IP address

Search at other sites:

.000128.199.137.235

Shodan(more info)

Passive DNS

IP blacklists

CI Army

128.199.137.235 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-11-08 03:50:01.021000
Was present on blacklist at: 2025-09-30 02:50, 2025-10-01 02:50, 2025-10-02 02:50, 2025-10-03 02:50, 2025-10-04 02:50, 2025-10-05 02:50, 2025-10-06 02:50, 2025-10-17 02:50, 2025-10-18 02:50, 2025-10-19 02:50, 2025-10-20 02:50, 2025-10-21 02:50, 2025-10-22 02:50, 2025-10-23 02:50, 2025-11-02 03:50, 2025-11-03 03:50, 2025-11-04 03:50, 2025-11-05 03:50, 2025-11-06 03:50, 2025-11-07 03:50, 2025-11-08 03:50

AbuseIPDB

128.199.137.235 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-11-03 05:00:00.640000
Was present on blacklist at: 2025-09-30 04:00, 2025-10-01 04:00, 2025-10-18 04:00, 2025-10-20 04:00, 2025-11-02 05:00, 2025-11-03 05:00

Warden events (386)

2025-11-27

ReconScanning (node.9c1411): 6

2025-11-19

ReconScanning (node.9c1411): 26

2025-11-18

ReconScanning (node.9c1411): 10

2025-11-03

ReconScanning (node.4dc198): 13

ReconScanning (node.9c1411): 18

2025-11-02

ReconScanning (node.9c1411): 17

ReconScanning (node.4dc198): 35

ReconScanning (node.368407): 1

2025-11-01

ReconScanning (node.4dc198): 8

ReconScanning (node.368407): 2

ReconScanning (node.9c1411): 8

2025-10-18

ReconScanning (node.368407): 2

ReconScanning (node.9c1411): 13

2025-10-17

ReconScanning (node.9c1411): 23

ReconScanning (node.368407): 4

ReconScanning (node.4dc198): 15

2025-10-16

ReconScanning (node.4dc198): 19

ReconScanning (node.9c1411): 9

2025-10-03

ReconScanning (node.9c1411): 3

2025-10-02

ReconScanning (node.9c1411): 15

2025-10-01

ReconScanning (node.4dc198): 23

ReconScanning (node.368407): 3

ReconScanning (node.9c1411): 23

2025-09-30

ReconScanning (node.4dc198): 51

ReconScanning (node.368407): 6

2025-09-29

ReconScanning (node.4dc198): 30

ReconScanning (node.368407): 3

DShield reports (IP summary, reports)

2025-09-30

Number of reports: 56

Distinct targets: 55

2025-10-17

Number of reports: 90

Distinct targets: 74

2025-10-18

Number of reports: 243

Distinct targets: 172

2025-10-19

Number of reports: 66

Distinct targets: 45

2025-11-01

Number of reports: 124

Distinct targets: 97

2025-11-02

Number of reports: 124

Distinct targets: 97

2025-11-03

Number of reports: 69

Distinct targets: 48

2025-11-04

Number of reports: 69

Distinct targets: 48

Origin AS

AS14061 - DIGITALOCEAN-ASN

AS133165 - DIGITALOCEAN-AS-AP

BGP Prefix

128.199.128.0/18

geo

Singapore, Singapore

🕑 Asia/Singapore

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

128.199.0.0 - 128.199.255.255

last_activity

2025-11-27 15:21:16

last_warden_event

2025-11-27 15:21:16

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 80, 111, 443, 5432

Tags: database, scanner, eol-product, cloud

CPEs: cpe:/a:postgresql:postgresql:11, cpe:/a:apache:http_server:2.4.37, cpe:/a:php:php:7.2.11

ts_added

2025-09-29 14:53:10.496000

ts_last_update

2025-12-21 14:53:20.351000

Warden event timeline

DShield event timeline

Presence on blacklists