129.232.187.34 Threat Intelligence and Host Information

Jul 25, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 129.232.187.34 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 41/100

Host and Network Information

Tags: Bruteforce, Brute-Force, cyber security, ioc, malicious, Nextray, phishing, SSH
View other sources: Spamhaus VirusTotal

Country: South Africa
Network:
Noticed: 50 times
Protocols Attacked: SSH
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10001 10004 10006 10011 10012 10014 10015 10020 10021 10024 10029 10033 10034 10035 10036 10037 10043 10045 10046 10047 10048 10049 10080 10081 10083 10106 10201 10209 10243 10249 10256 10380 10398 10443 10444 10445 10554 10909 10933 10934 11000 11027 11065 11112 11210 11288 11300 11434 11596 11601 11681 12000 12001 12019 12082 12084 12088 12104 12108 12109 12110 12112 12123 12125 12126 12127 12128 12132 12137 12138 12139 12141 12143 12147 12148 12155 12157 12161 12162 12163 12164 12165 12169 12180 12181 12182 12186 12188 12189 12200 12201 12208 12209 12211 12213 12216 12217 12219 12220 12221 12223 12224 12227 12233 12234 12237 12239 12241 12242 12243 12244 12245 12246 12248 12249 12253 12256 12257 12258 12260 12263 12265 12267 12268 12269 12277 12279 12283 12285 12289 12295 12298 12299 12303 12304 12308 12309 12313 12315 12316 12317 12319 12321 12326 12327 12330 12333 12335 12336 12342 12343 12345 12368 12369 12370 12373 12374 12377 12378 12379 12380 12384 12385 12386 12389 12392 12394 12397 12400 12402 12404 12410 12411 12412 12413 12417 12418 12420 12423 12430 12431 12434 12436 12437 12438 12440 12444 12445 12448 12449 12461 12465 12467 12469 12470 12475 12479 12481 12484 12486 12487 12489 12491 12493 12495 12498 12500 12503 12506 12516 12517 12519 12520 12524 12525 12526 12531 12533 12537 12539 12540 12542 12547 12550 12551 12555 12557 12558 12565 12568 12570 12575 12576 12582 12584 12585 12589 12601 12980 13001 13333 13443 13579 13780 14082 14147 14182 14265 14400 14401 14404 14406 14523 14524 14875 14896 14897 14901 14903 14905 15001 15002 15082 15502 15504 15672 15831 16005 16006 16008 16010 16011 16014 16016 16023 16028 16029 16030 16031 16033 16040 16041 16045 16046 16047 16050 16051 16052 16053 16066 16067 16068 16070 16074 16075 16076 16077 16079 16082 16089 16092 16093 16098 16100 16101 16316 16404 16992 16993 17000 17082 17102 17182 17443 17771 17778 17779 18000 18004 18010 18012 18023 18024 18025 18027 18029 18030 18036 18038 18042 18050 18052 18053 18056 18066 18069 18070 18072 18080 18081 18083 18084 18087 18088 18090 18091 18092 18098 18099 18101 18106 18112 18182 18239 18245 18443 18765 18888 19071 19222 19443 19776 19902 19998 20030 20040 20053 20547 20600 20800 20880 21200 21233 21236 21240 21242 21254 21263 21272 21278 21279 21283 21285 21289 21292 21296 21298 21303 21306 21309 21319 21323 21325 21326 21330 22103 22403 22556 22705 23023 23084 24181 25001 25084 25565 25782 27015 27571 28017

CVEs Detected

CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

Map

Whois Information

NetRange: 129.232.0.0 - 129.232.255.255
CIDR: 129.232.0.0/16
NetName: AFRINIC-ERX-129-232-0-0
NetHandle: NET-129-232-0-0-1
Parent: NET129 (NET-129-0-0-0-0)
NetType: Transferred to AfriNIC
OriginAS:
Organization: African Network Information Center (AFRINIC)
RegDate: 2010-11-19
Updated: 2010-11-19
Comment: This IP address range is under AFRINIC responsibility.
Comment: Please see http://www.afrinic.net/ for further details,
Ref: https://rdap.arin.net/registry/ip/129.232.0.0
OrgName: African Network Information Center
OrgId: AFRINIC
Address: Level 11ABC
Address: Raffles Tower
Address: Lot 19, Cybercity
City: Ebene
StateProv:
PostalCode:
Country: MU
RegDate: 2004-05-17
Updated: 2015-05-04
Comment: AfriNIC - http://www.afrinic.net
Comment: The African & Indian Ocean Internet Registry
Ref: https://rdap.arin.net/registry/entity/AFRINIC
OrgAbuseHandle: GENER11-ARIN
OrgAbuseName: Generic POC
OrgAbusePhone: +230 4666616
OrgAbuseEmail: abusepoc@afrinic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
OrgTechHandle: GENER11-ARIN
OrgTechName: Generic POC
OrgTechPhone: +230 4666616
OrgTechEmail: abusepoc@afrinic.net
OrgTechRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
inetnum: 129.232.187.32 - 129.232.187.39
netname: xneelo-tscolo
descr: xneelo-tscolo
country: ZA
admin-c: HIA1-AFRINIC
tech-c: HIA1-AFRINIC
status: ASSIGNED PA
mnt-by: HA-ZA
parent: 129.232.128.0 - 129.232.255.255
role: Hetzner IP Admin
address: Belvedere Office Park, Unit F
address: Bella Rosa Street
address: Durbanville
address: 7550
address: Cape Town
address: South Africa
phone: tel:+27-21-970-2000
fax-no: tel:+27-21-970-2001
org: ORG-HC1-AFRINIC
admin-c: WK-AFRINIC
admin-c: HVA1-AFRINIC
admin-c: AF45-AFRINIC
tech-c: WK-AFRINIC
tech-c: HVA1-AFRINIC
tech-c: AF45-AFRINIC
nic-hdl: HIA1-AFRINIC
mnt-by: HA-ZA
route: 129.232.128.0/17
descr: xneelo-JHB-BLK
origin: AS37153
mnt-by: HA-ZA

Links to attack logs

****** ****** ******

Share on: