IP address

Search at other sites:

.07138.242.206.168vmi2998908.contaboserver.net

Shodan(more info)

Passive DNS

IP blacklists

DataPlane TELNET login

38.242.206.168 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-15 11:10:05.672000
Was present on blacklist at: 2026-01-08 07:10, 2026-01-08 15:10, 2026-01-08 19:10, 2026-01-08 23:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 11:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-09 23:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 11:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-10 23:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 11:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-11 23:10, 2026-01-12 03:10, 2026-01-12 07:10, 2026-01-12 11:10, 2026-01-12 15:10, 2026-01-12 19:10, 2026-01-12 23:10, 2026-01-13 03:10, 2026-01-13 07:10, 2026-01-13 11:10, 2026-01-13 15:10, 2026-01-13 19:10, 2026-01-13 23:10, 2026-01-14 03:10, 2026-01-14 07:10, 2026-01-14 11:10, 2026-01-14 15:10, 2026-01-14 19:10, 2026-01-14 23:10, 2026-01-15 03:10, 2026-01-15 07:10, 2026-01-15 11:10

CI Army

38.242.206.168 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-01-12 03:50:01.207000
Was present on blacklist at: 2026-01-09 03:50, 2026-01-10 03:50, 2026-01-11 03:50, 2026-01-12 03:50

AbuseIPDB

38.242.206.168 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-01-09 05:00:00.743000
Was present on blacklist at: 2026-01-09 05:00

Turris greylist

38.242.206.168 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-10 22:15:00.118000
Was present on blacklist at: 2026-01-09 22:15, 2026-01-10 22:15

Spamhaus XBL CBL

38.242.206.168 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-15 04:35:30.306000
Was present on blacklist at: 2026-01-15 04:35

Warden events (141083)

2026-01-09

IntrusionUserCompromise (node.cfb4f7): 70814

2026-01-08

IntrusionUserCompromise (node.cfb4f7): 70269

DShield reports (IP summary, reports)

2026-01-08

Number of reports: 410

Distinct targets: 84

2026-01-09

Number of reports: 169

Distinct targets: 33

Origin AS

AS51167 - CONTABO

BGP Prefix

38.242.192.0/19

geo

France, Lauterbourg

🕑 Europe/Paris

hostname

vmi2998908.contaboserver.net

Address block ('inetnum' or 'NetRange' in whois database)

38.0.0.0 - 38.255.255.255

last_activity

2026-01-09 07:29:46

last_warden_event

2026-01-09 07:29:46

rep

0.07142857142857142

reserved_range

0

Shodan's InternetDB

Open ports: 22, 80, 8080

Tags: eol-product

CPEs: cpe:/a:openbsd:openssh:9.6p1, cpe:/o:canonical:ubuntu_linux, cpe:/a:golang:go, cpe:/a:caddyserver:caddy, cpe:/o:linux:linux_kernel, cpe:/a:f5:nginx:1.24.0

ts_added

2026-01-08 04:35:24.731000

ts_last_update

2026-01-15 12:07:29.440000

Warden event timeline

DShield event timeline

Presence on blacklists