IP address

Search at other sites:

.037198.98.56.217

Shodan(more info)

Passive DNS

IP blacklists

UCEPROTECT L1

198.98.56.217 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-23 16:45:00.743000
Was present on blacklist at: 2026-03-17 00:45, 2026-03-17 08:45, 2026-03-17 16:45, 2026-03-18 00:45, 2026-03-18 08:45, 2026-03-18 16:45, 2026-03-19 00:45, 2026-03-19 08:45, 2026-03-19 16:45, 2026-03-20 00:45, 2026-03-20 08:45, 2026-03-20 16:45, 2026-03-21 00:45, 2026-03-21 08:45, 2026-03-21 16:45, 2026-03-22 00:45, 2026-03-22 08:45, 2026-03-22 16:45, 2026-03-23 00:45, 2026-03-23 08:45, 2026-03-23 16:45

Spamhaus XBL CBL

198.98.56.217 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-04-14 01:00:50.602000
Was present on blacklist at: 2026-03-17 01:00, 2026-03-31 01:00, 2026-04-07 01:00, 2026-04-14 01:00

AbuseIPDB

198.98.56.217 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-18 04:00:00.618000
Was present on blacklist at: 2026-03-28 05:00, 2026-03-31 04:00, 2026-04-05 04:00, 2026-04-06 04:00, 2026-04-09 04:00, 2026-04-10 04:00, 2026-04-11 04:00, 2026-04-12 04:00, 2026-04-13 04:00, 2026-04-15 04:00, 2026-04-16 04:00, 2026-04-17 04:00, 2026-04-18 04:00

Echelon admin panel hunt

198.98.56.217 is listed on the Echelon admin panel hunt blacklist.

Description: Scanning for administrative interfaces
Type of feed: primary (feed detail page)

Last checked at: 2026-04-12 09:05:01.752000
Was present on blacklist at: 2026-03-31 09:05, 2026-04-01 09:05, 2026-04-02 09:05, 2026-04-03 09:05, 2026-04-04 09:05, 2026-04-05 09:05, 2026-04-06 09:05, 2026-04-07 09:05, 2026-04-08 09:05, 2026-04-09 09:05, 2026-04-10 09:05, 2026-04-11 09:05, 2026-04-12 09:05

Echelon CMS enumeration

198.98.56.217 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-04-12 09:05:01.708000
Was present on blacklist at: 2026-03-31 09:05, 2026-04-01 09:05, 2026-04-02 09:05, 2026-04-03 09:05, 2026-04-04 09:05, 2026-04-05 09:05, 2026-04-06 09:05, 2026-04-08 09:05, 2026-04-09 09:05, 2026-04-10 09:05, 2026-04-11 09:05, 2026-04-12 09:05

Echelon TLS/SSL crawler

198.98.56.217 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-04-16 09:40:00.790000
Was present on blacklist at: 2026-03-31 09:40, 2026-04-01 09:40, 2026-04-02 09:40, 2026-04-03 09:40, 2026-04-04 09:40, 2026-04-05 09:40, 2026-04-06 09:40, 2026-04-07 09:40, 2026-04-08 09:40, 2026-04-09 09:40, 2026-04-10 09:40, 2026-04-11 09:40, 2026-04-12 09:40, 2026-04-14 09:40, 2026-04-15 09:40, 2026-04-16 09:40

Echelon web crawler

198.98.56.217 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-04-16 09:50:00.761000
Was present on blacklist at: 2026-03-31 09:50, 2026-04-01 09:50, 2026-04-02 09:50, 2026-04-03 09:50, 2026-04-04 09:50, 2026-04-05 09:50, 2026-04-06 09:50, 2026-04-07 09:50, 2026-04-08 09:50, 2026-04-09 09:50, 2026-04-10 09:50, 2026-04-11 09:50, 2026-04-12 09:50, 2026-04-14 09:50, 2026-04-15 09:50, 2026-04-16 09:50

Echelon WordPress enumeration

198.98.56.217 is listed on the Echelon WordPress enumeration blacklist.

Description: WordPress user and plugin enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-04-12 09:55:00.520000
Was present on blacklist at: 2026-03-31 09:55, 2026-04-01 09:55, 2026-04-02 09:55, 2026-04-03 09:55, 2026-04-04 09:55, 2026-04-05 09:55, 2026-04-06 09:55, 2026-04-07 09:55, 2026-04-08 09:55, 2026-04-09 09:55, 2026-04-10 09:55, 2026-04-11 09:55, 2026-04-12 09:55

CI Army

198.98.56.217 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-04-14 02:50:00.930000
Was present on blacklist at: 2026-04-09 02:50, 2026-04-10 02:50, 2026-04-11 02:50, 2026-04-12 02:50, 2026-04-13 02:50, 2026-04-14 02:50

Threat categories

TL	Role	Category	Details
56	src	scan
29	src	—

---

Warden events (35)

2026-04-12

ReconScanning (node.368407): 3

2026-04-11

ReconScanning (node.4dc198): 1

2026-04-04

ReconScanning (node.4dc198): 4

ReconScanning (node.368407): 3

AnomalyTraffic (node.6a1878): 1

2026-03-27

ReconScanning (node.709b07): 4

AttemptLogin (node.eef996): 1

AnomalyTraffic (node.6a1878): 9

ReconScanning (node.4dc198): 6

ReconScanning (node.368407): 2

ReconScanning (node.ce2b59): 1

DShield reports (IP summary, reports)

2026-03-23

Number of reports: 50

Distinct targets: 4

2026-03-24

Number of reports: 50

Distinct targets: 4

2026-03-27

Number of reports: 34

Distinct targets: 8

2026-03-30

Number of reports: 30

Distinct targets: 7

2026-03-31

Number of reports: 30

Distinct targets: 7

2026-04-03

Number of reports: 58

Distinct targets: 16

2026-04-04

Number of reports: 93

Distinct targets: 38

2026-04-05

Number of reports: 230

Distinct targets: 158

2026-04-06

Number of reports: 265

Distinct targets: 88

2026-04-07

Number of reports: 469

Distinct targets: 128

2026-04-08

Number of reports: 588

Distinct targets: 236

2026-04-09

Number of reports: 365

Distinct targets: 116

2026-04-10

Number of reports: 236

Distinct targets: 94

2026-04-11

Number of reports: 562

Distinct targets: 233

2026-04-12

Number of reports: 156

Distinct targets: 65

2026-04-13

Number of reports: 88

Distinct targets: 24

Origin AS

AS53667 - PONYNET

BGP Prefix

198.98.48.0/20

geo

United States, Staten Island

🕑 America/New_York

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

198.98.48.0 - 198.98.63.255

last_activity

2026-04-12 12:12:58

last_warden_event

2026-04-12 12:12:58

rep

0.036904761904761905

reserved_range

0

Shodan's InternetDB

Open ports: 9000

Tags: –

CPEs: –

ts_added

2026-03-17 01:00:48.108000

ts_last_update

2026-04-20 01:00:50.809000

Warden event timeline

DShield event timeline

Presence on blacklists