81.200.3.254 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 81.200.3.254 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: blacklist, block, botnet, cyber security, intrusion block, ioc, ip monitor, malicious, Malicious IP, mirai, Nextray, nmap, phishing, port-scan, scan, smb, tcp, TPOT, tsec

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: turris_greylist

  • Country: Russia
  • Network: AS29124 iskratelecom cjsc
  • Noticed: 1 times
  • Protcols Attacked: mssql
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 3 371846a4fbf08b9d9e3de8abafb48ccc44b94e61309e6a6527c3be85592c9a5f 28e16f84dd2e79c019db62e92cb188e0dc95fa1df1df6f4506f019ae606e616f b784cd6499ee3f699e73198602a1e8db0babe61fd348d9947aa76129e2c6bb68

Map

Whois Information

  • inetnum: 81.200.0.0 - 81.200.31.255
  • netname: RU-ISKRATELECOM-20020923
  • country: RU
  • org: ORG-JI4-RIPE
  • admin-c: IT-RIPE
  • tech-c: IT-RIPE
  • status: ALLOCATED PA
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: ISKRATELECOM-MNT
  • mnt-routes: ISKRATELECOM-MNT
  • mnt-domains: ISKRATELECOM-MNT
  • created: 2014-11-19T09:17:27Z
  • last-modified: 2018-01-23T11:45:10Z
  • organisation: ORG-JI4-RIPE
  • org-name: Iskratelecom CJSC
  • country: RU
  • org-type: LIR
  • address: Nagatinskaya Street, 1 building 14
  • address: 117105
  • address: Moscow
  • address: RUSSIAN FEDERATION
  • phone: +7 495 640 1010
  • abuse-c: AR16727-RIPE
  • admin-c: AA30637-RIPE
  • admin-c: AGK26-RIPE
  • admin-c: MSZ10-RIPE
  • mnt-ref: ISKRATELECOM-MNT
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: ISKRATELECOM-MNT
  • created: 2004-04-17T11:53:46Z
  • last-modified: 2020-12-16T13:05:48Z
  • role: ISKRATELECOM Network Operations Center
  • address: Nagatinskaya Street 1, building 14
  • address: 117105 Moscow
  • address: Russia
  • phone: +7 495 640 10 10
  • fax-no: +7 495 640 10 10
  • org: ORG-JI4-RIPE
  • abuse-mailbox: [email protected]
  • admin-c: MSZ10-RIPE
  • admin-c: AGK26-RIPE
  • tech-c: AGK26-RIPE
  • tech-c: AA30637-RIPE
  • nic-hdl: IT-RIPE
  • mnt-by: ISKRATELECOM-MNT
  • created: 2003-12-02T11:31:47Z
  • last-modified: 2018-01-23T11:48:19Z
  • route: 81.200.0.0/20
  • descr: RU.SU29 network
  • origin: AS29124
  • mnt-by: ISKRATELECOM-MNT
  • created: 2003-07-04T12:27:38Z
  • last-modified: 2015-06-03T15:39:25Z

Links to attack logs

nmap-scanning-list-2022-07-17 dofrank-mssql-bruteforce-ip-list-2021-09-26