109.236.94.58 Threat Intelligence and Host Information

Aug 27, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 109.236.94.58 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 39/100

Host and Network Information

  • Tags: cisco, cowrie, dionaea, email, heralding, honeytrap, LAMP, mailoney, malicious, sentrypeer, sftp, sip, ssh, tanner

  • View other sources: Spamhaus VirusTotal

  • Country: Netherlands
  • Network:
  • Noticed: 2 times
  • Protocols Attacked: Anonymous Proxy
  • Passive DNS Results: www.109-236-94-58.cprapid.com 109-236-94-58.cprapid.com

Open Ports Detected

10050 11000 11001 11082 11110 11111 11112 11210 11211 11288 11300 11371 11434 11601 11701 12000 12001 12019 12082 12084 12101 12103 12107 12110 12114 12121 12122 12130 12132 12133 12142 12151 12152 12160 12162 12172 12173 12175 12176 12177 12180 12181 12184 12186 12188 12198 12201 12211 12213 12218 12219 12227 12232 12237 12244 12247 12249 12254 12258 12266 12269 12272 12274 12276 12281 12282 12294 12297 12316 12322 12324 12328 12329 12331 12335 12340 12344 12345 12349 12352 12360 12361 12365 12366 12374 12376 12379 12380 12381 12382 12389 12400 12403 12404 12411 12414 12426 12431 12435 12438 12439 12440 12442 12443 12452 12456 12458 12459 12465 12467 12469 12470 12472 12476 12478 12484 12500 12510 12515 12521 12531 12533 12537 12539 12541 12543 12547 12548 12557 12558 12560 12561 12562 12567 12569 12576 12577 12582 12583 13082 13228 13333 13579 13780 14084 14147 14182 14265 14344 14404 14406 15038 15504 161 22 4150 80 8100 91 9111

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

  • inetnum: 109.236.94.0 - 109.236.94.255
  • netname: WORLDSTREAM
  • descr: WorldStream IPv4.37
  • country: NL
  • admin-c: WS1670-RIPE
  • tech-c: WS1670-RIPE
  • status: ASSIGNED PA
  • mnt-by: MNT-WORLDSTREAM
  • created: 2012-08-20T09:28:14Z
  • last-modified: 2012-08-20T09:28:14Z
  • role: WORLDSTREAM DBM
  • address: Industriestraat 24
  • address: 2671CT NAALDWIJK
  • address: The Netherlands
  • phone: +31174712117
  • abuse-mailbox: abuse@worldstream.nl
  • admin-c: DV1495-RIPE
  • tech-c: DV1495-RIPE
  • nic-hdl: WS1670-RIPE
  • mnt-by: MNT-WORLDSTREAM
  • created: 2008-05-15T09:52:38Z
  • last-modified: 2013-08-20T11:17:59Z
  • route: 109.236.94.0/24
  • origin: AS49981
  • mnt-by: MNT-WORLDSTREAM
  • created: 2022-11-18T15:37:52Z
  • last-modified: 2022-11-18T15:37:52Z

Links to attack logs

anonymous-proxy-ip-list-2025-08-26

Share on: