119.28.130.167 Threat Intelligence and Host Information

Share on:
Mar 02, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 119.28.130.167 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • JARM: 3fd3fd0003fd3fd21c42d42d000000bdfc58c9a46434368cf60aa440385763

  • View other sources: Spamhaus VirusTotal

  • Country: Hong Kong
  • Network: AS132203 tencent building kejizhongyi avenue
  • Noticed: 25 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: x7e64bv.xyz xb4vxgj.xyz vvwpt5f.xyz cbak55x.xyz aadkars.xyz wkevfh9.xyz dsdvabq.xyz a93uab7.xyz mgv73sc.xyz 8xxfrrg.xyz d9yf833.xyz qc5x4zu.xyz j752e63.xyz 4j8q6dg.xyz 59xbvt2.xyz qkhdm67.xyz 9skdadp.xyz mnx6td2.xyz gp3e7pm.xyz q5uhtr5.xyz rjxpa2v.xyz 8a3kdyf.xyz ubu4w7e.xyz g5z5jej.xyz ns29mvh.xyz ges8ufm.xyz 2r4b4gn.xyz 3xhfm52.xyz 5zddgv3.xyz fhpdw5u.xyz tuqwrv2.xyz rg5nzrn.xyz c2w4gv7.xyz hqpyakc.xyz ha2ybrv.xyz zju93wa.xyz b8a6tgf.xyz e85u7zc.xyz ee3ypzg.xyz r2yyz2x.xyz wshrr2b.xyz w5utbxq.xyz w4xc4wu.xyz wyj253e.xyz tv8dga5.xyz ddfexqx.xyz dfkdkth.xyz c374jgf.xyz dej42ga.xyz mrhnfhr.xyz dgrqt7y.xyz z6ru55y.xyz vj2hy6u.xyz myh6z4k.xyz hbqfsu2.xyz h6242qm.xyz m4zqmnv.xyz mv7cgvg.xyz qxt7y5f.xyz pef7tjm.xyz z2ex93r.xyz qj738xv.xyz b53ca75.xyz j45x5qb.xyz z7jj6jb.xyz bj9vkng.xyz gyrfjfr.xyz exs5dk6.xyz gv9erge.xyz g769g4f.xyz gy2eb7m.xyz 8c4a88j.xyz jzrvhxu.xyz 3tqm5ne.xyz n73kwk3.xyz 9efgtp8.xyz 4pfmqqc.xyz 68e2gf7.xyz 2ax5gpr.xyz 6ea36gw.xyz 4sdd3jw.xyz 6cud3wj.xyz 7zjg49m.xyz 5y2acnp.xyz rgkxbc7.xyz kfm3zcp.xyz 2zk8azb.xyz kb78ts2.xyz r7awxs5.xyz rrwmgxa.xyz

Open Ports Detected

5001

Map

Whois Information

  • inetnum: 119.28.0.0 - 119.29.255.255
  • netname: TencentCloud
  • descr: Tencent cloud computing (Beijing) Co., Ltd.
  • descr: Floor 6, Yinke Building,38 Haidian St,
  • descr: Haidian District Beijing
  • country: HK
  • admin-c: JT1125-AP
  • tech-c: JX1747-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-irt: IRT-TENCENTCLOUD-CN
  • mnt-routes: MAINT-TENCENT-NET-AP-CN
  • last-modified: 2023-11-28T00:56:59Z
  • irt: IRT-TencentCloud-CN
  • address: 9F, FIYTA Building, Gaoxinnanyi Road, Southern
  • address: District of Hi-tech Park, Shenzhen
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: JT1125-AP
  • tech-c: JX1747-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2023-03-16T07:10:54Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: James Tian
  • address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern
  • address: District of Hi-tech Park, Shenzhen
  • country: CN
  • phone: +86-755-86013388-84952
  • e-mail: [email protected]
  • nic-hdl: JT1125-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-17T00:37:15Z
  • person: Jimmy Xiao
  • address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern
  • address: District of Hi-tech Park, Shenzhen
  • country: CN
  • phone: +86-755-86013388-80224
  • e-mail: [email protected]
  • nic-hdl: JX1747-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-09-17T00:38:09Z
  • route: 119.28.128.0/17
  • descr: ComsenzNet routes
  • origin: AS132203
  • mnt-by: MAINT-TENCENT-NET-AP-CN
  • last-modified: 2017-05-16T08:41:02Z

Links to attack logs

bruteforce-ip-list-2020-12-28 ** ** **