85.114.133.20 Threat Intelligence and Host Information

Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 85.114.133.20 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1059 - Command and Scripting Interpreter, T1068 - Exploitation for Privilege Escalation, T1071 - Application Layer Protocol, T1105 - Ingress Tool Transfer, T1176 - Browser Extensions, T1496 - Resource Hijacking, T1497 - Virtualization/Sandbox Evasion

  • Tags: abuse, acint, adload, agent, agenttesla, alexa, alexa top, analysis, andromeda, apple, april, artemis, astaroth, august, ave maria, azorult, back, bambernek, bandoo, bank, betabot, blacklist, blacklist http, body, bradesco, brontok, changelog, cisco umbrella, citadel, class, cleaner, click, cloud xcitium, cobalt strike, communicating, conduit, contacted, copy, core, covid19, critical, critical risk, crypt, cutwail, cyber security, cyber threat, dark power, data, date, detection list, detplock, dnspionage, dns poisoning, domains, domaiq, download, downloader, dropper, emotet, engineering, error, et tor, execution, exploit, facebook, fakealert, falcon sandbox, fareit, file, filetour, floxif, footer, form, formbook, friendly, function, fusioncore, general, generator, generic, hacktool, header, heur, historical ssl, history first, hotmail, http, hybrid, iframe, installcore, installpack, ip summary, ipv4, june, keybase, keygen, kgs0, kiannas law, kls0, known tor, kovter, kryptik, layer, lockbit, main, malicious, malicious site, maltiverse, malware, malware site, march, matsnu, meta, million, mimikatz, miner, monitoring, nanocore, networm, nexus, nircmd, nymaim, occamy, opencandy, outbreak, password, patcher, pattern match, pe resource, phishing, phishing site, pony, presenoker, psexec, pyinstaller, pykspa, radamant, ransomware, redline stealer, referrer, remcos, resolutions, response final, revil, riskware, runescape, safe site, samples, secrisk, service, simda, site, sodinokibi, sophos sophos, ssl certificate, startpage, stealer, steam, strike, strings, submission, summary, suppobox, team, team phishing, threat report, tinba, tmobile, tofsee, trojan, trojanx, tsara brashears, united, unknown, unruy, unsafe, url https, urls, url summary, utc http, vawtrak, verdict cloud, virustotal, virut, wacatac, whois record, whois whois, win64, xcitium verdict, xtrat, zbot, zeus, zpevdo

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: hphosts_fsa, hphosts_psh

  • Country: Germany
  • Network: AS24961 myloc managed it ag
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: United States of America
  • Passive DNS Results: canna-trip.com cannabis-trip.com architektur-druck.com college-chatbot.com study-chatbot.com architekturdruck.com e-kart-cup.com fliegenpillz.com bot-coach.com arts-chatbot.com therapists-chatbot.com travelagent-chatbot.com tax-chatbot.com doctors-chatbot.com customerservice-chatbot.com consultants-chatbot.com socialmedia-chatbot.com social-chatbot.com spa-chatbot.com shop-chatbot.com serviceprovider-chatbot.com hotels-chatbot.com hairdresser-chatbot.com lawyers-chatbot.com ithelpdesk-chatbot.com insurances-chatbot.com instructors-chatbot.com pharma-chatbot.com personal-assistant-chatbot.com employees-chatbot.com edu-chatbot.com restaurant-chatbot.com realestate-chatbot.com abc-kundensystem.com lorenakaurinovic.com garagen-q.com ghostwriter-chatbot.com research-chatbot.com ai-businesscases.com ai-autoservice.com ai-usecase.com ai-automationservice.com ai-yield.com ai-automizer.com default-values.com snakeri.com phoenix-aus-der-asche.com odns365.net odns365.org odns24.org odns24.biz hotelimlus.com odns365.com odns24.com naturhotel-rebling.com zivers.org hekktik.net thingsandelements.com sunlightshower.com sunlight-shower.com hekktik.org hekktik.com rulebased-chatbots.com www.telecoin.de imkersummsumm.de www.imkersummsumm.de imkersumsum.de yogasamtosha.com doszt.com dirftelement.com instant-voicemail.com 123-empfehlung.com 123empfehlung.com kupferblau-immo.com kupferblau-immobilien.com www.sniper-store.com maarelli.com wsofl-telestroke.org robinkunze.com xn–ngler-vua.com noegler.com radlinger-international.com creatab.com mittagessentogo.com immer-dabei.com jojoartworks.com preloved-store.com greennaturelove.com elarafleur.com chocostore.org mb-sys.net kahil.biz kalibrierung.net website-downloader.com smokesfinder.com walkers.at sneakerhead-shop.info sneakerhead-shop.com isar-works.com isarworks.com vialita.net start-work.org vialita.org vialita.info drmeinert.com dr-meinert.com sumoworkout.com vialita.com sumo-workout.com nedvizhimost-thailande.com shoppingplatz24.info truck-experten.com dfk-software.com van-experten.com shoppingplatz24.com watch-convention.com maison-choi.com dknogl.com furbie-store.com furbiestore.com schreibservice-info.at isoxml.net ai-qualifications.com adult-edu.com 1000-points-test.com 1000pointstest.com further-edu.com pixelfabrik.net closedeyescollective.com be-a-wake.com eautokredit.de stphn.me kapitel.org abormusic.com abortynna.com cuntblasted.com leanostitz.com leanoz.com youngstarsage.com yssage.com noahkittler.com franchise-in-dubai.com franchise-in-germany.com www.sicht-barkeit.de dynamic-crafters.com metaguss.com desc-remote.com numerologie-kongress.com numerologiekongress.com xn–lochschnffler-3ob.com danielscheu.com lochschnueffler.com itconsultinglink.com notiznetz.com xn–nilshbel-4za.com topnotchbitches.com realmilfgangbang.com edoppella.com bonnynclyde.net katgpt.biz bootsschule1.info teamskeetx.com sexykurven.com mylfxladyfyre.com privater-wohlstand.com fuckedthatgirl.com therapieliege.net w9mail.com vanexperten.com vroni-kiefer.com innovisionenergy.com innovision-energy.com hairworld24.shop wise-relations.com customerolymp.com faiaandwata.com nextchapternow.net kodi98.com fjella.org munich-pm.com architectureplattform.com architectplatform.com flyingpooka.com tsai-kupser.com papier-shop.net equimedian.net equimedian.org papier-online.net equimedian.biz equimedian.com de-diekster.de mit-steel.com band-mit-steel.com xn–lernrume-beneken-znb.online lernraeume-beneken.online ai-beratungsagentur.com ai-consultingagency.com ki-consultingagency.com ki-beratungsagentur.com realestate-acquisition.com familie-krauss.com covid19fonds.de ki-bitcoin.com evodrm.de liberation-services.com micke-imb.com 3d-druck-academy.com teutona24.net raisonable.com mallorcainfos24.com mallorca-infos24.com lenkerschloss.com lenklock.com bandmitstil.com bandmitsteel.com barhandle.com carbon-projects.com lesswastify.com lieblingsfigur.com premiumgutschein.com pdfarranger.org axelmoney.com axel-money.com vorteil-franchise.com health-infopackage.com cancer-infopackage.com constraight-it.com fcg-wen.de woerk.net diy-komfortzone.info queerdenker.net styleyourveda.com emotionswelten.com foodfitnesstrainer.com 5oq.de tobias-naumer.com tobiasnaumer.com convermatic.com gp-coin.info gp-coin.com gp-club.com edwardkanitz.com grassbedarf.net tianwien.at grassbedarf.org grasbedarf.org grassbedarf.info grassbedarf.com grasbedarf.com cc-lab.ch aihentais.com bestwrist.com organisationsentfalter.com ada-kurs.online carbon-offsets24.com vinyl-vibe.com grussgutschein.com egalsame.com auth.kaikappel.de carbon-certificate.org carbon-certificate24.com carbon-scout24.com tunaut.com hiriva.com sniper-store.com smartphoneamigo.com simamigo.com westerwald-arkaden.de sifo-dialog.de www.sifo-dialog.de volksverpizza.de oracle-taiwan.com projectflows.net www.skript-manufaktur.de projectflows.org projectflows.info xn–mailnder-bau-jcb.com xn–mailnder-bauunternehmen-y7b.com tarifamigo.com mailaender-bauunternehmen.com mailaender-bau.com energieamigo.com reiseamigo.com finanzamigo.com creationpd.com creation-pd.com move4heroes.com moveforheroes.com homestagingsaarland.com lorenalupo.com black-spear.net waabos.com black-spear.org blackspear.org black-spear.info blackspear.info black-spear.biz blackspear.biz chat-flash.com wey-digital.com envisio.email envisio-consulting.com envisio-solutions.com envisio-services.com envisio-expertise.com envisio-online-services.com racha-group.com trawaydo.com schnuertel.com martinmeyler.de is-sentient.net wisdomloom.com handbuchmacher.com kellykepler.com feetyish.com hpaairsoft.info hpa-airsoft.info nasowas.info abricols.com hpa-airsoft.com private-villa-namibia.com ongemach.com erneuerbare-energien-gmbh.com nikasofie.com ferienhaus-namibia.com tam-dance.com tamdance.com starreinigung.com issueseverywhere.com franchisegebertag.com sabbatical-info.com smtxlost.com creatorcard.biz mid-swap.com prexello.com www.funkenderliebe.ch funkenderliebe.ch www.funkenderliebe.com myaiwa.net annakruse.org woodywoodsn.com happifyyourlife.com melinaceline.com ninasmio.com ai-assistent.com morehitswonder.com morehitwonder.com lupisitas.com prompt-assistent.com speed-reading.online moldiservice.net ai-business-solutions.com moldiservice.org moldi-service.com sign-and-shop.com signundshop.com signandshop.com pur-enerqi.com best4tires-berlin.com roadhouserag.com steinmiller.de fahotec.com stg-cl.editionlingerie.de candle-mood.com www.zapfagentur.de schoppenpetzer.com myhappycandle.com funkenderliebe.com editionlingerie.de thespiritofbali.net albianfalex.com albian-falex.com thespiritofbali.info thespiritofbali.biz alltagsmeister.com at-buchhaltung.com thesoulofbali.com leonidassidiropoulos.com jobs-hengegroup.com ecodeskpro.com stickem.shop www.timoetting.com www.90teas.com legalsnow.com inspiring-now.com essigsaure-tonerde.info selamitv.com myeasyban.com www.mediaradio.de avomap.com diynstag.com lauritaspinelli.com buchsprecherin.com bb-handel-vertrieb.com fahtec.com www.newkidsmarlon.com tesoit.com laserloungecosmetics.com prompt-experts.com gargarsquad.com www.filipinohomes24.com mamakannalles.com holz-apfel.de timoetting.com pttp-world.com pttpworld.com 90teas.com miracle-work.org kuwgang.com freiburger-suppen.com share.tobias-graeber.de nafug.com newkidsmarlon.com heddaber.com hannahsitte.com mc-asbest.com maximaloop.com jolineelisa.com elliuno.com nadinezofia.com constraight.net constraight.info constraight.com jatosit.net mittags-tisch.com glowup-clinic.com glowupclinic.com jatosit.com filipinohomes24.com cringeads.com cringedads.com maier-galuschka.de vuko.center ulmima.com www.flooritalia.com quick-order-24.com quickorder24.com seaviewweed.com seaviewbuds.com muktimoves.com interregnum.name schorle-riesling.com behavioral-biometrics.org behavioralbiometrics.org twn-trading.com nu-fitt.com www.jeckle.de fpvracingdrone.org zaepfchen.info whyitbest.com lecmich.it dimelis.com signal4fx.com wey-fuchs.com weyfuchs.com weyfox.com bilethics.com outdoor-challenges.com do8pgg.de muktixp.com muktimystic.com dealamiga.com dealsenora.com dealsenorita.com 9to5breuninger.com flooritalia.com deal-chica.com dicker-borkenkaefer.de coach4fx.com mvsernews.com no-weakness.com more-than-smart.com leaderkidz.com max-x5452.net southnorthagency.com www.architectours.net www.baustoffe-dortmund.com baustoffe-dortmund.com www.crowdfox-business.mobi pe-characterisation.com www.krautfoxbusiness.com www.pe-characterisation.com talentstairs.com www.business-corwdfox.com business-corwdfox.com nickrockland.com hoffmannsitservice.com sellasview.com sellaview.de www.sellaview.de sellaview.com bread-factory.com fladen66.com longevity-supplements.shop hakikirengo.com naremu.com canerzaza.com masseriamontesasso.com juliaxyoga.com saaxess.biz

Malware Detected on Host

Count: 9 1aa0ba41ce065e913c4e3a785f19957c3d4a98a837ab270d40e0ceb980904801 ac3f35818e34a5fae79d871efb802871a975b4d8239e8c839c1000841f2162aa 2762873363ebc83e58ed1806252e21551733f273cb08f4a84dd3691e8b02e657 74bc489bc8bafab11f797c9ecfe71ce57165abab00f9a8a6130b9a8eb671cc69 d29780b18414c6a672eed7460d30368e739f2f34c25f73e996597b7e48b04c0e 2dae119a87030d02c212eaeb258a0fd92e1e790463bbf266cab2e1c26ba4bd73 c8f928ab16d9ea17ea688d8e219527e2d6f5b96086432da1ec7dbe8d802c5d83 0c94e27c614b3a07da8aa8ca8b8c67180cdbb1ff240ce6c56d366b9815b8e198 9614bb2d5a101f3984db6ca7f4a4cf781f4ed2de723645397de3e603e2d318c5

Open Ports Detected

110 123 143 21 3306 443 80

CVEs Detected

CVE-2006-20001 CVE-2008-0455 CVE-2010-1623 CVE-2011-0419 CVE-2011-3192 CVE-2011-3348 CVE-2011-3368 CVE-2011-3607 CVE-2011-3639 CVE-2011-4317 CVE-2011-4415 CVE-2012-0031 CVE-2012-0053 CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1862 CVE-2013-1896 CVE-2013-5704 CVE-2013-6438 CVE-2014-0098 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2015-0228 CVE-2015-3183 CVE-2016-4975 CVE-2016-5387 CVE-2016-8612 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2021-34798 CVE-2021-39275 CVE-2021-40438 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-37436

Map

Whois Information

  • inetnum: 85.114.128.0 - 85.114.135.255
  • netname: FASTIT-DE-DUS1-COLO4
  • descr: fast IT Colocation
  • country: DE
  • admin-c: MOPS-RIPE
  • tech-c: MOPS-RIPE
  • status: ASSIGNED PA
  • mnt-by: MYLOC-MNT
  • created: 2005-02-22T10:15:37Z
  • last-modified: 2015-10-30T11:16:54Z
  • role: myLoc NOC
  • address: myLoc managed IT AG
  • address: Network Operations & Services
  • address: Am Gatherhof 44
  • address: 40472 Duesseldorf DE
  • admin-c: PHAN
  • tech-c: PHAN
  • tech-c: DDO
  • tech-c: JOH
  • tech-c: NIL
  • tech-c: STH
  • tech-c: KT3550-RIPE
  • nic-hdl: MOPS-RIPE
  • abuse-mailbox: abuse@myloc.de
  • mnt-by: MYLOC-MNT
  • created: 2013-02-11T16:38:10Z
  • last-modified: 2022-07-08T14:48:44Z
  • route: 85.114.128.0/19
  • descr: myLoc managed IT AG
  • origin: AS24961
  • mnt-by: MYLOC-MNT
  • created: 2005-02-22T10:00:11Z
  • last-modified: 2017-02-07T16:39:12Z
Share on: