207.154.211.127 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 207.154.211.127 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 17/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Germany
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: vls034tl9z6.c.updraftclone.com e2e-dbaas-mongodb-zoerl-r-0992fcd5.mongo.ondigitalocean.com www.moria.palantir.cyou moria.palantir.cyou

Open Ports Detected

10000 10001 10006 10013 10017 10018 10021 10025 10026 10027 10030 10038 10040 10043 10123 10134 102 10200 1023 1024 10240 10243 1027 104 10443 10444 10445 10909 110 11000 11001 11002 11007 111 11210 11211 113 11300 11401 122 1234 1311 1344 135 139 1400 1414 143 1433 1447 1515 1521 1604 1723 1800 1830 1833 1911 1925 1926 1935 1947 2000 2003 2008 2012 2018 2107 2121 22 2201 221 2210 222 2222 2226 23 2323 2332 2345 24 2404 243 2433 2444 2628 2701 3001 3016 3018 3103 3104 3105 3108 3109 311 3111 3129 3136 3301 3310 3406 3407 3412 347 3523 3540 3541 3542 3910 4002 4010 4022 4040 4043 4101 4118 4242 4243 427 4321 4343 4400 4401 4430 4433 4436 4439 444 4440 4443 4444 4445 445 447 45000 45006 4505 4506 4510 4545 4602 4643 4821 4840 4911 5001 5003 5005 5006 5007 5010 502 5025 503 5122 515 5201 522 5225 5227 5233 5237 5240 5241 5245 541 5432 5433 5435 5523 5601 5604 5609 5701 5801 5822 5900 5901 5908 5912 5918 5919 5938 6000 6001 6002 6006 6008 6010 6011 631 632 636 6440 6443 6601 7001 7003 7010 7025 7100 7218 7302 7403 7415 7433 7434 7443 7444 7547 7603 7634 7822 79 7900 80 8000 8001 8006 8007 8008 8009 801 8010 8011 8013 8015 8019 8020 8022 8034 8044 8080 811 8111 8118 8120 8121 8123 8126 8128 8133 8139 8140 8200 8237 8243 830 8316 8333 8334 8410 8414 8415 8421 8429 843 8430 8434 8435 8440 8446 8505 8513 8515 8523 8528 8530 8532 8544 8545 8600 8607 8641 8707 8708 8723 8733 88 8800 8802 8805 8809 8815 8816 8820 8821 8830 8831 8844 888 8912 9000 9004 9009 9010 9013 9031 9039 9041 9047 9100 9103 9110 9116 9128 9129 9141 9200 9206 9208 9209 9213 9223 9242 9246 9247 9305 9306 9312 9313 9333 9433 9445 9500 9505 9515 9530 9600 9633 9800 9802 9919 9944 9999

CVEs Detected

CVE-2009-2940 CVE-2009-3720 CVE-2020-29396 CVE-2021-32052 CVE-2023-27043 CVE-2023-30861 CVE-2023-36632 CVE-2024-6232 CVE-2024-7592 CVE-2024-9287

Map

Whois Information

• NetRange: 207.154.192.0 - 207.154.255.255
• CIDR: 207.154.192.0/18
• NetName: DIGITALOCEAN-207-154-192-0
• NetHandle: NET-207-154-192-0-1
• Parent: NET207 (NET-207-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS14061
• Organization: DigitalOcean, LLC (DO-13)
• RegDate: 2016-04-12
• Updated: 2020-04-03
• Comment: Routing and Peering Policy can be found at https://www.as14061.net
• Comment:
• Ref: https://rdap.arin.net/registry/ip/207.154.192.0
• OrgName: DigitalOcean, LLC
• OrgId: DO-13
• Address: 105 Edgeview Drive, Suite 425
• City: Broomfield
• StateProv: CO
• PostalCode: 80021
• Country: US
• RegDate: 2012-05-14
• Updated: 2025-04-11
• Ref: https://rdap.arin.net/registry/entity/DO-13
• OrgAbuseHandle: DIGIT19-ARIN
• OrgAbuseName: DigitalOcean Abuse
• OrgAbusePhone: +1-646-827-4366
• OrgAbuseEmail: abuse@digitalocean.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
• OrgNOCHandle: NOC32014-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-646-827-4366
• OrgNOCEmail: noc@digitalocean.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgTechHandle: NOC32014-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-646-827-4366
• OrgTechEmail: noc@digitalocean.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

****** anonymous-proxy-ip-list-2023-05-27 anonymous-proxy-ip-list-2023-05-29 ****** ******