34.80.86.96 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 34.80.86.96 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• JARM: 29d29d15d29d29d21c42d42d000000790cb01ea78cc2a73fe8428d61afc0c8

• View other sources: Spamhaus VirusTotal

• Country: Taiwan
• Network:
• Noticed: 29 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: ag.wx890g.vip dsnit909.com www.dsnit909.com www.wx88vip.me wx88vip.me 3531vv.cc 327885.com www.327885.com www.985160.com 985160.com 439463.com q9032.com 3xrst4o.com 951951.vip 068443.com 5198ee.com 5198909.com 5198app.com 5198dd.com 5198911.com 5198789.com 5198088.com bfct3s.cc dsn6380.com bfv7s4.cc bfaw9e.cc 0880s.cc 0880x.cc dsn10777.com bfjqrx.cc 3531.cc bftisj.cc 9990n.cc sg789h.vip a5855.vip 331100.vip sg155565.com bfs5ge.cc dmg300.com dmg700.com dmg200.com 3531jj.vip 3531oo.vip 3531cc.vip 3531hh.vip 441972.vip yy44997.com guh64phh.com sg626222.com bfk46u.cc mjuws8aaz.com okndfs3x.com ujs5asda.com 15980.vip 650113.cc 22205.vip cyl000.vip bfrxi3.cc 9888d.net qaz188.vip 47893.vip bba008wdl.app www.0086k.cc 0086k.cc cyl25190.vip 99647.vip sg1998.vip tqjzb.com 3nqh6.com 6505b9n2.com 9898r.net ysapp99.app hj333.vip 43455.vip sg95.vip hj555.vip c805.cc www.c805.cc q91806.vip bfmak0.cc www9812.vip tb0853.com ysys888.com ysys88.com ai-express.me bfiiw8.cc 5701a.vip www.jf3336.com jf3336.com jf3328.com www.jf3328.com 812956.com 869263.com 052149.com ys009.me 951599.com 347304.com 650116.cc cc80771.vip www.cc80771.vip www.bag8.vip bag8.vip ys007.net hj588.app www.hj588.app bfxoo2.cc ysapp01.com ys585.com www.ys585.com bcewsks.com ysapp2.net dmg99999.cc cyl20999.vip 9898g.net c177.vip 9960gy.vip bfvd2y.cc www.bfvd2y.cc 984167.cc 765484.cc bf0jlg.cc www.bf0jlg.cc 22255.vip www.22255.vip 00658.vip 138802sha.top 138801sha.top 55639.vip sg61456.vip dmg008pcappt3.com www.dmg008pcappt3.com 3531q.vip www.3531q.vip www.3531bb.cc 3531bb.cc ijxdawqzdk.com eohgnggxae.com sg0001.vip 23344a.vip 990726.vip 323m.vip sg69900.vip www.15234.vip 15234.vip www.bfnb0j.cc bfnb0j.cc www.jf3324.com jf3324.com 650askk.com 650rwbb.com 650yyaa.com 818o.vip 818b.vip 818v.vip 818h.vip 818q.vip 818f.vip 818r.vip sg20.app www.sg20.app 650mxzsq.com mj999.vip sg0099.vip 96002.vip 513355.vip hqebecs.com jmwkahq.com 98004.bet 598900.vip 598901.vip 00470.vip www.676d.vip 676d.vip 168cy.vip 992222.vip www.688db.cyou 688db.cyou marketingexmed.store

Open Ports Detected

443 80

Map

Whois Information

• NetRange: 34.64.0.0 - 34.127.255.255
• CIDR: 34.64.0.0/10
• NetName: GOOGL-2
• NetHandle: NET-34-64-0-0-1
• Parent: NET34 (NET-34-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Google LLC (GOOGL-2)
• RegDate: 2018-09-28
• Updated: 2018-09-28
• Ref: https://rdap.arin.net/registry/ip/34.64.0.0
• OrgName: Google LLC
• OrgId: GOOGL-2
• Address: 1600 Amphitheatre Parkway
• City: Mountain View
• StateProv: CA
• PostalCode: 94043
• Country: US
• RegDate: 2006-09-29
• Updated: 2019-11-01
• Comment: *** The IP addresses under this Org-ID are in use by Google Cloud customers ***
• Comment:
• Comment: Direct all copyright and legal complaints to
• Comment: https://support.google.com/legal/go/report
• Comment:
• Comment: Direct all spam and abuse complaints to
• Comment: https://support.google.com/code/go/gce_abuse_report
• Comment:
• Comment: For fastest response, use the relevant forms above.
• Comment:
• Comment: Complaints can also be sent to the GC Abuse desk
• Comment: (google-cloud-compliance@google.com)
• Comment: but may have longer turnaround times.
• Comment:
• Comment: Complaints sent to any other POC will be ignored.
• Ref: https://rdap.arin.net/registry/entity/GOOGL-2
• OrgAbuseHandle: GCABU-ARIN
• OrgAbuseName: GC Abuse
• OrgAbusePhone: +1-650-253-0000
• OrgAbuseEmail: google-cloud-compliance@google.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/GCABU-ARIN
• OrgTechHandle: ZG39-ARIN
• OrgTechName: Google LLC
• OrgTechPhone: +1-650-253-0000
• OrgTechEmail: arin-contact@google.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ZG39-ARIN
• OrgNOCHandle: GCABU-ARIN
• OrgNOCName: GC Abuse
• OrgNOCPhone: +1-650-253-0000
• OrgNOCEmail: google-cloud-compliance@google.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/GCABU-ARIN

Links to attack logs

****** bruteforce-ip-list-2021-07-08 ****** bruteforce-ip-list-2021-07-09 ******