IP address

Search at other sites:

--208.91.189.38hosted-by.stealthrdp.com

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus XBL CBL

208.91.189.38 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-14 05:01:50.181000
Was present on blacklist at: 2025-12-14 05:01

DShield reports (IP summary, reports)

2025-12-13

Number of reports: 62

Distinct targets: 19

2025-12-14

Number of reports: 48

Distinct targets: 12

2025-12-16

Number of reports: 12

Distinct targets: 6

2025-12-17

Number of reports: 40

Distinct targets: 14

2025-12-18

Number of reports: 40

Distinct targets: 14

2025-12-19

Number of reports: 24

Distinct targets: 6

Origin AS

AS14315 - 1GSERVERS

BGP Prefix

208.91.189.0/24

geo

United States, Phoenix

🕑 America/Phoenix

hostname

hosted-by.stealthrdp.com

Address block ('inetnum' or 'NetRange' in whois database)

208.91.188.0 - 208.91.191.255

reserved_range

0

Shodan's InternetDB

Open ports: 22, 80, 3389

Tags: self-signed

CPEs: cpe:/a:openbsd:openssh:8.4p1, cpe:/o:debian:debian_linux, cpe:/o:linux:linux_kernel

ts_added

2025-12-14 05:01:50.007000

ts_last_update

2025-12-20 05:07:16.281000

Warden event timeline

DShield event timeline

Presence on blacklists