38.34.185.140 Threat Intelligence and Host Information

Share on:
Nov 17, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 38.34.185.140 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal

  • Country: Japan
  • Network: AS18978 enzu inc
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy

Malware Detected on Host

Count: 63 a2d6a62fd0068d24636bbd82aeee7445941f89e9af0d3526b37e3ceec9ff19d7 d628741ed3024a24e0d77ac1066f66eb9d5fdc0c76cdae3e69827272a3a60a58 d2ab9f37c030d5aeb08aa308b57969daf0d96a329d0ee3d9b1656a3f327f47e5 c4b80ca3b2df9da49da1001ea6b02f4a5e644e63de523192f78c577a3ad5587b 6498d687fbbb401d7771be37fdd38c09a6203b014c674c4398425fdcc71205a4 4efcdb61ad097fc2b844d878c36a098efe259c6d4eccf544e39f2a12e4500596 8ab73fb1ced1ed06178dea5d0d384e18a2e3502a5636f0f6ff6fc06e3071fc81 c1ae121242cdd408bc0a734e9e7658e15879abc94f2955f9da8b8e943c64d33d 0462d6a5c00e1004ea4d319cf1983a5865e305f2e6271e9e120cfb9fcbe66d81 c0b9dd1a8558a9117ea773fc3e71562889ef343ae5c2535b83a8ca54fe52b63f

Open Ports Detected

22

Map

Whois Information

  • NetRange: 38.0.0.0 - 38.255.255.255
  • CIDR: 38.0.0.0/8
  • NetName: COGENT-A
  • NetHandle: NET-38-0-0-0-1
  • Parent: ()
  • NetType: Direct Allocation
  • OriginAS: AS174
  • Organization: PSINet, Inc. (PSI)
  • RegDate: 1991-04-16
  • Updated: 2023-10-11
  • Comment: IP allocations within 38.0.0.0/8 are used for Cogent customer static IP assignments.
  • Comment:
  • Comment:
  • Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
  • Ref: https://rdap.arin.net/registry/ip/38.0.0.0
  • OrgName: PSINet, Inc.
  • OrgId: PSI
  • Address: 2450 N Street NW
  • City: Washington
  • StateProv: DC
  • PostalCode: 20037
  • Country: US
  • RegDate:
  • Updated: 2023-10-11
  • Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
  • Ref: https://rdap.arin.net/registry/entity/PSI
  • OrgTechHandle: IPALL-ARIN
  • OrgTechName: IP Allocation
  • OrgTechPhone: +1-877-875-4311
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
  • OrgAbuseHandle: COGEN-ARIN
  • OrgAbuseName: Cogent Abuse
  • OrgAbusePhone: +1-877-875-4311
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
  • OrgNOCHandle: ZC108-ARIN
  • OrgNOCName: Cogent Communications
  • OrgNOCPhone: +1-877-875-4311
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN
  • RTechHandle: PSI-NISC-ARIN
  • RTechName: IP Allocation
  • RTechPhone: +1-877-875-4311
  • RTechEmail: [email protected]
  • RTechRef: https://rdap.arin.net/registry/entity/PSI-NISC-ARIN
  • network:ID:NET4-2622A00013
  • network:Network-Name:NET4-2622A00013
  • network:IP-Network:38.34.160.0/19
  • network:Org-Name:Enzu Inc.
  • network:Street-Address:350 E CERMAK RD
  • network:City:CHICAGO
  • network:State:IL
  • network:Country:US
  • network:Postal-Code:60616
  • network:Tech-Contact:ZC108-ARIN
  • network:Updated:2020-10-21 20:12:42

Links to attack logs

anonymous-proxy-ip-list-2023-11-17 anonymous-proxy-ip-list-2023-11-16