IP address

Search at other sites:

--8.138.39.231

Shodan(more info)

Passive DNS

IP blacklists

PSBL

8.138.39.231 is listed on the PSBL blacklist.

Description: The Passive Spam Block List uses the Spamikaze software to detect spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-06 15:45:00.552000
Was present on blacklist at: 2025-04-18 23:45, 2025-04-19 07:45, 2025-04-19 15:45, 2025-04-19 23:45, 2025-04-20 07:45, 2025-04-20 15:45, 2025-04-20 23:45, 2025-04-21 07:45, 2025-04-21 15:45, 2025-04-21 23:45, 2025-04-22 07:45, 2025-04-22 15:45, 2025-04-22 23:45, 2025-04-23 07:45, 2025-04-23 15:45, 2025-04-23 23:45, 2025-04-24 07:45, 2025-04-24 15:45, 2025-04-24 23:45, 2025-04-25 07:45, 2025-04-25 15:45, 2025-04-25 23:45, 2025-04-26 07:45, 2025-04-26 15:45, 2025-04-26 23:45, 2025-04-27 07:45, 2025-04-27 15:45, 2025-04-27 23:45, 2025-04-28 07:45, 2025-04-28 15:45, 2025-04-28 23:45, 2025-04-29 07:45, 2025-04-29 15:45, 2025-04-29 23:45, 2025-04-30 07:45, 2025-04-30 15:45, 2025-04-30 23:45, 2025-05-01 07:45, 2025-05-01 15:45, 2025-05-01 23:45, 2025-05-02 07:45, 2025-05-02 15:45, 2025-05-02 23:45, 2025-05-03 07:45, 2025-05-03 15:45, 2025-05-03 23:45, 2025-05-04 07:45, 2025-05-04 15:45, 2025-05-04 23:45, 2025-05-05 07:45, 2025-05-05 15:45, 2025-05-05 23:45, 2025-05-06 07:45, 2025-05-06 15:45

Spamhaus SBL CSS

8.138.39.231 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-02 23:53:33.448000
Was present on blacklist at: 2025-04-18 23:53

Spamhaus PBL

8.138.39.231 is listed on the Spamhaus PBL blacklist.

Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-02 23:53:33.448000
Was present on blacklist at: 2025-04-18 23:53, 2025-04-25 23:53, 2025-05-02 23:53

UCEPROTECT L1

8.138.39.231 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-25 15:45:00.653000
Was present on blacklist at: 2025-04-18 23:45, 2025-04-19 07:45, 2025-04-19 15:45, 2025-04-19 23:45, 2025-04-20 07:45, 2025-04-20 15:45, 2025-04-20 23:45, 2025-04-21 07:45, 2025-04-21 15:45, 2025-04-21 23:45, 2025-04-22 07:45, 2025-04-22 15:45, 2025-04-22 23:45, 2025-04-23 07:45, 2025-04-23 15:45, 2025-04-23 23:45, 2025-04-24 07:45, 2025-04-24 15:45, 2025-04-24 23:45, 2025-04-25 07:45, 2025-04-25 15:45

Origin AS

AS37963 - CNNIC-ALIBABA-CN-NET-AP

BGP Prefix

8.138.0.0/17

geo

China, Guangzhou

🕑 Asia/Shanghai

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

8.128.0.0 - 8.191.255.255

reserved_range

0

Shodan's InternetDB

Open ports: 22, 25, 37, 49, 110, 113, 135, 465, 515, 587, 805, 1027, 1177, 1190, 1364, 1433, 1444, 1833, 1957, 2002, 2031, 2065, 2067, 2121, 2345, 3002, 3050, 3127, 3154, 3268, 3269, 3306, 3402, 3551, 4321, 4369, 4437, 4506, 4899, 5006, 5025, 5222, 5227, 5243, 5268, 5984, 6006, 6543, 6697, 7774, 8009, 8048, 8087, 8108, 8155, 8315, 8388, 8440, 8448, 8789, 8818, 8834, 8880, 8891, 9058, 9063, 9070, 9100, 9157, 9159, 9230, 9243, 9444, 9513, 9600, 9876, 10909, 11112, 11211, 12107, 12108, 12158, 12162, 12177, 12192, 12311, 12327, 12340, 12354, 12568, 15044, 15082, 16007, 16054, 16080, 16081, 18033, 18034, 18075, 18104, 18556, 19014, 20107, 20256, 20512, 20547, 21100, 21242, 21443, 25001, 33060, 37777, 39022, 39522, 39622, 40001, 43322, 43822, 44622, 45786, 46922, 47122, 47222, 47522, 47622, 48722, 48822, 49222, 49501, 49622, 49822, 50010, 50222, 50422, 50722, 52122, 55554, 62016, 63210, 64295

Tags: cloud, self-signed, starttls, honeypot

CPEs: cpe:/a:openbsd:openssh:5.3, cpe:/a:mysql:mysql:5.7.44-log, cpe:/a:openbsd:openssh:X.X, cpe:/a:openbsd:openssh:6.6.1, cpe:/o:microsoft:windows, cpe:/a:apache:subversion, cpe:/a:openbsd:openssh:7.5, cpe:/o:hp:hp-ux, cpe:/a:openbsd:openssh:7.4, cpe:/a:realvnc:realvnc:::enterprise, cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.2p1

ts_added

2025-04-18 23:53:28.180000

ts_last_update

2025-05-06 15:55:45.705000

Warden event timeline

DShield event timeline

Presence on blacklists