IP address

Search at other sites:

--38.242.140.17vmi2842515.contaboserver.net

Shodan(more info)

Passive DNS

IP blacklists

DataPlane TELNET login

38.242.140.17 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-20 15:10:03.329000
Was present on blacklist at: 2025-12-13 23:10, 2025-12-14 03:10, 2025-12-14 07:10, 2025-12-14 11:10, 2025-12-14 15:10, 2025-12-14 19:10, 2025-12-14 23:10, 2025-12-15 03:10, 2025-12-15 07:10, 2025-12-15 11:10, 2025-12-15 15:10, 2025-12-15 19:10, 2025-12-15 23:10, 2025-12-16 03:10, 2025-12-16 07:10, 2025-12-16 11:10, 2025-12-16 15:10, 2025-12-16 19:10, 2025-12-16 23:10, 2025-12-17 03:10, 2025-12-17 07:10, 2025-12-17 11:10, 2025-12-17 15:10, 2025-12-17 19:10, 2025-12-17 23:10, 2025-12-18 03:10, 2025-12-18 07:10, 2025-12-18 11:10, 2025-12-18 15:10, 2025-12-18 19:10, 2025-12-18 23:10, 2025-12-19 03:10, 2025-12-19 07:10, 2025-12-19 11:10, 2025-12-19 15:10, 2025-12-19 19:10, 2025-12-19 23:10, 2025-12-20 03:10, 2025-12-20 07:10, 2025-12-20 11:10, 2025-12-20 15:10

CI Army

38.242.140.17 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-12-18 03:50:00.848000
Was present on blacklist at: 2025-12-15 03:50, 2025-12-16 03:50, 2025-12-17 03:50, 2025-12-18 03:50

AbuseIPDB

38.242.140.17 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-12-15 05:00:00.709000
Was present on blacklist at: 2025-12-15 05:00

Turris greylist

38.242.140.17 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-16 22:15:00.144000
Was present on blacklist at: 2025-12-15 22:15, 2025-12-16 22:15

DShield reports (IP summary, reports)

2025-12-13

Number of reports: 24

Distinct targets: 9

2025-12-14

Number of reports: 33

Distinct targets: 16

2025-12-15

Number of reports: 15

Distinct targets: 8

OTX pulses

[602bc528f447d628d41494f2] 2021-02-16 13:14:16.945000 | Ka's Honeypot visitors

Author name:	Kapppppa
Pulse modified:	2025-12-20 11:51:35.860000
Indicator created:	2025-12-14 14:55:50
Indicator role:	bruteforce
Indicator title:	Telnet Login attempt
Indicator expiration:	2026-01-13 14:00:00

Origin AS

AS51167 - CONTABO

BGP Prefix

38.242.136.0/21

geo

France, Lauterbourg

🕑 Europe/Paris

hostname

vmi2842515.contaboserver.net

Address block ('inetnum' or 'NetRange' in whois database)

38.0.0.0 - 38.255.255.255

last_activity

2025-12-20 12:39:54.771000

reserved_range

0

Shodan's InternetDB

Open ports: 22, 443, 5000, 5432

Tags: database, eol-product

CPEs: cpe:/a:nodejs:node.js, cpe:/o:linux:linux_kernel, cpe:/a:openbsd:openssh:9.6p1, cpe:/a:postgresql:postgresql, cpe:/a:f5:nginx:1.24.0, cpe:/o:canonical:ubuntu_linux

ts_added

2025-12-13 23:52:36.601000

ts_last_update

2025-12-20 15:53:40.299000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses