134.209.152.54 Threat Intelligence and Host Information

Aug 03, 2024 ipinfopage

General

IP Address

134.209.152.54

IPv4 Address

Location

🇮🇳 Bengaluru, India

Network

AS14061

DIGITALOCEAN-ASN

Threat Score

47/100

Medium Risk

BruteforceBrute-ForceportscanSSHTORVPN

Attack Intelligence

Open Ports Detected

Geographic Location

Country

India

City

Bengaluru

Region

Karnataka

Coordinates

12.9634, 77.5855

Network Information

ASN

AS14061

Organization

DIGITALOCEAN-ASN

Network

AS14061 DIGITALOCEAN-ASN

WHOIS Information

NetRange

134.209.0.0 - 134.209.255.255

CIDR

134.209.0.0/16

NetName

DIGITALOCEAN-134-209-0-0

NetHandle

NET-134-209-0-0-1

Parent

NET134 (NET-134-0-0-0-0)

NetType

Direct Allocation

OriginAS

AS14061

Organization

DigitalOcean, LLC (DO-13)

RegDate

2012-05-14

Updated

2023-10-23

Comment

Ref

https://rdap.arin.net/registry/entity/DO-13

OrgName

DigitalOcean, LLC

OrgId

DO-13

Address

FL2

City

New York

StateProv

PostalCode

10013

Country

OrgAbuseHandle

ABUSE5232-ARIN

OrgAbuseName

Abuse, DigitalOcean

OrgAbusePhone

+1-347-875-6044

OrgAbuseEmail

abuse@digitalocean.com

OrgAbuseRef

https://rdap.arin.net/registry/entity/ABUSE5232-ARIN

Attack Logs

Date	Target Location	Protocol	Link
2024-06-29	Toronto, Canada	SSH	View Log

Country: India
Network: AS14061 digitalocean llc
Noticed: 7 times
Protocols Attacked: ssh
Countries Attacked: Poland
Passive DNS Results: speedtest.santhomonline.co.uk santhomglobal.com santhomonline.co.uk rangeenthreads.com pixblues.com www.pixblues.com somberry.com www.somberry.com tradeshack.biz www.tradeshack.biz proteqter.com nationalspeak.com nationalspeak.in

Malware Detected on Host

Count: 2 df7a02a64db048e94094993eecf408b8a9b8799e053a8b10ae3c53bc23f554ec 1657eb20e1734f1723974c41caf235c4f4069757d8e75e352c7edea49c1c77f0

CVEs Detected

CVE-2018-1172 CVE-2018-19131 CVE-2018-19132 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12522 CVE-2019-12523 CVE-2019-12524 CVE-2019-12525 CVE-2019-12526 CVE-2019-12528 CVE-2019-12529 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18860 CVE-2020-11945 CVE-2020-14058 CVE-2020-15049 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 CVE-2020-25097 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 CVE-2021-28116 CVE-2021-28651 CVE-2021-28652 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 CVE-2021-46784 CVE-2022-41318 CVE-2023-46724 CVE-2023-46728 CVE-2023-46846 CVE-2023-46847 CVE-2023-49285 CVE-2023-49286 CVE-2023-49288 CVE-2023-50269 CVE-2023-5824

Disclaimer

This page contains threat intelligence information for the IPv4 address 134.209.152.54 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.