209.38.122.18 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 209.38.122.18 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 9/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: ssh

Open Ports Detected

10001 10008 10013 10015 10019 10021 10023 10026 10027 10028 10036 10037 10038 10042 10047 10051 10068 10082 10123 10134 10225 10249 10251 10399 10443 10444 10892 10935 10936 11000 11065 11111 11210 11211 11300 11371 11434 11443 11688 12109 12111 12113 12115 12121 12154 12156 12157 12159 12160 12163 12165 12166 12167 12170 12172 12177 12191 12193 12199 12203 12206 12212 12218 12221 12228 12241 12243 12246 12257 12262 12265 12269 12271 12272 12273 12276 12279 12281 12294 12300 12301 12302 12306 12312 12317 12327 12330 12334 12340 12345 12347 12354 12364 12377 12381 12382 12388 12391 12400 12402 12405 12410 12421 12433 12435 12447 12458 12461 12474 12487 12499 12502 12503 12504 12505 12507 12513 12522 12523 12526 12530 12534 12540 12542 12550 12556 12566 12576 12579 12581 12582 12587 12615 12902 13579 14082 14104 14147 14344 14404 14406 14873 14875 14880 14896 14900 14909 3128 443 5000 5001 5003 5005 5006 5010 5025 5080 5083 5140 5172 5201 5225 5231 5233 5242 5249 5262 5266 5268 5269 5270 5273 5277 5321 5357 5433 5435 5440 5456 5500 5503 5557 5592 5596 5597 5598 5607 5620 5672 5800 5853 5858 5900 5901 5908 5917 5938 5985 5988 5990 5997 6000 6002 6011 6070 6080 6081 6102 6134 6264 6432 6488 6503 6505 6513 6580 6581 6590 6633 6653 6664 6666 6667 6668 6697 7001 7004 7011 7014 7016 7071 7082 7084 7087 7090 7171 7272 7302 7325 7415 7434 7444 7465 7474 7535 7547 7634 7657 7774 7779 7782 7788 7790 7822 7900 7979 8001 8004 8006 8008 8009 8010 8018 8020 8023 8026 8027 8029 8033 8039 8040 8041 8045 8046 8048 8049 8050 8051 8060 8066 8069 8075 8080 8081 8083 8084 8085 8086 8087 8090 8091 8095 8099 8105 8106 8108 8112 8122 8132 8137 8140 8141 8142 8156 8160 8171 8181 8182 8185 8188 8196 8198 8199 8200 8230 8236 8243 8249 8285 8291 8316 8333 8334 8343 8382 8383 8401 8424 8427 8432 8434 8443 8444 8450 8451 8456 8457 8460 8461 8463 8473 8494 8514 8521 8531 8532 8536 8544 8545 8548 8549 8551 8553 8560 8566 8576 8577 8582 8584 8589 8592 8593 8594 8606 8649 8702 8706 8707 8743 8745 8764 8779 8784 8787 8800 8805 8808 8811 8815 8834 8846 8847 8857 8860 8864 8867 8875 8877 8880 8890 8899 8900 8912 8969 8988 8993 9000 9001 9002 9007 9010 9016 9033 9035 9045 9048 9051 9066 9069 9075 9079 9080 9086 9091 9092 9093 9094 9095 9103 9105 9112 9114 9121 9123 9128 9130 9132 9143 9148 9150 9151 9153 9154 9156 9160 9164 9167 9169 9185 9191 9193 9195 9199 9200 9201 9207 9208 9212 9217 9220 9221 9251 9306 9307 9311 9333 9351 9387 9393 9398 9418 9441 9443 9444 9510 9530 9595 9600 9633 9682 9743 9797 9800 9803 9861 9876 9898 9899 9908 9909 9944 9991 9993 9998 9999

CVEs Detected

CVE-2025-59362 CVE-2025-62168

Map

Whois Information

• NetRange: 209.38.0.0 - 209.38.255.255
• CIDR: 209.38.0.0/16
• NetName: DO-13
• NetHandle: NET-209-38-0-0-1
• Parent: NET209 (NET-209-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: DigitalOcean, LLC (DO-13)
• RegDate: 2021-10-01
• Updated: 2024-05-07
• Ref: https://rdap.arin.net/registry/ip/209.38.0.0
• OrgName: DigitalOcean, LLC
• OrgId: DO-13
• Address: 105 Edgeview Drive, Suite 425
• City: Broomfield
• StateProv: CO
• PostalCode: 80021
• Country: US
• RegDate: 2012-05-14
• Updated: 2025-04-11
• Ref: https://rdap.arin.net/registry/entity/DO-13
• OrgTechHandle: NOC32014-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-646-827-4366
• OrgTechEmail: noc@digitalocean.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgNOCHandle: NOC32014-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-646-827-4366
• OrgNOCEmail: noc@digitalocean.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgAbuseHandle: DIGIT19-ARIN
• OrgAbuseName: DigitalOcean Abuse
• OrgAbusePhone: +1-646-827-4366
• OrgAbuseEmail: abuse@digitalocean.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2025-11-18