IP address

Search at other sites:
.000209.38.34.120
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
blocklist.de web-login
209.38.34.120 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-30 10:05:00.226000
Was present on blacklist at: 2025-03-28 17:05, 2025-03-28 23:05, 2025-03-29 05:05, 2025-03-29 11:05, 2025-03-29 17:05, 2025-03-29 23:05, 2025-03-30 04:05, 2025-03-30 10:05
blocklist.de Apache
209.38.34.120 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-30 10:05:05.271000
Was present on blacklist at: 2025-03-28 17:05, 2025-03-28 23:05, 2025-03-29 05:05, 2025-03-29 11:05, 2025-03-29 17:05, 2025-03-29 23:05, 2025-03-30 04:05, 2025-03-30 10:05
AbuseIPDB
209.38.34.120 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-03-29 05:00:00.527000
Was present on blacklist at: 2025-03-29 05:00
Turris greylist
209.38.34.120 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-30 21:15:00.177000
Was present on blacklist at: 2025-03-30 21:15
CI Army
209.38.34.120 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-04-03 02:50:01.099000
Was present on blacklist at: 2025-04-03 02:50
Spamhaus XBL CBL
209.38.34.120 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-02 11:36:20.355000
Was present on blacklist at: 2025-04-04 11:36
Warden events (43)
2025-04-02
ReconScanning (node.9c1411): 5
2025-04-01
ReconScanning (node.9c1411): 3
2025-03-29
ReconScanning (node.9c1411): 22
2025-03-28
ReconScanning (node.4dc198): 2
ReconScanning (node.9c1411): 11
DShield reports (IP summary, reports)
2025-03-28
Number of reports: 19
Distinct targets: 15
2025-03-29
Number of reports: 96
Distinct targets: 15
OTX pulses
[5a7e3e70c44e7b48947593a7] 2018-02-10 00:36:00.396000 | Webscanners 2018-02-09 thru current day
Author name:david3
Pulse modified:2025-04-28 03:55:23.750000
Indicator created:2025-03-29 05:05:27
Indicator role:scanning_host
Indicator title:404 NOT FOUND
Indicator expiration:2025-06-27 00:00:00
Origin AS
AS14061 - DIGITALOCEAN-ASN
BGP Prefix
209.38.32.0/20
geo
Netherlands, Amsterdam
🕑 Europe/Amsterdam
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
209.38.0.0 - 209.38.255.255
last_activity
2025-04-28 04:00:45.788000
last_warden_event
2025-04-02 07:42:19
rep
0.0
reserved_range
0
Shodan's InternetDB
Open ports: 21, 22, 26, 113, 444, 502, 541, 636, 832, 1433, 2222, 2323, 2626, 2628, 3100, 3114, 3121, 3128, 3131, 3404, 3542, 4040, 4433, 4445, 4502, 4506, 5001, 5002, 5005, 5007, 5009, 5237, 5238, 5432, 5601, 5603, 5801, 5900, 5901, 6001, 6006, 6601, 6633, 7403, 8001, 8009, 8022, 8039, 8114, 8116, 8139, 8200, 8343, 8504, 8724, 8812, 8823, 8824, 8830, 8843, 8915, 9002, 9134, 9200, 9244, 9333, 9418, 9926, 9944, 10001, 10002, 10031, 10243, 10909, 11434
Tags: cloud
CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.9p1
ts_added
2025-03-28 11:36:17.403000
ts_last_update
2025-05-03 11:36:20.266000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses