95.140.125.85 Threat Intelligence and Host Information
Share on:General
This page contains threat intelligence information for the IPv4 address 95.140.125.85 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
Possibly Malicious Host 🟢 30/100
Host and Network Information
-
Tags: cyber security, ioc, malicious, Nextray, phishing
-
View other sources: Spamhaus VirusTotal
- Country: Serbia
- Network: AS9125 orion telekom
- Noticed: 1 times
- Protcols Attacked: spam
- Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
- Passive DNS Results: rogersbvrly0123.ddns.net elumadns.hopto.org jmoney.daniel2you.com createluma3.hopto.org bukandy.ddns.net
Malware Detected on Host
Count: 21 af98c1e0b8d133608d671980f051b57518200fe829f1f3d370bec8f8d6e8a964 c2b398a19e00c22fef857f027b03eb5cb405599bf92705e6e46e119f9163c735 8cb74f924c5e0455ed33a8a9db7005d4fbe1be07af22f5bba250d0e2369478e6 c3850c03b01d408e68c1b82611681ca19baba6c7cc05e6a61f1a9a05e7ca6ef6 05a27aa44ed568684ac64a22e9521f228613e218435b96acc29162ff5e4d9fb1 cd6339a78482a3e126697834f27db66f5dfcefbb684b81427bb1d46cfc3e6467 5e8ee8a7042285e7a0f101658fbb58faba63323507f28dff84d5ed6df7ca63a3 3e8cdef67bd5887d0372fc1f08f69fbbc6227b5a5c10fe144ad9b7181ca62bc1 e7b773b5a0a1ab8ead65981185f3927c29f0e49bbe00c64f14bab3f36193c00c 80f6bb129225610f349ad37c6312bba57b98125c13d18aa05129836c9b4441ed
Open Ports Detected
Map
Whois Information
- inetnum: 95.140.112.0 - 95.140.127.255
- netname: RS-ORIONTELEKOM-20090305
- country: RS
- org: ORG-MW1-RIPE
- admin-c: OTN7-RIPE
- tech-c: OTN7-RIPE
- status: ALLOCATED PA
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: ORIONTELEKOM-MNT
- mnt-lower: ORIONTELEKOM-MNT
- mnt-domains: ORIONTELEKOM-MNT
- mnt-routes: ORIONTELEKOM-MNT
- created: 2009-03-05T11:03:26Z
- last-modified: 2016-09-29T08:17:28Z
- organisation: ORG-MW1-RIPE
- org-name: Drustvo za telekomunikacije Orion telekom doo Beograd-Zemun
- country: RS
- org-type: LIR
- address: Mala pruga 8, Naselje Zemun Polje
- address: 11080
- address: Belgrade
- address: SERBIA
- phone: +381 11 4100888
- phone: +381 11 4100900
- fax-no: +381 11 4100001
- admin-c: OTN7-RIPE
- admin-c: DS20416-RIPE
- admin-c: VT3730-RIPE
- admin-c: NM8622-RIPE
- tech-c: OTN7-RIPE
- abuse-c: OTN7-RIPE
- mnt-ref: RIPE-NCC-HM-MNT
- mnt-ref: ORIONTELEKOM-MNT
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: ORIONTELEKOM-MNT
- created: 2004-04-17T12:25:02Z
- last-modified: 2023-09-05T07:32:19Z
- role: Orion Telekom NOC
- address: Orion Telekom
- address: Gandijeva 76a, Belgrade, Serbia
- phone: +381 11 2228 388
- fax-no: +381 11 2228 334
- abuse-mailbox: [email protected]
- admin-c: DS20416-RIPE
- tech-c: DS20416-RIPE
- tech-c: VT3730-RIPE
- tech-c: NM8622-RIPE
- nic-hdl: OTN7-RIPE
- mnt-by: ORIONTELEKOM-MNT
- created: 2010-09-17T11:01:42Z
- last-modified: 2022-07-01T08:44:36Z
- route: 95.140.125.0/24
- descr: Orion Telekom - Beograd
- origin: AS9125
- mnt-by: ORIONTELEKOM-MNT
- created: 2019-05-29T12:33:19Z
- last-modified: 2019-05-29T12:33:19Z