IP address

Search at other sites:

.238138.68.132.19

Shodan(more info)

Passive DNS

IP blacklists

CI Army

138.68.132.19 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-04 02:50:01.123000
Was present on blacklist at: 2025-04-28 02:50, 2025-04-29 02:50, 2025-04-30 02:50, 2025-05-01 02:50, 2025-05-02 02:50, 2025-05-03 02:50, 2025-05-04 02:50

UCEPROTECT L1

138.68.132.19 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-04 07:45:00.572000
Was present on blacklist at: 2025-04-28 07:45, 2025-04-28 15:45, 2025-04-28 23:45, 2025-04-29 07:45, 2025-04-29 15:45, 2025-04-29 23:45, 2025-04-30 07:45, 2025-04-30 15:45, 2025-04-30 23:45, 2025-05-01 07:45, 2025-05-01 15:45, 2025-05-01 23:45, 2025-05-02 07:45, 2025-05-02 15:45, 2025-05-02 23:45, 2025-05-03 07:45, 2025-05-03 15:45, 2025-05-03 23:45, 2025-05-04 07:45

AbuseIPDB

138.68.132.19 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-04-30 04:00:00.787000
Was present on blacklist at: 2025-04-29 04:00, 2025-04-30 04:00

Turris greylist

138.68.132.19 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-30 21:15:00.191000
Was present on blacklist at: 2025-04-30 21:15

Spamhaus XBL CBL

138.68.132.19 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-04 07:42:50.068000
Was present on blacklist at: 2025-05-04 07:42

Warden events (448)

2025-04-30

ReconScanning (node.368407): 2

ReconScanning (node.4dc198): 2

2025-04-29

ReconScanning (node.4dc198): 153

ReconScanning (node.368407): 6

2025-04-28

ReconScanning (node.4dc198): 139

ReconScanning (node.368407): 14

2025-04-27

ReconScanning (node.4dc198): 124

ReconScanning (node.368407): 8

DShield reports (IP summary, reports)

2025-04-27

Number of reports: 206

Distinct targets: 145

2025-04-28

Number of reports: 248

Distinct targets: 175

2025-04-29

Number of reports: 220

Distinct targets: 150

Origin AS

AS14061 - DIGITALOCEAN-ASN

BGP Prefix

138.68.128.0/20

geo

United Kingdom, Slough

🕑 Europe/London

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

138.68.0.0 - 138.68.255.255

last_activity

2025-04-30 00:03:59

last_warden_event

2025-04-30 00:03:59

rep

0.23839285714285716

reserved_range

0

ts_added

2025-04-27 07:42:48.810000

ts_last_update

2025-05-04 07:50:38.511000

Warden event timeline

DShield event timeline

Presence on blacklists