38.170.193.18 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 38.170.193.18 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 7/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: us-west-1.proxy.socks5.webshare.io p.webshare.io

Open Ports Detected

10001 10013 10016 10025 10028 10035 10036 10038 10046 10049 10051 10080 10086 10090 10134 10200 10201 10205 10209 10243 10250 10443 10477 10554 1080 10909 10943 11001 11002 11027 11110 11112 11210 11211 11300 11434 11480 11481 12000 12016 12082 12084 12103 12115 12121 12127 12128 12129 12133 12153 12156 12157 12165 12168 12176 12187 12189 12193 12196 12199 12200 12204 12206 12210 12219 12229 12240 12244 12246 12260 12272 12278 12280 12284 12285 12304 12313 12315 12316 12319 12320 12339 12349 12353 12359 12360 12371 12376 12381 12389 12395 12399 12403 12409 12413 12414 12428 12429 12431 12432 12451 12455 12461 12462 12463 12464 12478 12481 12488 12491 12493 12495 12520 12523 12528 12530 12532 12536 12548 12553 12562 12567 12568 12569 12570 12572 12581 13128 13579 14024 14082 14101 14104 14130 14147 14182 14344 14401 14825 14894 14897 14900 15082 15123 15504 15588 16000 16010 16020 16022 16030 16034 16038 16043 16047 16048 16051 16053 16055 16064 16076 16082 16086 16087 16093 16098 16101 16311 16443 16992 17000 17070 17182 17770 17775 17777 18004 18012 18015 18017 18018 18037 18038 18046 18047 18048 18056 18061 18069 18070 18081 18089 18245 18264 18443 19000 19017 19071 19091 20000 20020 20030 20040 20060 20184 20202 20208 20443 20547 20800 20880 21025 21082 21083 21200 21247 21250 21259 21263 21266 21267 21275 21277 21287 21293 21294 21296 21299 21300 21309 21310 21317 21318 21319 21324 21327 21328 21379 21515 22082 22556 22609 23023 23084 23184 23424 24084 24181 25001 25002 25004 25007 25084 25105 25565 28015 28017 29840 3128 7946 80

Map

Whois Information

• NetRange: 38.0.0.0 - 38.255.255.255
• CIDR: 38.0.0.0/8
• NetName: COGENT-A
• NetHandle: NET-38-0-0-0-1
• Parent: ()
• NetType: Direct Allocation
• OriginAS:
• Organization: Cogent Communications, LLC (COGC)
• RegDate: 1991-04-16
• Updated: 2025-09-23
• Ref: https://rdap.arin.net/registry/ip/38.0.0.0
• OrgName: Cogent Communications, LLC
• OrgId: COGC
• Address: 2450 N Street NW
• City: Washington
• StateProv: DC
• PostalCode: 20037
• Country: US
• RegDate: 2000-05-30
• Updated: 2025-09-23
• Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
• Ref: https://rdap.arin.net/registry/entity/COGC
• OrgTechHandle: IPALL-ARIN
• OrgTechName: IP Allocation
• OrgTechPhone: +1-877-875-4311
• OrgTechEmail: ipalloc@cogentco.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
• OrgNOCHandle: ZC108-ARIN
• OrgNOCName: Cogent Communications
• OrgNOCPhone: +1-877-875-4311
• OrgNOCEmail: noc@cogentco.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN
• OrgAbuseHandle: COGEN-ARIN
• OrgAbuseName: Cogent Abuse
• OrgAbusePhone: +1-877-875-4311
• OrgAbuseEmail: abuse@cogentco.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
• NetRange: 38.170.0.0 - 38.170.255.255
• CIDR: 38.170.0.0/16
• NetName: 24SHELLS-CGNT-NET-2
• NetHandle: NET-38-170-0-0-1
• Parent: COGENT-A (NET-38-0-0-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: 24 SHELLS (TS-74)
• RegDate: 2023-01-23
• Updated: 2023-01-23
• Ref: https://rdap.arin.net/registry/ip/38.170.0.0
• OrgName: 24 SHELLS
• OrgId: TS-74
• Address: 30 Knightsbridge Road, Suite 525
• City: Piscataway
• StateProv: NJ
• PostalCode: 08854
• Country: US
• RegDate: 2012-02-22
• Updated: 2024-11-25
• Comment: http://www.24shells.net
• Ref: https://rdap.arin.net/registry/entity/TS-74
• OrgAbuseHandle: ABUSE3950-ARIN
• OrgAbuseName: Abuse Department
• OrgAbusePhone: +1-732-400-8134
• OrgAbuseEmail: abuse@24shells.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3950-ARIN
• OrgTechHandle: NOC13393-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-732-400-8134
• OrgTechEmail: noc@24shells.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC13393-ARIN
• OrgNOCHandle: NOC13393-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-732-400-8134
• OrgNOCEmail: noc@24shells.net
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC13393-ARIN
• NetRange: 38.170.0.0 - 38.170.255.255
• CIDR: 38.170.0.0/16
• NetName: BNS-34
• NetHandle: NET-38-170-0-0-2
• Parent: 24SHELLS-CGNT-NET-2 (NET-38-170-0-0-1)
• NetType: Reallocated
• OriginAS:
• Organization: B2 Net Solutions Inc. (BNS-34)
• RegDate: 2023-01-23
• Updated: 2023-01-23
• Ref: https://rdap.arin.net/registry/ip/38.170.0.0
• OrgName: B2 Net Solutions Inc.
• OrgId: BNS-34
• Address: 205-1040 South Service Road
• City: Stoney Creek
• StateProv: ON
• PostalCode: L8E 6G3
• Country: CA
• RegDate: 2011-10-24
• Updated: 2024-11-25
• Comment: https://servermania.com
• Ref: https://rdap.arin.net/registry/entity/BNS-34
• OrgAbuseHandle: NOC33347-ARIN
• OrgAbuseName: Network Operations Center
• OrgAbusePhone: +1-716-745-4678
• OrgAbuseEmail: abuse-system@servermania.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC33347-ARIN
• OrgTechHandle: NOC13339-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-716-745-4678
• OrgTechEmail: abuse-system@servermania.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC13339-ARIN
• OrgNOCHandle: NOC13339-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-716-745-4678
• OrgNOCEmail: abuse-system@servermania.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC13339-ARIN
• OrgAbuseHandle: NOC13339-ARIN
• OrgAbuseName: Network Operations Center
• OrgAbusePhone: +1-716-745-4678
• OrgAbuseEmail: abuse-system@servermania.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC13339-ARIN
• network:ID:NET4-26AA000010
• network:Network-Name:NET4-26AA000010
• network:IP-Network:38.170.0.0/16
• network:Org-Name:24Shells Inc.
• network:Street-Address:101 POSSUMTOWN ROAD
• network:City:PISCATAWAY TOWNSHIP
• network:State:NJ
• network:Country:US
• network:Postal-Code:08854
• network:Tech-Contact:ZC108-ARIN
• network:Updated:2025-05-05 21:54:33

Links to attack logs

bruteforce-ip-list-2025-11-27