138.197.133.81 Threat Intelligence and Host Information

Share on:
Jul 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 138.197.133.81 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: Nextray, cyber security, ioc, malicious, phishing

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh

  • Country: Canada
  • Network: AS14061 digitalocean llc
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: jtlth.buzz camilloempreendimentos.com.br collegebud.org facsfla.com explorer.digitalgemtoken.com www.explorer.digitalgemtoken.com

Malware Detected on Host

Count: 30 2318dc9e72c9595878e1f08cd438ebfaaa5a984701335e0b7bcef169ef45f835 4bee89e4517ee3e7c9e101c1ab0d97f0df880089bfe5dd9b967cd6140c91b9de bda150d960f168e520cd827020271766316321b85bd5ef1cae0e768307a69d3c 3dec3be94d3de8ce53ab3d7995054aaa5ad4f087fe994049eda4b3f06cb3a31f 33e43d556e4f1bd8d64adf20ba27e713b24aa5774c45a67109ee2a06dac09540 f9946714b9e6c5a3d444a148489ea1eb0928bf488b05b380badbcc0b3e2f9e6e 05673917e6428139cad3d39a9ccf3eabfe983def78e862aa5696ad7e33c7980b 8886a05201ff82d4d3c317691efe225be9a1605f9f21cfc31a4b21ffc4b654a1 8eccc4cedb6765fb5aa29e010424b838c37807f8e86becefd60931fc97e34bec 757b00e13371becb5c0278ca5a9a2c31056b80d68c0ff1bdabcb801a5e5fbf8d

Map

Whois Information

  • NetRange: 138.197.0.0 - 138.197.255.255
  • CIDR: 138.197.0.0/16
  • NetName: DIGITALOCEAN-138-197-0-0
  • NetHandle: NET-138-197-0-0-1
  • Parent: NET138 (NET-138-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS14061
  • Organization: DigitalOcean, LLC (DO-13)
  • RegDate: 2016-01-26
  • Updated: 2020-04-03
  • Comment: Routing and Peering Policy can be found at https://www.as14061.net
  • Comment:
  • Ref: https://rdap.arin.net/registry/ip/138.197.0.0
  • OrgName: DigitalOcean, LLC
  • OrgId: DO-13
  • Address: 101 Ave of the Americas
  • Address: FL2
  • City: New York
  • StateProv: NY
  • PostalCode: 10013
  • Country: US
  • RegDate: 2012-05-14
  • Updated: 2023-07-07
  • Ref: https://rdap.arin.net/registry/entity/DO-13
  • OrgAbuseHandle: ABUSE5232-ARIN
  • OrgAbuseName: Abuse, DigitalOcean
  • OrgAbusePhone: +1-347-875-6044
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5232-ARIN
  • OrgNOCHandle: NOC32014-ARIN
  • OrgNOCName: Network Operations Center
  • OrgNOCPhone: +1-347-875-6044
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
  • OrgTechHandle: NOC32014-ARIN
  • OrgTechName: Network Operations Center
  • OrgTechPhone: +1-347-875-6044
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

bruteforce-ip-list-2021-03-25 bruteforce-ip-list-2021-03-24