IP address

Search at other sites:

--121.187.22.38

Shodan(more info)

Passive DNS

IP blacklists

DataPlane TELNET login

121.187.22.38 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-10 23:10:04.213000
Was present on blacklist at: 2026-01-03 11:10, 2026-01-03 15:10, 2026-01-03 19:10, 2026-01-03 23:10, 2026-01-04 03:10, 2026-01-04 07:10, 2026-01-04 11:10, 2026-01-04 15:10, 2026-01-04 19:10, 2026-01-04 23:10, 2026-01-05 03:10, 2026-01-05 07:10, 2026-01-05 11:10, 2026-01-05 15:10, 2026-01-05 19:10, 2026-01-05 23:10, 2026-01-06 03:10, 2026-01-06 11:10, 2026-01-06 15:10, 2026-01-06 19:10, 2026-01-06 23:10, 2026-01-07 03:10, 2026-01-07 07:10, 2026-01-07 11:10, 2026-01-07 15:10, 2026-01-07 19:10, 2026-01-07 23:10, 2026-01-08 03:10, 2026-01-08 07:10, 2026-01-08 11:10, 2026-01-08 15:10, 2026-01-08 19:10, 2026-01-08 23:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 11:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-09 23:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 11:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-10 23:10

Spamhaus SBL CSS

121.187.22.38 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-10 11:16:51.153000
Was present on blacklist at: 2026-01-03 11:16

Spamhaus XBL CBL

121.187.22.38 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-10 11:16:51.153000
Was present on blacklist at: 2026-01-03 11:16

Origin AS

AS4766 - KIXS-AS-KR KIXS-AS-KR-KR

BGP Prefix

121.184.0.0/13

geo

South Korea, Bupyeong-gu

🕑 Asia/Seoul

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

121.160.0.0 - 121.191.255.255

reserved_range

0

Shodan's InternetDB

Open ports: 22, 9000

Tags: –

CPEs: cpe:/o:linux:linux_kernel

ts_added

2026-01-03 11:16:43.720000

ts_last_update

2026-01-13 11:16:51.262000

Warden event timeline

DShield event timeline

Presence on blacklists