138.197.9.169 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 138.197.9.169 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 26/100

Host and Network Information

• Tags: digital ocean, portscan, scanners

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: portscan
• Passive DNS Results: 138-197-9-169.ipv4.nknlabs.io db-mongodb-nyc3-73883-5868615d.mongo.ondigitalocean.com oo.tofubot.com

Malware Detected on Host

Count: 486 0088ffb51a63061413130e4385a1ae2f8aa0b4376d9eff012fd353e41a475e49 34aedb7a19a2c9ecf3cb714b189181385abbc261d8f571f6b394c3fc97f55799 5e49370bc7a67206b7aa7750e6b63d81cfe3f04f4971796d63538229f0acdbfd b2d3694c1111a68680d9d8d6ffdcf60d104705d42b7c678d21985f391d4838c8 5d3bd7d89589ea0d17adc6fb8646d582e47b6f3c42c97c465a63ffdc655de5b1 400cafad8dfd9c7cc68fb9e26fa07f1edd58ab61338c7491b22962e27e65812d 179dd7691fd29f18300c744480b99c0e886d771c07ecc42bf9a4f596145f91c6 0e8422079f58c628b40b132d27a707817ccf66ab65199fdf84f1d45118584ca6 06ed9c10c7b04993b4a7392f10bfc4d7bf3f35ba2828f4a06e269af9365d65a7 5cfe54306a4f52892d176d66b6ce0c624820d865f7eaa94867c1bdb15c7d1708

Open Ports Detected

22 443 631 80

CVEs Detected

CVE-2023-44487 CVE-2025-23419

Map

Whois Information

• NetRange: 138.197.0.0 - 138.197.255.255
• CIDR: 138.197.0.0/16
• NetName: DIGITALOCEAN-138-197-0-0
• NetHandle: NET-138-197-0-0-1
• Parent: NET138 (NET-138-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: DigitalOcean, LLC (DO-13)
• RegDate: 2016-01-26
• Updated: 2020-04-03
• Comment: Routing and Peering Policy can be found at https://www.as14061.net
• Comment:
• Ref: https://rdap.arin.net/registry/ip/138.197.0.0
• OrgName: DigitalOcean, LLC
• OrgId: DO-13
• Address: 105 Edgeview Drive, Suite 425
• City: Broomfield
• StateProv: CO
• PostalCode: 80021
• Country: US
• RegDate: 2012-05-14
• Updated: 2025-04-11
• Ref: https://rdap.arin.net/registry/entity/DO-13
• OrgAbuseHandle: DIGIT19-ARIN
• OrgAbuseName: DigitalOcean Abuse
• OrgAbusePhone: +1-646-827-4366
• OrgAbuseEmail: abuse@digitalocean.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
• OrgNOCHandle: NOC32014-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-646-827-4366
• OrgNOCEmail: noc@digitalocean.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgTechHandle: NOC32014-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-646-827-4366
• OrgTechEmail: noc@digitalocean.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN