138.201.62.169 Threat Intelligence and Host Information

Mar 14, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 138.201.62.169 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

View other sources: Spamhaus VirusTotal

Country: Germany
Network:
Noticed: 1 times
Protocols Attacked: Anonymous Proxy
Passive DNS Results: www.jpg.wtf prod.jpg.wtf virtual3.futuware.ru jpg.wtf tv.dirty.ru

Open Ports Detected

11000 11001 11002 11065 11082 11110 11111 11112 11211 11288 11371 11434 11596 11601 11681 12000 12019 12106 12114 12115 12117 12118 12120 12121 12127 12140 12142 12148 12152 12158 12161 12165 12173 12175 12178 12209 12212 12213 12217 12221 12222 12223 12224 12230 12236 12237 12240 12245 12248 12254 12257 12258 12264 12267 12280 12282 12293 12294 12296 12298 12304 12306 12314 12318 12329 12331 12332 12333 12335 12343 12344 12351 12358 12359 12361 12362 12363 12364 12369 12373 12374 12380 12381 12383 12384 12386 12388 12389 12391 12394 12395 12400 12402 12414 12416 12423 12427 12431 12444 12457 12463 12474 12483 12487 12488 12497 12498 12502 12508 12511 12519 12520 12528 12529 12530 12531 12532 12534 12537 12538 12540 12541 12542 12543 12544 12546 12561 12568 12569 12571 12573 12577 12579 12587 12589 12980 13001 13084 13333 13380 13579 14026 14130 14147 14184 14344 14400 14443 14825 14896 15001 15002 15006 15151 15443 15831 16002 16011 16015 16029 16030 16040 16042 16045 16049 16054 16059 16060 16064 16065 16075 16076 16078 16081 16082 16085 16087 16092 16094 16097 16099 161 16403 16601 16888 16992 16993 17010 17102 17771 17774 18001 18010 18014 18020 18021 18031 18032 18034 18041 18046 18056 18074 18075 18080 18081 18093 18095 18098 18112 18181 18245 18443 18553 18556 19017 19090 19930 20060 20090 20500 20547 20880 21025 21082 2111 21271 21281 21298 21305 21329 22 22206 22705 23023 25006 28017 80 8000 8200

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465

Map

Whois Information

NetRange: 138.199.128.0 - 138.201.255.255
CIDR: 138.199.128.0/17, 138.200.0.0/15
NetName: RIPE-ERX-138-198-0-0
NetHandle: NET-138-199-128-0-1
Parent: NET138 (NET-138-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2003-12-11
Updated: 2025-02-10
Ref: https://rdap.arin.net/registry/ip/138.199.128.0
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN

Links to attack logs

anonymous-proxy-ip-list-2025-03-02

Share on: