138.122.16.11 Threat Intelligence and Host Information

Oct 10, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 138.122.16.11 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: Brazil
  • Network:
  • Noticed: 29 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Map

Whois Information

  • NetRange: 138.122.0.0 - 138.122.255.255
  • CIDR: 138.122.0.0/16
  • NetName: LACNIC-ERX-138-122-0-0
  • NetHandle: NET-138-122-0-0-1
  • Parent: NET138 (NET-138-0-0-0-0)
  • NetType: Transferred to LACNIC
  • OriginAS:
  • Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
  • RegDate: 2010-11-19
  • Updated: 2010-11-19
  • Comment: This IP address range is under LACNIC responsibility
  • Comment: for further allocations to users in LACNIC region.
  • Comment: Please see http://www.lacnic.net/ for further details,
  • Ref: https://rdap.arin.net/registry/ip/138.122.0.0
  • OrgName: Latin American and Caribbean IP address Regional Registry
  • OrgId: LACNIC
  • Address: Rambla Republica de Mexico 6125
  • City: Montevideo
  • StateProv:
  • PostalCode: 11400
  • Country: UY
  • RegDate: 2002-07-27
  • Updated: 2018-03-15
  • Ref: https://rdap.arin.net/registry/entity/LACNIC
  • OrgTechHandle: LACNIC-ARIN
  • OrgTechName: LACNIC Whois Info
  • OrgTechPhone: +598-2604-2222
  • OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
  • OrgAbuseHandle: LWI100-ARIN
  • OrgAbuseName: LACNIC Whois Info
  • OrgAbusePhone: +598-2604-2222
  • OrgAbuseEmail: abuse@lacnic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
  • inetnum: 138.122.16.0/22
  • aut-num: AS273309
  • abuse-c: ANOSI312
  • owner: UNI TELECOM LTDA
  • ownerid: 49.271.108/0001-08
  • responsible: Marlon Samuel Gon�alves
  • country: BR
  • owner-c: MASGO10
  • tech-c: ISTLT67
  • inetrev: 138.122.16.0/22
  • nserver: ns1.souuni.com.br
  • nsstat: 20251009 AA
  • nslastaa: 20251009
  • nserver: ns2.souuni.com.br
  • nsstat: 20251009 AA
  • nslastaa: 20251009
  • dsinetrev: 138.122.16.0/24
  • dsrecord: 36196 RSA-SHA-256 5A8EF6CC58C1A4850DAAAA536479DDA11D4FFC64AE3581F78E31A6D15B387597
  • dsstatus: 20251009 OK
  • dslastok: 20251009
  • dsinetrev: 138.122.17.0/24
  • dsrecord: 5827 RSA-SHA-256 1855C7E6634C0C35349CCE3C906F82D86C938DC643B39D7A102603A8D4C602F2
  • dsstatus: 20251009 OK
  • dslastok: 20251009
  • dsinetrev: 138.122.18.0/24
  • dsrecord: 7304 RSA-SHA-256 42880F495A1886BFED7BAF83BDC688C6F8F10A819CF5F528387BB2E7268E970A
  • dsstatus: 20251009 OK
  • dslastok: 20251009
  • dsinetrev: 138.122.19.0/24
  • dsrecord: 24775 RSA-SHA-256 350A2F283B40A8AD49D1461FDCE294BF777A2135262A96EFAA4ED40662018B57
  • dsstatus: 20251009 OK
  • dslastok: 20251009
  • created: 20150617
  • changed: 20240322
  • nic-hdl-br: MASGO10
  • person: Marlon Samuel Gon�alves
  • e-mail: marlon@souuni.com
  • country: BR
  • created: 20061013
  • changed: 20240411
  • nic-hdl-br: ANOSI312
  • person: Andr� de Oliveira Silva
  • e-mail: abuse@souuni.com
  • country: BR
  • created: 20240201
  • changed: 20240311
  • nic-hdl-br: ISTLT67
  • person: ISPRO TELECOM LTDA
  • e-mail: noc@souuni.com
  • country: BR
  • created: 20230926
  • changed: 20240322

Links to attack logs

****** nmap-scanning-list-2020-12-12 mssql-bruteforce-ip-list-2020-12-12 ****** ******

Share on: