IP address

Search at other sites:

--109.120.137.231111777.h2.nexus

Shodan(more info)

Passive DNS

IP blacklists

DataPlane VNC RFB

109.120.137.231 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-04 14:10:00.791000
Was present on blacklist at: 2025-03-10 11:10, 2025-03-10 15:10, 2025-03-10 19:10, 2025-03-10 23:10, 2025-03-11 03:10, 2025-03-11 07:10, 2025-03-11 11:10, 2025-03-11 15:10, 2025-03-11 19:10, 2025-03-11 23:10, 2025-03-12 03:10, 2025-03-12 07:10, 2025-03-12 11:10, 2025-03-12 15:10, 2025-03-12 19:10, 2025-03-12 23:10, 2025-03-13 03:10, 2025-03-13 07:10, 2025-03-13 11:10, 2025-03-13 15:10, 2025-03-13 19:10, 2025-03-13 23:10, 2025-03-14 03:10, 2025-03-14 07:10, 2025-03-14 11:10, 2025-03-14 15:10, 2025-03-14 19:10, 2025-03-14 23:10, 2025-03-15 03:10, 2025-03-15 07:10, 2025-03-15 11:10, 2025-03-15 15:10, 2025-03-15 19:10, 2025-03-16 03:10, 2025-03-16 07:10, 2025-03-16 11:10, 2025-03-16 15:10, 2025-03-16 19:10, 2025-03-16 23:10, 2025-03-17 03:10, 2025-03-17 07:10, 2025-03-17 11:10, 2025-03-17 15:10, 2025-03-17 19:10, 2025-03-17 23:10, 2025-03-18 03:10, 2025-03-18 07:10, 2025-03-18 11:10, 2025-03-18 15:10, 2025-03-18 19:10, 2025-03-18 23:10, 2025-03-19 07:10, 2025-03-19 11:10, 2025-03-19 15:10, 2025-03-19 19:10, 2025-03-19 23:10, 2025-03-20 03:10, 2025-03-20 07:10, 2025-03-20 11:10, 2025-03-20 15:10, 2025-03-20 19:10, 2025-03-20 23:10, 2025-03-21 03:10, 2025-03-21 07:10, 2025-03-21 11:10, 2025-03-21 15:10, 2025-03-21 19:10, 2025-03-21 23:10, 2025-03-22 03:10, 2025-03-22 07:10, 2025-03-22 11:10, 2025-03-22 15:10, 2025-03-22 19:10, 2025-03-22 23:10, 2025-03-23 03:10, 2025-03-23 07:10, 2025-03-23 11:10, 2025-03-23 15:10, 2025-03-23 19:10, 2025-03-23 23:10, 2025-03-24 03:10, 2025-03-24 07:10, 2025-03-24 11:10, 2025-03-24 15:10, 2025-03-24 19:10, 2025-03-24 23:10, 2025-03-25 03:10, 2025-03-25 07:10, 2025-03-25 11:10, 2025-03-25 15:10, 2025-03-25 19:10, 2025-03-25 23:10, 2025-03-26 03:10, 2025-03-26 07:10, 2025-03-26 11:10, 2025-03-26 15:10, 2025-03-26 19:10, 2025-03-26 23:10, 2025-03-27 03:10, 2025-03-27 07:10, 2025-03-27 11:10, 2025-03-27 15:10, 2025-03-27 19:10, 2025-03-27 23:10, 2025-03-28 03:10, 2025-03-28 07:10, 2025-03-28 11:10, 2025-03-28 15:10, 2025-03-28 19:10, 2025-03-28 23:10, 2025-03-29 03:10, 2025-03-29 07:10, 2025-03-29 11:10, 2025-03-29 15:10, 2025-03-29 19:10, 2025-03-29 23:10, 2025-03-30 02:10, 2025-03-30 06:10, 2025-03-30 10:10, 2025-03-30 14:10, 2025-03-30 18:10, 2025-03-30 22:10, 2025-03-31 02:10, 2025-03-31 06:10, 2025-03-31 10:10, 2025-03-31 14:10, 2025-03-31 22:10, 2025-04-01 02:10, 2025-04-01 06:10, 2025-04-01 10:10, 2025-04-01 14:10, 2025-04-01 18:10, 2025-04-01 22:10, 2025-04-02 02:10, 2025-04-02 06:10, 2025-04-02 10:10, 2025-04-02 14:10, 2025-04-02 18:10, 2025-04-02 22:10, 2025-04-03 02:10, 2025-04-03 06:10, 2025-04-03 10:10, 2025-04-03 14:10, 2025-04-03 18:10, 2025-04-03 22:10, 2025-04-04 02:10, 2025-04-04 06:10, 2025-04-04 10:10, 2025-04-04 14:10, 2025-04-04 18:10, 2025-04-04 22:10, 2025-04-05 02:10, 2025-04-05 06:10, 2025-04-05 10:10, 2025-04-05 14:10, 2025-04-05 18:10, 2025-04-05 22:10, 2025-04-06 02:10, 2025-04-06 06:10, 2025-04-06 10:10, 2025-04-06 14:10, 2025-04-06 18:10, 2025-04-06 22:10, 2025-04-07 02:10, 2025-04-07 06:10, 2025-04-07 10:10, 2025-04-07 14:10, 2025-04-07 18:10, 2025-04-07 22:10, 2025-04-08 02:10, 2025-04-08 06:10, 2025-04-08 10:10, 2025-04-08 14:10, 2025-04-08 18:10, 2025-04-08 22:10, 2025-04-09 02:10, 2025-04-09 06:10, 2025-04-09 10:10, 2025-04-09 14:10, 2025-04-09 18:10, 2025-04-09 22:10, 2025-04-10 02:10, 2025-04-10 06:10, 2025-04-10 10:10, 2025-04-10 14:10, 2025-04-10 18:10, 2025-04-10 22:10, 2025-04-11 02:10, 2025-04-11 06:10, 2025-04-11 10:10, 2025-04-11 14:10, 2025-04-11 18:10, 2025-04-11 22:10, 2025-04-12 02:10, 2025-04-12 06:10, 2025-04-12 10:10, 2025-04-12 14:10, 2025-04-12 18:10, 2025-04-12 22:10, 2025-04-13 02:10, 2025-04-13 06:10, 2025-04-13 14:10, 2025-04-13 18:10, 2025-04-13 22:10, 2025-04-14 02:10, 2025-04-14 06:10, 2025-04-14 10:10, 2025-04-14 14:10, 2025-04-14 18:10, 2025-04-14 22:10, 2025-04-15 02:10, 2025-04-15 06:10, 2025-04-15 10:10, 2025-04-15 14:10, 2025-04-15 18:10, 2025-04-16 02:10, 2025-04-16 06:10, 2025-04-16 10:10, 2025-04-16 14:10, 2025-04-16 18:10, 2025-04-16 22:10, 2025-04-17 02:10, 2025-04-17 06:10, 2025-04-17 10:10, 2025-04-17 14:10, 2025-04-17 18:10, 2025-04-17 22:10, 2025-04-18 02:10, 2025-04-18 06:10, 2025-04-18 10:10, 2025-04-18 14:10, 2025-04-18 18:10, 2025-04-18 22:10, 2025-04-19 02:10, 2025-04-19 06:10, 2025-04-19 10:10, 2025-04-19 14:10, 2025-04-19 18:10, 2025-04-19 22:10, 2025-04-20 02:10, 2025-04-20 06:10, 2025-04-20 10:10, 2025-04-20 14:10, 2025-04-20 18:10, 2025-04-20 22:10, 2025-04-21 02:10, 2025-04-21 06:10, 2025-04-21 10:10, 2025-04-21 14:10, 2025-04-21 18:10, 2025-04-21 22:10, 2025-04-22 02:10, 2025-04-22 06:10, 2025-04-22 10:10, 2025-04-22 14:10, 2025-04-22 18:10, 2025-04-22 22:10, 2025-04-23 02:10, 2025-04-23 06:10, 2025-04-23 10:10, 2025-04-23 14:10, 2025-04-23 18:10, 2025-04-24 02:10, 2025-04-24 06:10, 2025-04-24 10:10, 2025-04-24 14:10, 2025-04-24 18:10, 2025-04-24 22:10, 2025-04-25 02:10, 2025-04-25 06:10, 2025-04-25 10:10, 2025-04-25 14:10, 2025-04-25 18:10, 2025-04-25 22:10, 2025-04-26 02:10, 2025-04-26 06:10, 2025-04-26 10:10, 2025-04-26 14:10, 2025-04-26 18:10, 2025-04-26 22:10, 2025-04-27 02:10, 2025-04-27 06:10, 2025-04-27 10:10, 2025-04-27 14:10, 2025-04-27 18:10, 2025-04-28 02:10, 2025-04-28 06:10, 2025-04-28 10:10, 2025-04-28 14:10, 2025-04-28 18:10, 2025-04-28 22:10, 2025-04-29 02:10, 2025-04-29 06:10, 2025-04-29 10:10, 2025-04-29 14:10, 2025-04-29 18:10, 2025-04-29 22:10, 2025-04-30 02:10, 2025-04-30 06:10, 2025-04-30 10:10, 2025-04-30 14:10, 2025-04-30 18:10, 2025-04-30 22:10, 2025-05-01 02:10, 2025-05-01 06:10, 2025-05-01 10:10, 2025-05-01 14:10, 2025-05-01 18:10, 2025-05-01 22:10, 2025-05-02 02:10, 2025-05-02 06:10, 2025-05-02 10:10, 2025-05-02 14:10, 2025-05-02 18:10, 2025-05-02 22:10, 2025-05-03 02:10, 2025-05-03 06:10, 2025-05-03 10:10, 2025-05-03 14:10, 2025-05-03 18:10, 2025-05-03 22:10, 2025-05-04 02:10, 2025-05-04 06:10, 2025-05-04 10:10, 2025-05-04 14:10

UCEPROTECT L1

109.120.137.231 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-15 15:45:00.549000
Was present on blacklist at: 2025-03-10 16:45, 2025-03-11 00:45, 2025-03-11 08:45, 2025-03-11 16:45, 2025-03-12 00:45, 2025-03-12 08:45, 2025-03-12 16:45, 2025-03-13 00:45, 2025-03-13 08:45, 2025-03-13 16:45, 2025-03-14 00:45, 2025-03-14 08:45, 2025-03-14 16:45, 2025-03-15 00:45, 2025-03-15 08:45, 2025-03-15 16:45, 2025-03-16 00:45, 2025-03-16 08:45, 2025-03-16 16:45, 2025-03-17 00:45, 2025-03-17 08:45, 2025-04-08 23:45, 2025-04-09 07:45, 2025-04-09 15:45, 2025-04-09 23:45, 2025-04-10 07:45, 2025-04-10 15:45, 2025-04-10 23:45, 2025-04-11 07:45, 2025-04-11 15:45, 2025-04-11 23:45, 2025-04-12 07:45, 2025-04-12 15:45, 2025-04-12 23:45, 2025-04-13 07:45, 2025-04-13 15:45, 2025-04-13 23:45, 2025-04-14 07:45, 2025-04-14 15:45, 2025-04-14 23:45, 2025-04-15 07:45, 2025-04-15 15:45

OTX pulses

[67cede98af39b6c4e991011b] 2025-03-10 12:44:08.554000 | VNC honeypot logs for 2025/03/10

Author name:	jnazario
Pulse modified:	2025-03-10 12:44:08.554000
Indicator created:	2025-03-10 12:44:09
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-09 12:00:00

[67e14fa43ead921b46f8e298] 2025-03-24 12:27:16.557000 | VNC honeypot logs for 2025/03/24

Author name:	jnazario
Pulse modified:	2025-03-24 12:27:16.557000
Indicator created:	2025-03-24 12:27:17
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-23 12:00:00

[67e5443c6d284bec0d77f408] 2025-03-27 12:27:40.082000 | VNC honeypot logs for 2025/03/27

Author name:	jnazario
Pulse modified:	2025-03-27 12:27:40.082000
Indicator created:	2025-03-27 12:27:40
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-26 12:00:00

[67f2732e2acbbf56e2638f72] 2025-04-06 12:27:26.307000 | VNC honeypot logs for 2025/04/06

Author name:	jnazario
Pulse modified:	2025-04-06 12:27:26.307000
Indicator created:	2025-04-06 12:27:27
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-06 12:00:00

[67f7b8d9710d8c6595cc8ed8] 2025-04-10 12:26:01.483000 | VNC honeypot logs for 2025/04/10

Author name:	jnazario
Pulse modified:	2025-04-10 12:26:01.483000
Indicator created:	2025-04-10 12:26:02
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-10 12:00:00

[67f90a5e4363ba310ba40abd] 2025-04-11 12:26:06.209000 | VNC honeypot logs for 2025/04/11

Author name:	jnazario
Pulse modified:	2025-04-11 12:26:06.209000
Indicator created:	2025-04-11 12:26:07
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-11 12:00:00

[67fa5c254fd9369ebc1c3268] 2025-04-12 12:27:17.358000 | VNC honeypot logs for 2025/04/12

Author name:	jnazario
Pulse modified:	2025-04-12 12:27:17.358000
Indicator created:	2025-04-12 12:27:18
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-12 12:00:00

[67fe5032a5c46ac762bf01ae] 2025-04-15 12:25:22.495000 | VNC honeypot logs for 2025/04/15

Author name:	jnazario
Pulse modified:	2025-04-15 12:25:22.495000
Indicator created:	2025-04-15 12:25:23
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-15 12:00:00

[68078b34550a055556268289] 2025-04-22 12:27:32.763000 | VNC honeypot logs for 2025/04/22

Author name:	jnazario
Pulse modified:	2025-04-22 12:27:32.763000
Indicator created:	2025-04-22 12:27:33
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-22 12:00:00

[680a2e2fc4495453bbba04e5] 2025-04-24 12:27:27.618000 | VNC honeypot logs for 2025/04/24

Author name:	jnazario
Pulse modified:	2025-04-24 12:27:27.618000
Indicator created:	2025-04-24 12:27:28
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-24 12:00:00

Origin AS

AS215730 - H2NEXUS-AS

BGP Prefix

109.120.137.0/24

geo

Germany, Frankfurt am Main

🕑 Europe/Berlin

hostname

111777.h2.nexus

Address block ('inetnum' or 'NetRange' in whois database)

109.120.128.0 - 109.120.159.255

last_activity

2025-04-24 16:39:23.900000

reserved_range

0

Shodan's InternetDB

Open ports: 22, 80, 445, 3389, 5353

Tags: –

CPEs: cpe:/a:openresty:lua-nginx-module:1.27.1.1, cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:9.6p1

ts_added

2025-03-10 11:12:16.261000

ts_last_update

2025-05-15 11:12:20.314000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses