrum, Berlin
  • country: DE
  • admin-c: SRRC-RIPE
  • tech-c: SRRC-RIPE
  • status: ASSIGNED PA
  • mnt-by: STRATO-RZG-MNT
  • created: 2010-01-15T09:26:51Z
  • last-modified: 2020-11-10T11:39:47Z
  • organisation: ORG-SRA1-RIPE
  • org-name: Strato AG
  • country: DE
  • org-type: LIR
  • address: Otto-Ostrowski-Straße 7
  • address: 10249
  • address: Berlin
  • address: GERMANY
  • phone: +4972191374551
  • admin-c: SP20660-RIPE
  • abuse-c: SRAC-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: STRATO-RZG-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: STRATO-RZG-MNT
  • created: 2004-04-17T11:12:39Z
  • last-modified: 2023-06-14T08:03:06Z
  • admin-c: SH15342-RIPE
  • tech-c: SH15342-RIPE
  • tech-c: SP20660-RIPE
  • role: RIPE contact
  • address: STRATO AG
  • address: Otto-Ostrowski-Straße 7
  • address: D-10249 Berlin
  • address: Germany
  • phone: +49 30 39802-0
  • org: ORG-SRA1-RIPE
  • abuse-mailbox: abuse@strato.de
  • admin-c: SH15342-RIPE
  • tech-c: SH15342-RIPE
  • nic-hdl: SRRC-RIPE
  • mnt-by: STRATO-RZG-MNT
  • created: 2010-01-15T08:35:31Z
  • last-modified: 2023-01-02T09:13:13Z
  • admin-c: SP20660-RIPE
  • tech-c: SP20660-RIPE
  • route: 81.169.145.0/24
  • descr: STRATO AG
  • descr: prefix only advertised in case of DDoS
  • origin: AS6724
  • mnt-by: STRATO-RZG-MNT
  • created: 2014-02-18T16:19:03Z
  • last-modified: 2014-02-18T16:19:03Z
Share on: