38.242.239.132 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 38.242.239.132 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 7/100

Host and Network Information

• JARM: 15d3fd16d29d29d00042d43d00000071784fa9f8305ba9220d0a7894b6ff2c

• View other sources: Spamhaus VirusTotal

• Country: Germany
• Network:
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: affectionate-khayyam.38-242-239-132.plesk.page www.affectionate-khayyam.38-242-239-132.plesk.page dazzling-agnesi.38-242-239-132.plesk.page ajhis.africa clever-joliot.38-242-239-132.plesk.page www.clever-joliot.38-242-239-132.plesk.page www.sweet-nobel.38-242-239-132.plesk.page sweet-nobel.38-242-239-132.plesk.page www.nice-mcclintock.38-242-239-132.plesk.page nice-mcclintock.38-242-239-132.plesk.page serenityhaven-ea.org campswampafrica.org stratescope.org gallant-cannon.38-242-239-132.plesk.page www.gallant-cannon.38-242-239-132.plesk.page www.busy-proskuriakova.38-242-239-132.plesk.page busy-proskuriakova.38-242-239-132.plesk.page vcarediaspora.com distracted-aryabhata.38-242-239-132.plesk.page www.distracted-aryabhata.38-242-239-132.plesk.page toughglasskenya.com aicsconsult.net coolmaxxkenya.com www.friendly-goodall.38-242-239-132.plesk.page friendly-goodall.38-242-239-132.plesk.page prystinsinsights.com cornichegrill.com eaccc.co.ke actions4ucare.co.uk juliusndivo.com blithost.com santolinevilla.com ostinmoriz.com glorioussplendor.co.uk frugalinnovations.co.ke adonis.blithost.com santoshomeofbeauty.com icocea.org ssudan.institutechildstudies.org institutechildstudies.org wemaltd.co.ke pwct.co.ke streetradio.co.ke talakutb.org amicusschool.com kothbiro.co.ke icocwelfare.org sojcare.co.uk www.batianrealty.com batianrealty.com floenmart.com btsa.or.ke billing.he-host.com he-host.com upbeat-mendeleev.38-242-239-132.plesk.page

Malware Detected on Host

Count: 2 c51abe0d7fe4faf1d1c12d1495466eabe7e7972ccb575cd9117821fa17f6549e 3995eaf35accda970f7aab5b9f55e61455db5fe957579d461a561097329dc346

Open Ports Detected

106 110 143 21 25 443 465 53 587 80 8443 8880 993 995

Map

Whois Information

• NetRange: 38.0.0.0 - 38.255.255.255
• CIDR: 38.0.0.0/8
• NetName: COGENT-A
• NetHandle: NET-38-0-0-0-1
• Parent: ()
• NetType: Direct Allocation
• OriginAS: AS174
• Organization: PSINet, Inc. (PSI)
• RegDate: 1991-04-16
• Updated: 2023-10-11
• Comment: IP allocations within 38.0.0.0/8 are used for Cogent customer static IP assignments.
• Comment:
• Comment:
• Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
• Ref: https://rdap.arin.net/registry/ip/38.0.0.0
• OrgName: PSINet, Inc.
• OrgId: PSI
• Address: 2450 N Street NW
• City: Washington
• StateProv: DC
• PostalCode: 20037
• Country: US
• RegDate:
• Updated: 2023-10-11
• Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
• Ref: https://rdap.arin.net/registry/entity/PSI
• OrgNOCHandle: ZC108-ARIN
• OrgNOCName: Cogent Communications
• OrgNOCPhone: +1-877-875-4311
• OrgNOCEmail: noc@cogentco.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN
• OrgAbuseHandle: COGEN-ARIN
• OrgAbuseName: Cogent Abuse
• OrgAbusePhone: +1-877-875-4311
• OrgAbuseEmail: abuse@cogentco.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
• OrgTechHandle: IPALL-ARIN
• OrgTechName: IP Allocation
• OrgTechPhone: +1-877-875-4311
• OrgTechEmail: ipalloc@cogentco.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
• RTechHandle: PSI-NISC-ARIN
• RTechName: IP Allocation
• RTechPhone: +1-877-875-4311
• RTechEmail: ipalloc@cogentco.com
• RTechRef: https://rdap.arin.net/registry/entity/PSI-NISC-ARIN
• network:ID:NET4-26F2E00013
• network:Network-Name:NET4-26F2E00013
• network:IP-Network:38.242.224.0/19
• network:Org-Name:Contabo GmbH
• network:Street-Address:IN DER STEELE 39
• network:City:DUSSELDORF
• network:Country:DE
• network:Postal-Code:40599
• network:Tech-Contact:ZC108-ARIN
• network:Updated:2024-05-13 18:18:27

Links to attack logs

anonymous-proxy-ip-list-2024-11-29 anonymous-proxy-ip-list-2024-12-01 anonymous-proxy-ip-list-2024-12-14 anonymous-proxy-ip-list-2024-12-15 anonymous-proxy-ip-list-2024-12-10 anonymous-proxy-ip-list-2024-12-09 anonymous-proxy-ip-list-2024-12-11 anonymous-proxy-ip-list-2024-12-08 anonymous-proxy-ip-list-2024-12-16 anonymous-proxy-ip-list-2024-12-04 anonymous-proxy-ip-list-2024-11-27 anonymous-proxy-ip-list-2024-11-26 anonymous-proxy-ip-list-2024-12-07 anonymous-proxy-ip-list-2024-11-30 anonymous-proxy-ip-list-2024-12-12 anonymous-proxy-ip-list-2024-12-20 anonymous-proxy-ip-list-2024-11-28 anonymous-proxy-ip-list-2024-12-02 anonymous-proxy-ip-list-2024-12-05 anonymous-proxy-ip-list-2024-12-06 anonymous-proxy-ip-list-2024-12-13