IP address

Search at other sites:

.03858.20.243.15

Shodan(more info)

Passive DNS

IP blacklists

CI Army

58.20.243.15 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-06 02:50:01.028000
Was present on blacklist at: 2025-02-07 03:50, 2025-02-08 03:50, 2025-02-09 03:50, 2025-02-22 03:50, 2025-02-24 03:50, 2025-02-28 03:50, 2025-03-01 03:50, 2025-03-02 03:50, 2025-03-04 03:50, 2025-03-06 03:50, 2025-03-07 03:50, 2025-03-09 03:50, 2025-03-14 03:50, 2025-03-15 03:50, 2025-03-17 03:50, 2025-03-18 03:50, 2025-03-21 03:50, 2025-03-22 03:50, 2025-03-23 03:50, 2025-03-24 03:50, 2025-03-25 03:50, 2025-03-27 03:50, 2025-03-29 03:50, 2025-03-30 02:50, 2025-04-02 02:50, 2025-04-06 02:50, 2025-04-07 02:50, 2025-04-08 02:50, 2025-04-09 02:50, 2025-04-11 02:50, 2025-04-12 02:50, 2025-04-14 02:50, 2025-04-15 02:50, 2025-04-16 02:50, 2025-04-18 02:50, 2025-04-20 02:50, 2025-04-21 02:50, 2025-04-22 02:50, 2025-04-23 02:50, 2025-04-24 02:50, 2025-04-26 02:50, 2025-04-28 02:50, 2025-04-30 02:50, 2025-05-03 02:50, 2025-05-05 02:50, 2025-05-06 02:50

Warden events (66)

2025-05-01

ReconScanning (node.368407): 1

2025-04-25

ReconScanning (node.368407): 1

2025-04-23

ReconScanning (node.368407): 1

2025-04-21

ReconScanning (node.368407): 1

2025-04-19

ReconScanning (node.368407): 1

2025-04-17

ReconScanning (node.368407): 1

2025-04-14

ReconScanning (node.368407): 1

2025-04-12

ReconScanning (node.368407): 1

2025-04-08

ReconScanning (node.368407): 1

2025-04-07

ReconScanning (node.368407): 13

2025-04-04

ReconScanning (node.368407): 1

2025-04-02

ReconScanning (node.368407): 2

2025-04-01

ReconScanning (node.4dc198): 2

2025-03-29

ReconScanning (node.368407): 1

2025-03-27

ReconScanning (node.368407): 1

2025-03-26

ReconScanning (node.368407): 1

2025-03-23

ReconScanning (node.368407): 1

2025-03-22

ReconScanning (node.368407): 15

2025-03-13

ReconScanning (node.4dc198): 2

2025-03-11

ReconScanning (node.368407): 1

2025-03-08

ReconScanning (node.368407): 1

2025-03-02

ReconScanning (node.368407): 1

2025-02-28

ReconScanning (node.4dc198): 2

ReconScanning (node.368407): 1

2025-02-25

ReconScanning (node.368407): 1

2025-02-23

ReconScanning (node.368407): 2

2025-02-18

ReconScanning (node.368407): 2

2025-02-17

ReconScanning (node.368407): 1

2025-02-15

ReconScanning (node.368407): 1

ReconScanning (node.4dc198): 2

2025-02-06

ReconScanning (node.4dc198): 2

2025-02-05

ReconScanning (node.368407): 1

DShield reports (IP summary, reports)

2025-04-21

Number of reports: 26

Distinct targets: 5

Origin AS

AS4837 - CHINA169-Backbone

BGP Prefix

58.20.0.0/16

geo

China, Changsha

🕑 Asia/Shanghai

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

58.20.0.0 - 58.20.255.255

last_activity

2025-05-01 18:44:11

last_warden_event

2025-05-01 18:44:11

rep

0.03809523809523809

reserved_range

0

Shodan's InternetDB

Open ports: 21, 80, 500, 2121, 2222, 5222, 5555, 7777, 8010, 8083, 8086, 8089, 8099, 9091, 9998, 9999, 10000

Tags: self-signed, eol-product, scanner, starttls, vpn

CPEs: cpe:/o:microsoft:windows, cpe:/a:f5:nginx:1.9.9, cpe:/a:f5:nginx, cpe:/a:openbsd:openssh:7.4, cpe:/a:f5:nginx:1.23.3, cpe:/a:eclipse:jetty:9.4.49, cpe:/a:f5:nginx:1.20.2

ts_added

2024-07-08 20:32:26.669000

ts_last_update

2025-05-06 02:53:40.104000

Warden event timeline

DShield event timeline

Presence on blacklists