128.199.62.182 Threat Intelligence and Host Information

Oct 08, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 128.199.62.182 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Tags: attack, Bruteforce, Brute-Force, cowrie, cyber security, ioc, login, malicious, Nextray, phishing, scanner, ssh, SSH, Telnet
JARM: 27d27d27d00027d00042d43d00041df04c41293ba84f6efe3a613b22f983e6
View other sources: Spamhaus VirusTotal
Contained within other IP sets: b3b0, haley_ssh

Country: Netherlands
Network:
Noticed: 50 times
Protocols Attacked: ssh
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: 128-199-62-182.ipv4.staticdns2.io lungoxygen.info gpns-dz.com www.bdengineering-dz.com www.cliniqueelhilal.com 3t-solutions.us palaisblanc.3t-solutions.net laboratoiresafaa.com princoflex.com cliniqueelhilal.com brainlight-dz.com bdengineering-dz.com

Open Ports Detected

100 10000 10001 10004 10009 10011 10015 10017 10028 10029 10030 10037 10038 10043 10100 10101 10106 10134 102 10200 10201 1022 1023 1024 10240 10243 1025 1026 104 10445 10909 10911 10936 10943 110 11000 11001 11027 111 1110 11112 11210 11211 113 11300 11401 11434 11701 1200 121 122 1234 1311 1337 1343 1344 135 1400 143 1433 1443 1444 1515 1521 1604 1700 1723 1741 1800 1820 1911 1925 1926 1935 2001 2002 2003 2008 2012 2016 2021 2030 2031 21 2100 2121 2130 22 2202 2209 221 2211 2222 2223 2224 225 23 2323 2327 2332 234 2345 2404 2433 2444 26 2601 2602 2626 2806 3001 3004 3008 3009 3010 3018 3019 3020 3030 3101 3103 3109 311 3110 3116 3117 3119 3123 3128 3136 3142 3301 3310 3333 3337 3341 340 3401 3404 3405 3409 3412 3500 3503 3510 3523 3530 3531 3541 3542 3622 400 4022 4023 4040 4104 4200 4242 4244 427 4343 4400 4401 442 443 4431 4432 4433 4434 4437 444 4443 4444 45000 4502 4506 4531 4543 4620 4700 4734 4808 4840 4911 5000 5001 5004 5005 5006 5007 5009 5010 5011 502 5025 503 5122 513 515 5201 5209 5222 5223 5224 5225 5227 5228 5230 5232 5233 5235 5237 5238 5240 5241 5245 5321 541 5432 5433 5435 5440 5443 5601 5608 5614 5701 5721 5801 5822 5900 5901 5902 5910 5938 6000 6001 6002 6003 6004 6006 6007 6010 6100 6102 631 632 6331 636 6440 6500 6503 6510 6512 66 6600 6602 6603 6633 7001 7004 7007 7010 7011 7013 7022 7102 7105 7218 7403 7415 7434 7443 7535 7634 79 7900 80 8000 8001 8004 8008 8009 801 8010 8017 8021 8022 8032 8035 8037 8039 806 808 8080 809 8100 8101 8103 8107 8108 8112 8116 8118 8120 8123 8126 8127 8130 8131 8138 8139 8143 8200 8203 8239 830 832 8333 8334 8404 8405 8410 8412 8415 8418 8420 8421 8422 8425 8428 8430 8435 8436 8441 8502 8503 8504 8505 8510 8514 8520 8531 8532 8533 8621 8704 8705 8724 8731 8732 8733 8743 8745 88 8800 8805 8810 8811 8818 8821 8823 8824 8826 8828 8834 8835 8836 8844 8902 8906 8911 8935 9000 9002 9003 9005 9009 9011 9012 9015 9018 902 9022 9025 9026 9027 9029 9033 9037 9039 9040 9100 9102 9104 9111 9112 9118 9120 9121 9125 9126 9128 9138 9141 9142 9143 9144 9200 9205 9206 9210 9211 9212 9213 9215 9226 9242 9303 9304 9306 9308 9312 9313 9315 9333 9345 9400 9410 9418 9433 9443 9500 9501 9513 9515 9530 9600 9606 9633 9700 9710 9711 9734 9800 9901 9902 9928 9943

Map

Whois Information

NetRange: 128.199.0.0 - 128.199.255.255
CIDR: 128.199.0.0/16
NetName: RIPE-ERX-128-199-0-0
NetHandle: NET-128-199-0-0-1
Parent: NET128 (NET-128-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2007-03-20
Updated: 2025-02-10
Ref: https://rdap.arin.net/registry/ip/128.199.0.0
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN

Links to attack logs

Share on: