209.38.108.89 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 209.38.108.89 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: ssh

Open Ports Detected

10000 10001 10003 10018 10028 10029 10031 10037 10040 10043 10048 10050 10068 10081 10087 10134 10200 10249 10302 10348 10399 10443 10554 10909 10911 10936 11000 11002 11111 11112 11210 11288 11300 11371 11434 11680 11681 11701 11920 12082 12119 12128 12131 12132 12138 12144 12152 12154 12165 12168 12182 12210 12211 12212 12220 12221 12225 12227 12237 12243 12248 12253 12255 12260 12263 12268 12278 12285 12290 12291 12299 12322 12332 12333 12337 12345 12348 12354 12356 12374 12376 12377 12378 12385 12394 12409 12414 12418 12420 12421 12436 12443 12454 12464 12469 12495 12498 12499 12501 12502 12510 12517 12521 12542 12546 12552 12556 12563 12565 12573 12576 12580 12583 13780 14006 14026 14147 14265 14344 14402 14407 14523 14873 14894 14897 443 5004 5006 5007 5009 5070 5090 5122 5130 5172 5223 5233 5234 5235 5240 5249 5252 5357 5400 5432 5494 5500 5503 5543 5560 5595 5598 5603 5613 5614 5630 5672 5698 5800 5801 5858 5900 5907 5909 5917 5920 5938 5985 5999 6001 6002 6004 6021 6036 6102 6262 6443 6505 6560 6605 6650 6653 6664 6666 6686 6697 6700 7000 7001 7005 7013 7022 7070 7081 7085 7090 7171 7218 7283 7348 7373 7403 7415 7434 7441 7443 7474 7537 7634 7687 7774 7777 7778 7779 8000 8001 8009 8010 8012 8017 8024 8030 8034 8038 8040 8049 8060 8069 8073 8078 8080 8081 8083 8086 8087 8089 8090 8092 8098 8101 8104 8108 8110 8111 8112 8114 8123 8134 8138 8139 8140 8142 8149 8156 8163 8165 8172 8178 8183 8186 8188 8200 8203 8230 8238 8239 8291 8319 8333 8334 8381 8409 8414 8419 8420 8424 8426 8431 8434 8440 8443 8451 8453 8458 8460 8467 8470 8500 8504 8506 8519 8545 8548 8554 8565 8566 8567 8576 8581 8593 8596 8600 8605 8649 8666 8700 8709 8731 8782 8800 8802 8803 8808 8809 8817 8827 8829 8838 8846 8849 8857 8860 8862 8871 8875 8879 8880 8883 8885 8889 8891 8899 8901 8911 8915 8990 9001 9002 9003 9023 9035 9042 9051 9056 9063 9078 9087 9090 9095 9098 9100 9104 9108 9113 9131 9135 9139 9144 9162 9168 9182 9191 9200 9205 9208 9243 9246 9253 9257 9280 9291 9306 9312 9313 9376 9383 9387 9398 9399 9443 9446 9447 9500 9501 9515 9530 9553 9595 9600 9633 9690 9711 9761 9765 9861 9869 9876 9888 9900 9916 9950 9981 9998 9999

Map

Whois Information

• NetRange: 209.38.0.0 - 209.38.255.255
• CIDR: 209.38.0.0/16
• NetName: DO-13
• NetHandle: NET-209-38-0-0-1
• Parent: NET209 (NET-209-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: DigitalOcean, LLC (DO-13)
• RegDate: 2021-10-01
• Updated: 2024-05-07
• Ref: https://rdap.arin.net/registry/ip/209.38.0.0
• OrgName: DigitalOcean, LLC
• OrgId: DO-13
• Address: 105 Edgeview Drive, Suite 425
• City: Broomfield
• StateProv: CO
• PostalCode: 80021
• Country: US
• RegDate: 2012-05-14
• Updated: 2025-04-11
• Ref: https://rdap.arin.net/registry/entity/DO-13
• OrgTechHandle: NOC32014-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-646-827-4366
• OrgTechEmail: noc@digitalocean.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgAbuseHandle: DIGIT19-ARIN
• OrgAbuseName: DigitalOcean Abuse
• OrgAbusePhone: +1-646-827-4366
• OrgAbuseEmail: abuse@digitalocean.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
• OrgNOCHandle: NOC32014-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-646-827-4366
• OrgNOCEmail: noc@digitalocean.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

digitaloceanlondon-ssh-bruteforce-ip-list-2025-11-23