138.201.157.66 Threat Intelligence and Host Information

ipinfopage

General

This page contains threat intelligence information for the IPv4 address 138.201.157.66 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

🟡 Low Risk — 29/100

Geographic Location

Host and Network Information

  • View other sources: Spamhaus VirusTotal Shodan AbuseIPDB
  • Country: Germany
  • Network: AS24940 hetzner online gmbh
  • Noticed: 2 times
  • Protocols Attacked: ssh
  • Countries Attacked: Canada, France, Germany, Netherlands, Poland, United States of America
  • Tor Node: No

Tags

  • aaaa
  • accept
  • all algorithm
  • appdata
  • arial
  • artyku polska
  • as13335
  • as24940 hetzner
  • as25504 vautron
  • as31242
  • as48559 infomex
  • as50599
  • as63949 linode
  • ascii tekst
  • ascii text
  • authority
  • backdoor
  • blaty kamienne
  • body
  • body doctype
  • ceidg.gov.pl - centralna ewidencja i informacja o działalności g
  • certificate
  • cname
  • connection
  • contacted
  • content type
  • country
  • crlf
  • crlf line
  • cr line
  • cus cnr3
  • date
  • date tue
  • doctype html
  • document file
  • eksport
  • expires thu
  • finland unknown
  • first
  • font format
  • foreign
  • found
  • found h1
  • found title
  • france as16276
  • germany as24940
  • gmt content
  • gmt server
  • gujw4wrohtm
  • h1 p
  • head body
  • hostname
  • html public
  • ietfdtd html
  • import
  • indicator
  • intel
  • inwestycje
  • ip detections
  • ip hostname
  • ipv4 domain
  • issuer
  • key algorithm
  • key identifier
  • key info
  • kliknij
  • kreatywne meble
  • kuchnie
  • licia
  • md5 process
  • meble biurowe
  • meble kuchenne
  • meble łazienkowe
  • meble na wymiar
  • meble na zamówienie
  • microsoft
  • moved
  • ms windows
  • name
  • name microsoft
  • name type
  • number
  • ok server
  • olet
  • p body
  • pe32
  • pe32 executable
  • pehash
  • plik
  • png image
  • pobierz plik
  • poland as12824
  • poland as15967
  • poland as29522
  • poland as41079
  • poland as5617
  • poland unknown
  • pragma
  • produkcja
  • profesjonalne
  • prosz czeka
  • przejd
  • ransom
  • report uid
  • returnur
  • reverse ip
  • rgba
  • scanners
  • serial number
  • server nginx
  • serwer
  • sha1
  • skaker
  • skrypt
  • sprawd
  • ssh
  • status valid
  • strong
  • subject public
  • szafy
  • tahoma verdana
  • thank
  • thumbprint
  • trade
  • truetype
  • unicode
  • unicode text
  • united
  • unknown
  • upgrade
  • url http
  • url https
  • utf8 unicode
  • v2 document
  • v3 serial
  • valid
  • valid from
  • valid usage
  • vultr
  • web open
  • welcome
  • win32
  • wirtualne
  • wskazwka
  • zabudowa
  • zabudowy wnęk
  • zaloguj
  • znakw z
  • znaleziono
  • znaleziono cig
  • znaleziony
  • zobacz
  • z terminatorami
  • zwizualizuj

MITRE ATT&CK TTPs

  • T1553 - Subvert Trust Controls

Attack Log References

Whois Information

NetRange: 138.199.128.0 - 138.201.255.255 CIDR: 138.199.128.0/17, 138.200.0.0/15 NetName: RIPE-ERX-138-198-0-0 NetHandle: NET-138-199-128-0-1 Parent: NET138 (NET-138-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2003-12-11 Updated: 2020-10-20 Comment: These addresses have been further assigned to users in Comment: the RIPE NCC region. Contact information can be found in Ref: https://rdap.arin.net/registry/ip/138.199.128.0 OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: abuse@ripe.net OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: hostmaster@ripe.net OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN inetnum: 138.201.157.64 - 138.201.157.95 netname: CLOUD-FSN1 country: DE org: ORG-HOA1-RIPE admin-c: HOAC1-RIPE tech-c: HOAC1-RIPE status: LEGACY mnt-by: HOS-GUN created: 2018-03-15T15:11:19Z last-modified: 2023-12-12T12:20:40Z organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z role: Hetzner Online GmbH - Contact Role address: Hetzner Online GmbH address: Industriestrasse 25 address: D-91710 Gunzenhausen address: Germany phone: +49 9831 505-0 fax-no: +49 9831 505-3 abuse-mailbox: abuse@hetzner.com org: ORG-HOA1-RIPE admin-c: MH375-RIPE tech-c: GM834-RIPE tech-c: SK2374-RIPE tech-c: MF1400-RIPE tech-c: SK8441-RIPE tech-c: DD15478-RIPE nic-hdl: HOAC1-RIPE mnt-by: HOS-GUN created: 2004-08-12T09:40:20Z last-modified: 2022-11-22T18:33:55Z route: 138.201.0.0/16 descr: HETZNER-RZ-BLK-ERX4 origin: AS24940 org: ORG-HOA1-RIPE mnt-by: HOS-GUN created: 2012-12-24T09:10:23Z last-modified: 2012-12-24T09:10:23Z organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z