128.199.88.11 Threat Intelligence and Host Information

Share on:

General

This page contains threat intelligence information for the IPv4 address 128.199.88.11 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 29/100

Host and Network Information

  • Tags: Nextray, cyber security, ioc, malicious, phishing
  • JARM: 2ad2ad0002ad2ad00042d42d0000005d86ccb1a0567e012264097a0315d7a7

  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: blocklist_net_ua

  • Country: Singapore
  • Network: AS14061 digitalocean llc
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: yqlhboflqkex.com kyjiojxcbcq.com zkwkwimv.com qcbwfrsei.com nkqbzfvu.com jgkwjnckjasy.com 2ftzfv33t3dzjt.com uak6p08oxp29qh.com uzy6yauwa95u.com wmf2sg64lgsy.com 70rj8ie86h.com rb03nvkfqzf9.com 7wq8db8wfvxb.com d8wsl2j0hy.com cywpfmuxn.com awa37bxca1.com gax6t2pe6.com l83lh0t9er.com kzhko29kbsups.com uuev3n3d6mwoyu.net eqlkccsr1th2yt.com n1xpetibh4w.com x43go5mwp5w0c.com wl29ptwmmq.com qthh7mckmaiqso.com rxdajcfthqj2.com jy1otptbrx37qlv.com ohw1v4xgga99.com jbivjr3p7vrc.com 3cpdazl5c.net ln28y6ur78pyv1p.net oj3svblell6.net duvwbnbyc.com dyqoaauuprwtr.com wmupkdsz.com iytfplh.com oozqdktx.com jbgdvjiqmy.com cjoqxwxjeyj.com vhpfpgfb.com dm6zm5jqdpk.com 6f4qy576t7cp.com dh0j3tm5ge.com oqrhefkpo6tp5.com tsa8m3r1rs.com teky3xi5pxufynv.com e48m5x545cpdlv.com iz6t0xjv4b4e7ma.com tl6b4r92m7ovplz.com esp4z09envdqp6.com h2dd3gf0oocmi.com lsppf0n8g4vij.com 1ly53quizgn.com mja8ts4vwt7.com 963ds3qirr.com mvp4cngh20.com 9n48kcso3t.com o9tfsq0xx4px.net mej4dno49.net ch7gkczlqi8z7.net b6z4prmehhv.net pcc6kwmwxfyn5f.net auiqglkuldwv.com pavaiirybdcl.com lgegenuioqin.com ztlprvlvcryr.com rsnhpnae.com ahqlodnkzvjfo.com gijsbpjlxiqy.com vahuhdocdbiog.com ovzcnwwbklakt.com wtierwlo.com btbgyjgko.com vogsxbn.com i1kph4na6yf9v.com m4lzcf90mlm.com o7cn4wqprc.com s8g91o5n6qu.com p0gjg42bkxx5y.com mhfu2rx6b05.com 46317k3hz5.com 8ox9w4n07ol.com dk0qtmk1ial1y.com gtw130hrsm.com gg1pisfqkdm9r.com bnsx3qupafkm.com vzoxlz2ztfwb.com icqi0oz95aav.com psmr74ttk6pg.com ajjr0xkxh4.com vdtjkj4wgg.com ttgzvelou.com urbit.ravern.co

Open Ports Detected

25 443 53 80

CVEs Detected

CVE-2021-23017 CVE-2021-3618

Map

Whois Information

  • NetRange: 128.199.0.0 - 128.199.255.255
  • CIDR: 128.199.0.0/16
  • NetName: RIPE-ERX-128-199-0-0
  • NetHandle: NET-128-199-0-0-1
  • Parent: NET128 (NET-128-0-0-0-0)
  • NetType: Early Registrations, Transferred to RIPE NCC
  • OriginAS:
  • Organization: RIPE Network Coordination Centre (RIPE)
  • RegDate: 2007-03-20
  • Updated: 2007-03-20
  • Comment: These addresses have been further assigned to users in
  • Comment: the RIPE NCC region. Contact information can be found in
  • Ref: https://rdap.arin.net/registry/ip/128.199.0.0
  • OrgName: RIPE Network Coordination Centre
  • OrgId: RIPE
  • Address: P.O. Box 10096
  • City: Amsterdam
  • StateProv:
  • PostalCode: 1001EB
  • Country: NL
  • RegDate:
  • Updated: 2013-07-29
  • Ref: https://rdap.arin.net/registry/entity/RIPE
  • OrgTechHandle: RNO29-ARIN
  • OrgTechName: RIPE NCC Operations
  • OrgTechPhone: +31 20 535 4444
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
  • OrgAbuseHandle: ABUSE3850-ARIN
  • OrgAbuseName: Abuse Contact
  • OrgAbusePhone: +31205354444
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
  • inetnum: 128.199.0.0 - 128.199.255.255
  • netname: DigitalOcean
  • descr: DigitalOcean, LLC
  • country: US
  • admin-c: PT7353-RIPE
  • tech-c: PT7353-RIPE
  • status: LEGACY
  • mnt-by: digitalocean
  • mnt-domains: digitalocean
  • mnt-routes: digitalocean
  • created: 2004-07-20T10:29:14Z
  • last-modified: 2020-03-31T14:17:22Z
  • org: ORG-DOI2-RIPE
  • organisation: ORG-DOI2-RIPE
  • org-name: DigitalOcean, LLC
  • country: US
  • org-type: LIR
  • address: 101 Avenue of the Americas, 10th Floor
  • address: New York
  • address: 10013
  • address: UNITED STATES
  • phone: +1 888 890 6714
  • mnt-ref: digitalocean
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: digitalocean
  • abuse-c: AD10778-RIPE
  • language: EN
  • created: 2012-11-29T14:59:01Z
  • last-modified: 2020-12-16T13:24:44Z
  • person: DigitalOcean Network Operations
  • address: 101 Ave of the Americas, FL2
  • address: New York, NY, 10013
  • address: United States of America
  • phone: +13478756044
  • nic-hdl: PT7353-RIPE
  • mnt-by: digitalocean
  • created: 2015-03-11T16:37:07Z
  • last-modified: 2022-08-23T13:31:16Z
  • org: ORG-DOI2-RIPE

Links to attack logs

bruteforce-ip-list-2019-12-21