IP address

Search at other sites:

--213.209.143.24

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus SBL

213.209.143.24 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-06-27 12:27:10.460000
Was present on blacklist at: 2025-05-30 12:27, 2025-06-06 12:27, 2025-06-13 12:27, 2025-06-20 12:27, 2025-06-27 12:27

Spamhaus DROP

213.209.143.24 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-06-27 12:27:10.460000
Was present on blacklist at: 2025-05-30 12:27, 2025-06-06 12:27, 2025-06-13 12:27, 2025-06-20 12:27, 2025-06-27 12:27

DShield Block

213.209.143.24 is listed on the DShield Block blacklist.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2025-06-29 04:50:00
Was present on blacklist at: 2025-05-30 04:50, 2025-05-31 04:50, 2025-06-01 04:50, 2025-06-02 04:50, 2025-06-03 04:50, 2025-06-04 04:50, 2025-06-05 04:50, 2025-06-07 04:50, 2025-06-08 04:50, 2025-06-09 04:50, 2025-06-11 04:50, 2025-06-12 04:50, 2025-06-13 04:50, 2025-06-14 04:50, 2025-06-15 04:50, 2025-06-16 04:50, 2025-06-17 04:50, 2025-06-19 04:50, 2025-06-20 04:50, 2025-06-21 04:50, 2025-06-22 04:50, 2025-06-23 04:50, 2025-06-24 04:50, 2025-06-25 04:50, 2025-06-26 04:50, 2025-06-27 04:50, 2025-06-29 04:50

OTX pulses

[6839003a3028827e1ebbfb1a] 2025-05-30 00:47:54.159000 | Tracking LummaC2 Infrastructure with Cats

Author name:	AlienVault
Pulse modified:	2025-05-30 08:42:53.660000
Indicator created:	2025-05-30 00:47:55
Indicator role:	None
Indicator title:
Indicator expiration:	2025-06-29 00:00:00

Origin AS

AS214943 - RAILNET

AS42821 - RAPIDNET-DE

BGP Prefix

213.209.143.0/24

geo

Germany

🕑 Europe/Berlin

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

213.209.128.0 - 213.209.159.255

last_activity

2025-05-30 12:27:05.199000

reserved_range

0

Shodan's InternetDB

Open ports: 21, 80, 443, 445, 8000, 8080

Tags: self-signed

CPEs: cpe:/a:openssl:openssl:3.1.3, cpe:/a:python:python, cpe:/a:apache:http_server:2.4.58, cpe:/a:jquery:jquery:1.10.2, cpe:/a:php:php:8.2.12, cpe:/a:encode:uvicorn

ts_added

2025-05-30 12:27:05.205000

ts_last_update

2025-06-29 12:27:10.185000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses