IP address

Search at other sites:

--38.210.213.237

Shodan(more info)

Passive DNS

IP blacklists

UCEPROTECT L1

38.210.213.237 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-10-13 23:45:00.502000
Was present on blacklist at: 2025-09-26 23:45, 2025-09-27 07:45, 2025-09-27 15:45, 2025-09-27 23:45, 2025-09-28 07:45, 2025-09-28 15:45, 2025-09-28 23:45, 2025-09-29 07:45, 2025-09-29 15:45, 2025-09-29 23:45, 2025-09-30 07:45, 2025-09-30 15:45, 2025-09-30 23:45, 2025-10-01 07:45, 2025-10-01 15:45, 2025-10-01 23:45, 2025-10-02 07:45, 2025-10-02 15:45, 2025-10-02 23:45, 2025-10-03 07:45, 2025-10-03 15:45, 2025-10-03 23:45, 2025-10-04 07:45, 2025-10-04 15:45, 2025-10-04 23:45, 2025-10-05 07:45, 2025-10-05 15:45, 2025-10-05 23:45, 2025-10-06 07:45, 2025-10-06 15:45, 2025-10-06 23:45, 2025-10-07 07:45, 2025-10-11 15:45, 2025-10-11 23:45, 2025-10-12 07:45, 2025-10-12 15:45, 2025-10-12 23:45, 2025-10-13 07:45, 2025-10-13 15:45, 2025-10-13 23:45

DataPlane SSH login

38.210.213.237 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-10-06 06:10:01.704000
Was present on blacklist at: 2025-09-29 14:10, 2025-09-29 18:10, 2025-09-30 02:10, 2025-09-30 06:10, 2025-09-30 14:10, 2025-09-30 18:10, 2025-10-01 02:10, 2025-10-01 06:10, 2025-10-01 14:10, 2025-10-01 18:10, 2025-10-02 02:10, 2025-10-02 14:10, 2025-10-02 18:10, 2025-10-03 02:10, 2025-10-03 06:10, 2025-10-03 14:10, 2025-10-03 18:10, 2025-10-04 02:10, 2025-10-04 06:10, 2025-10-04 14:10, 2025-10-05 06:10, 2025-10-05 14:10, 2025-10-06 06:10

OTX pulses

[68dbcce53b44a22459b30f1e] 2025-09-30 12:28:21.225000 | RDP honeypot logs for 2025/09/30

Author name:	jnazario
Pulse modified:	2025-09-30 12:28:21.225000
Indicator created:	2025-09-30 12:28:22
Indicator role:	None
Indicator title:
Indicator expiration:	2025-10-30 12:00:00

Origin AS

AS53107 -

BGP Prefix

38.210.212.0/23

geo

Brazil

🕑 America/Sao_Paulo

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

38.0.0.0 - 38.255.255.255

last_activity

2025-09-30 16:26:31.034000

reserved_range

0

Shodan's InternetDB

Open ports: 22, 80, 443, 3111, 3306, 5432, 5435, 8008, 8080, 8181, 8443, 9100, 9191, 27017

Tags: self-signed, eol-product, database

CPEs: cpe:/a:python:python, cpe:/a:f5:nginx, cpe:/a:grafana:grafana:11.4.0, cpe:/a:jquery:jquery, cpe:/a:gunicorn:gunicorn, cpe:/a:mongodb:mongodb:8.0.4, cpe:/a:getbootstrap:bootstrap:3, cpe:/a:openbsd:openssh:8.2p1, cpe:/a:postgresql:postgresql, cpe:/a:openssl:openssl:3.0.13, cpe:/a:mariadb:mariadb:10.6.21-MariaDB-ubu2004, cpe:/a:apache:airflow:2.10.5, cpe:/a:select2:select2, cpe:/o:canonical:ubuntu_linux

ts_added

2025-09-27 00:00:21.317000

ts_last_update

2025-10-14 01:52:59.801000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses