198.11.181.25 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 198.11.181.25 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: wwblw.com tjmj.net wbdh.net mzgs.net www.gxrq.net www.ymhb.net zqyz.net dsjl.net tjwf.net xlzpw.cn dyqn.net xjyc.net jgsfcw.cn xbzpw.cn zrfcw.cn hjzpw.cn dpzpw.cn twws.wang mtjr.net xbsp.net hrzpw.cn nflz.wang smxh.wang tqrcw.cn pjzpw.cn kjfcw.cn cmdm.wang ptzt.wang dmdb.wang jcfk.wang eyfcw.cn abzpw.cn xrjs.wang byhh.wang nfnh.wang xdfcw.cn slzpw.cn bshm.net gdzpw.cn bpsb.net xdzpw.cn bxjd.net zmrcw.cn lsxf.net dnky.wang nefcw.cn gjsz.wang wbzpw.cn mlfcw.cn nqfcw.cn jwmd.net mszpw.cn ztst.wang kfzpw.cn mklt.net jczpw.cn nhbq.wang lbzpw.cn gqzpw.cn apzpw.cn tyxt.wang jkfcw.cn rlfcw.cn npks.net hgxf.wang grrcw.cn djkfcw.cn qmrcw.cn jhyd.wang tbsk.wang mbrcw.cn nsrcw.cn yrfcw.cn ztbf.wang tzrp.net jygfcw.cn xfys.net bkhk.wang gdlz.net kdsf.net wmbx.net zmzpw.cn clft.net 211362.COM 987593.com clhm.net 165771.com s.mdcd.net www.wzxy.net frlx.net cxxn.net wnzh.net mghy.net qkjg.net kkwb.net dwkb.net mbjf.net bngw.net yjxd.net zfcr.net kkhs.net lfjk.net mxpw.net pwtj.net nghk.net kcxs.net jlqd.net zbnn.net kmhs.net mtml.net DBGZ.WANG srng.net wenku.dsjl.net doc.dsjl.net wap.dsjl.net zhidao.dsjl.net sdww.net hltn.net zlfs.net jstr.net ads.mgct.net hdwc.net kynd.net hswk.net 897558.com znrzw.com jysn.net yjbk.net qgmx.net cpcs.net gnxl.net nbrb.net 326523.com sgwp.net fykh.net yjss.net yjjrw.com jksh.net mtcj.net pghb.net ywzq.net shqj.net cmmq.net www.ylys.net 238925.com pdnc.net lpyn.net jpxx.net blpm.net mlxp.net dwmh.net ztdj.net www.cgtr.net zprh.cn mhhg.cn kcntw.com drcbw.com wbmh.net xdwd.net ysbn.net bfpl.net nltg.net zydk.net yxbl.net qxtg.net www.xdwd.net ftwj.net dnrd.net xxlj.net 137561.com pxts.net mwdk.net qbtd.net rncb.net ypzx.net 63210.hrxd.net wclz.net fjcl.net fyyb.net ntrm.cn blkq.net www.bwjf.net 765716.COM pwybw.com www.nngq.net ypft.net ad.lpxp.net 196962.com qplz.net fzmj.net SMHJR.COM 383613.com 383589.com CHGC.WANG 195981.com BWJF.NET dlfm.net gcrcw.cn 521997.com 383185.com cxxy.wang 26407.net 216775.com 136786.com 182519.com cfln.net dxfz.net 192557.com dsxt.net fdzf.net 65721.wang bkphw.com bbhs.net lxhw.net 90440.net 24703.net ymml.net dwnd.com drdc.net dnnc.net dhtt.net dhkc.net dbjc.net ccyl.net bqqh.net 655373.com 181312.com dsth.net cwty.net cbtqw.com bsll.net bfxj.wang bafcw.com 53879.wang 281635.com 27561.net bxml.net bpyb.net dcfg.wang 40197.net fgsw.net fjyb.net dxsz.wang ddcj.net 23653.wang mcgl.net fkmr.net dlry.wang dkhj.net cgjl.net 58636.wang 41460.net fksk.net imgsrv.wfml.net www.ysbn.net 383551.com 29024.net cdn.kcrg.net dgdl.wang fghl.wang bt.dmzg.net fkrs.net bkrs.wang www.xnjh.com.cn fbjg.net cxzm.wang 42707.net 30487.net xnjh.com.cn dsyy.net XNPP.NET ccfr.net dzxd.net fhzs.net sjtb.net bgtrw.com bcwn.net 977572.com 568272.com 531261.com 511563.com 213119.com fqtfw.com frtmw.com skfz.net dtpbw.com dfgq.wang bxtm.wang dljd.net crdh.wang bdqt.net dfkd.wang frlhw.com hqbg.net frgpw.com kkndw.com frdmw.com czhm.net hyjl.net byhj.wang bksbw.com bgrrw.com bgrqw.com fjsk.net 40920.net btzk.net blyk.com 90549.net TPCM.WANG fltr.net 40424.net 556398.com fgypw.com dtyg.wang 981337.com 568796.com 372285.com fhdpw.com dmzg.net 367939.com 116352.com www.366185.com 636755.com fcdj.net dkkgw.com cwjh.com cgfj.net bdck.com bdbr.wang 366165.com fmdjw.com dzpy.net dtphw.com dtny.net dtbt.net dpffw.com dlyx.net djzlw.com dhgrw.com dftp.net dfby.net dctc.net cyjz.net cyjg.net csrm.net cpbd.net cgxx.net cfqx.net bbdw.net 859612.com 398656.com 382219.com 37574.net 369559.com 283515.com 283381.com 282665.com 233191.com 182893.com 116931.com rspj.net 797331.com 519279.com 391782.com 313387.com fhmqw.com fhfpw.com 377857.com 369926.com dpckw.com 918937.com 711362.com 212956.com 135615.com cgnd.net _ldap._tcp.pdc.sqkq.net _ldap._tcp.default-first-site-name._sites.pdc.sqkq.net fhqgw.com cwhmw.com dgrnw.com cbqdw.com 42331.net 34407.net FDRY.NET fdjsw.com bfkt.net 212936.com www.fyyb.net fcbw.net drptw.com cp.4403f5a8-d89d-42bd-a438-25e6400bc4aa.domains._msdcs.sqkq.net bkh.sqkq.net _ldap._tcp.sqkq.net _ldap._tcp.gc._msdcs.sqkq.net _ldap._tcp.default-first-site-name._sites.sqkq.net _ldap._tcp.default-first-site-name._sites.dc._msdcs.sqkq.net _ldap._tcp.dc._msdcs.sqkq.net 43392.net 212639.com 212539.com dgdr.wang bgslw.com bglqw.com 967832.com 852253.com 766598.com 715626.com 41106.net flydw.com 41090.net dywqw.com 80694.net dqpdw.com 84370.net fshw.net wktr.net fjnf.net fbsq.net dzyw.net dzqn.net dyws.net dwks.net dtkm.net dssh.net dpmg.net dpdfw.com dnyj.net dgfrw.com dbnh.net cwwt.net ctxd.net crtx.net cqjv.com cfpz.net cbhf.net bxhw.net bwkc.net bslt.net bntr.net bmxs.net blpw.net bkws.com.cn bhny.net bdmn.net bdgj.net bddw.net bbkg.net acyv.com 739221.com 513661.com bcpj.net 199612.com knht.net dywc.net dxgn.net dtfw.net dnpr.net dmcj.net djht.net dhkt.net dfld.net dfbm.net dchr.net cxcq.net csdf.net cqcw.net clld.net cjlx.net cfhy.net cfhh.net cclb.net cbht.net bzhs.net bqfcw.cn bpgs.net bmdz.net blhz.net bkbd.net 389136.com 337858.com 289813.com 182319.com 116982.com dzkl.net dzct.net dtqfw.com drcj.net dnsyw.com dgrfw.com bszl.net bgrsw.com 695393.com 176229.com bzlb.net bnkm.net cqzw.net fgnn.wang cxmg.net 87470.net 34094.net

Open Ports Detected

22 3128

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2019-16905 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2021-46784 CVE-2022-41317 CVE-2022-41318 CVE-2023-38408 CVE-2023-46724 CVE-2023-46728 CVE-2023-46846 CVE-2023-46847 CVE-2023-48795 CVE-2023-49285 CVE-2023-49286 CVE-2023-49288 CVE-2023-50269 CVE-2023-51385 CVE-2023-51767 CVE-2023-5824 CVE-2024-25111 CVE-2024-25617 CVE-2024-45802 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

• NetRange: 198.11.128.0 - 198.11.191.255
• CIDR: 198.11.128.0/18
• NetName: ALIBABA CLOUD - US
• NetHandle: NET-198-11-128-0-1
• Parent: NET198 (NET-198-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS45102
• Organization: Alibaba Cloud LLC (AL-3)
• RegDate: 2013-04-23
• Updated: 2024-09-03
• Ref: https://rdap.arin.net/registry/ip/198.11.128.0
• OrgName: Alibaba Cloud LLC
• OrgId: AL-3
• Address: 400 S El Camino Real, Suite 400
• City: San Mateo
• StateProv: CA
• PostalCode: 94402
• Country: US
• RegDate: 2010-10-29
• Updated: 2024-11-25
• Comment: 1.For AliCloud IPR Infringement and Abuse Claim, please use below link with browser to report: https://intl.aliyun.com/report
• Comment:
• Comment: 2.For Alibaba.com and Aliexpress.com’s IPR Infringement , please use below link with browser to report: https://ipp.alibabagroup.com
• Comment:
• Comment: 3.For Alibaba.com and Aliexpress.com’s Abuse, please send email to those two mail lists to report: intl-abuse@list.alibaba-inc.com and abuse@alibaba-inc.com
• Comment:
• Comment: 4. For network issue, please send email to this mail list: aliops-goc@list.alibaba-inc.com
• Ref: https://rdap.arin.net/registry/entity/AL-3
• OrgTechHandle: ALIBA-ARIN
• OrgTechName: Alibaba NOC
• OrgTechPhone: +1-408-748-1200
• OrgTechEmail: abuse@alibaba-inc.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ALIBA-ARIN
• OrgNOCHandle: ALIBA-ARIN
• OrgNOCName: Alibaba NOC
• OrgNOCPhone: +1-408-748-1200
• OrgNOCEmail: abuse@alibaba-inc.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/ALIBA-ARIN
• OrgAbuseHandle: NETWO4028-ARIN
• OrgAbuseName: Network Abuse
• OrgAbusePhone: +1-408-785-5580
• OrgAbuseEmail: intl-abuse@list.alibaba-inc.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NETWO4028-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-06-08