85.93.52.99 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 85.93.52.99 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: Russia
  • Network: AS12389 pjsc rostelecom
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: www.twd.omegactivesport.ru twd.omegactivesport.ru tw.omegactivesport.ru www.tw.omegactivesport.ru twist.ligapro-sport.ru www.twist.ligapro-sport.ru www.files.omegactivesport.ru files.omegactivesport.ru www.twist.omegactivesport.ru twist.omegactivesport.ru files.ligapro-sport.ru www.files.ligapro-sport.ru www.stat.ligapro-sport.ru stat.ligapro-sport.ru dev.ligapro-sport.ru www.dev.ligapro-sport.ru www.wiki.omegactivesport.ru wiki.omegactivesport.ru bitrix24.profmaster.net www.bitrix24.profmaster.net office.ligapro-sport.ru www.office.ligapro-sport.ru

Malware Detected on Host

Count: 1870 7dffcb4c4a460100d4c49e173fbf70eba4a7306747dc2d6570f4371b978fa87b 6b6ae9cd1c7155655e718d14fba168ef4129f38de01d17116476fdfe53d8dde8 b65b7bb28d76aa10b3488d5fa1a33ae849b738505725f4796dea642423c44e7c 4b19f7d82f1574d6e0fceb239a9f71868abdb51f6372e4008babf3d3d8c0b74b 060f89f9ccfb00a65f9f2aa2aed7bee7ea20688b9d510708d14ac17d62ab8240 3961b6ca4fca0a90233cfb7f73b78f6f72d39b6cb75a255f23a3041675b5be50 3a1e79caea5b3af0ed3a9db413d8dd6cc61d816e5f83f8d4a8c99cc4d8cbbc8e 5b2701768cd508f65bb7f3a99d895c883c37291333ff33ab4e98d44a25a8f67d 637d28336968a3685fdcb4d0e90f9548e5d23b1cf4182d58eab588d4e60249d5 56b0cc23c1b4bf119a9066914632a6cf4b2aea9eb9caebbfb5e2b38c4504ae12

Open Ports Detected

22 443 500 80

CVEs Detected

CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618

Map

Whois Information

  • inetnum: 85.93.52.0 - 85.93.52.255
  • netname: KIROV-xDSL-STATIC
  • descr: xDSL static customers Kirov
  • country: ru
  • admin-c: MAB88-RIPE
  • tech-c: MAB88-RIPE
  • status: ASSIGNED PA
  • mnt-by: CAIT-MNT
  • created: 2006-06-08T07:39:59Z
  • last-modified: 2012-10-10T09:32:15Z
  • person: Michail Bilkevich
  • address: 20 Moskovskaya st., Kirov, Russia, 610000
  • address: JSC “RosTelecom”, Kirov branch
  • phone: +7-8332-702981
  • nic-hdl: MAB88-RIPE
  • created: 2006-05-22T08:55:17Z
  • last-modified: 2020-08-19T06:47:18Z
  • mnt-by: CAIT-MNT
  • route: 85.93.52.0/23
  • descr: JSC RosTelecom, Kirov branch
  • origin: AS25436
  • mnt-by: CAIT-MNT
  • created: 2012-10-09T09:44:19Z
  • last-modified: 2012-10-09T09:44:19Z

Links to attack logs

bruteforce-ip-list-2019-12-29