IP address

Search at other sites:
--213.209.143.37
Shodan(more info)
Passive DNS
Tags:
IP blacklists
Spamhaus SBL
213.209.143.37 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-15 16:38:20.507000
Was present on blacklist at: 2025-11-17 16:38, 2025-11-24 16:38, 2025-12-01 16:38, 2025-12-08 16:38, 2025-12-15 16:38
Spamhaus DROP
213.209.143.37 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-15 16:38:20.507000
Was present on blacklist at: 2025-11-17 16:38, 2025-11-24 16:38, 2025-12-01 16:38, 2025-12-08 16:38, 2025-12-15 16:38
DShield Block
213.209.143.37 was recently listed on the DShield Block blacklist, but currently it is not.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2025-12-19 04:50:00
Was present on blacklist at: 2025-11-27 04:50, 2025-11-30 04:50, 2025-12-07 04:50, 2025-12-08 04:50, 2025-12-09 04:50, 2025-12-10 04:50
OTX pulses
[691b2210c9f33b14d984da41] 2025-11-17 13:24:32.450000 | Apache honeypot logs for 17/Nov/2025
Author name:jnazario
Pulse modified:2025-11-17 13:24:32.450000
Indicator created:2025-11-17 13:24:33
Indicator role:None
Indicator title:
Indicator expiration:2025-12-17 13:00:00
[691dd31756503929f172d3f5] 2025-11-19 14:24:23.539000 | Bot samples from an HTTP honeypot
Author name:jnazario
Pulse modified:2025-11-19 14:24:23.539000
Indicator created:2025-11-19 14:24:25
Indicator role:None
Indicator title:
Indicator expiration:2025-12-19 14:00:00
Origin AS
AS214943 - RAILNET
AS42821 - RAPIDNET-DE
BGP Prefix
213.209.143.0/24
geo
Germany
🕑 Europe/Berlin
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
213.209.128.0 - 213.209.159.255
last_activity
2025-11-19 16:37:20.461000
reserved_range
0
Shodan's InternetDB
Open ports: 22
Tags:
CPEs: cpe:/a:openbsd:openssh:8.0
ts_added
2025-11-17 16:38:18.857000
ts_last_update
2025-12-19 16:38:20.211000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses