IOC Radar
IPMediumSignal 81/100

129.121.87.230

Location
United StatesUnited States
Ashburn, Virginia
ASN
AS31898
Oracle Corporation
First Seen
Apr 17, 2026
Last Seen
May 30, 2026
Apr 17
First Seen
59d ago
May 30
Last Seen
15d ago
14
Reports
source reports
81%
Confidence
medium
6/91
VirusTotal
detections
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
81%
Signal Score
81 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryUSUnited States
RegionAshburn, Virginia
ASNAS31898
OrganizationOracle Corporation

Feed Intelligence Summary

14 reports81% confidence
14
Source reports
81%
Confidence score
Category tags
abuseactive scanbad reputationbad web botbotnet activitybrute forcebrute force attackerbrute-forcebruteforceexploitexploitation activityexploited hosthackingindicatorinjection activitynetworknorth americaportscanransomwareresearchedscannerscannersservice scansocradar honeypotspamsql injectionsshtargeting databasetpotunited statesusvulnerability scanvulnerability-exploitationvultrweb app attackweb spam

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
81
SIGNAL
Signal Score
81%
Confidence
14
Reports
First seenApr 17, 2026
Last seenMay 30, 2026
GeolocationUS
CountryUnited States
LocationAshburn, Virginia
ASNAS31898
OrgOracle Corporation
Coords39.0418, -77.4744

VirusTotal

6/ 91vendors flagged
7% detection rateJun 5, 2026

WHOIS

description
Score: 65/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:ddos, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:port-scan. 129.121.87.230 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, critical, ddos).
raw
NetRange: 129.121.0.0 - 129.121.255.255 CIDR: 129.121.0.0/16 NetName: OGTIPS1-129-121 NetHandle: NET-129-121-0-0-1 Parent: NET129 (NET-129-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Oso Grande IP Services, LLC (OGISL) RegDate: 1988-03-11 Updated: 2026-04-02 Comment: OCITOKEN::129.121.32.0/22:cc7c27d7f667d6c52ee067a7972a4f2b92b00a4791306da0d3f485a5d8572e1c Comment: OCITOKEN::129.121.64.0/23:675603fbdfe90052619455238e113820abb7061dba71c369209c4af8547f610d Comment: OCITOKEN::129.121.72.0/22:1d3664745c87073aedb71dc6fe9f1b8c453594b459ee27d45082510e8536beae Comment: OCITOKEN::129.121.36.0/22:9e18327589fa1b8c7e4f9303e86a92f0f57604dc2bcef4cfa90f4cdecc50ccda Comment: OCITOKEN::129.121.40.0/22:aaad20ae303f1527b57465864d2062705118d31624812bde4cbbb7a72790b045 Comment: OCITOKEN::129.121.44.0/22:293e0715b8cff10349a83dfc6c41c4350d3b37e21a7993973c110b27d60882ee Comment: OCITOKEN::129.121.76.0/22:a946ac52e9c38493fd22b4a1e78e08ba64b1969db85b8d03e7e2c1e1c22adc8b Comment: OCITOKEN::129.121.80.0/23:b0bf3648475a45d8311ecdca177659c00ab312b6d7673778de1c540a933ddd1e Comment: OCITOKEN::129.121.48.0/21:1a61a1e11b75c35dcf0f0529fd315fb01a51e5d038dd3d409bda17f7b532c1a2 Comment: OCITOKEN::129.121.84.0/22:25a7c1cf5ff21b13e77f1c506b236ed2fa94bb89311a3800dd2123481445876c Comment: OCITOKEN::129.121.82.0/23:1e898c6a9f02d5bb26c5faf9c80b1eeeada28babbfa9538d5ff858e5173a3d10 Comment: OCITOKEN::129.121.88.0/22:da957aec850f6cf9471ca01537639e580eec104cd4364bf39fda1e59eae14155 Comment: OCITOKEN::129.121.56.0/22:11898f8829bb0c23f3e203c9166ec8838f0ebaa259f128c7c6e3765accd2fa0d Comment: OCITOKEN::129.121.60.0/22:8c8c2cc72e33c7a70673fe366b15e8d0fe0a08ee594ba5cbfd06e10682ad777f Comment: OCITOKEN::129.121.96.0/21:866b1ba1c96c3208ccf17357863e659d2d8c10daabd0e8a1f49fe24cdabf5930 Ref: https://rdap.arin.net/registry/ip/129.121.0.0 OrgName: Oso Grande IP Services, LLC OrgId: OGISL Address: C/O A Small Orange LLC Address: 10 Corporate Drive City: Burlington StateProv: MA PostalCode: 01803 Country: US RegDate: 2013-09-10 Updated: 2026-02-17 Ref: https://rdap.arin.net/registry/entity/OGISL OrgTechHandle: ENO74-ARIN OrgTechName: EIG Network Operations OrgTechPhone: +1-781-852-3200 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ENO74-ARIN OrgAbuseHandle: EIGAB1-ARIN OrgAbuseName: EIG-Abuse Mitigation OrgAbusePhone: +1-877-659-6181 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/EIGAB1-ARIN OrgNOCHandle: ENO74-ARIN OrgNOCName: EIG Network Operations OrgNOCPhone: +1-781-852-3200 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/ENO74-ARIN RNOCHandle: NOC13063-ARIN RNOCName: Network Operations Center RNOCPhone: +1-919-408-7600 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/NOC13063-ARIN RTechHandle: NOC13063-ARIN RTechName: Network Operations Center RTechPhone: +1-919-408-7600 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/NOC13063-ARIN RAbuseHandle: ABUSE3681-ARIN RAbuseName: Abuse RAbusePhone: +1-877-659-6181 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3681-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 15 days ago
Appeared in 14 threat reports