IP address

Passive DNS

Tags:

IP blacklists

Spamhaus SBL

158.94.208.129 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-10-09 14:43:46.768000
Was present on blacklist at: 2025-09-18 14:30, 2025-09-25 14:30, 2025-10-02 14:30, 2025-10-09 14:43

Spamhaus XBL CBL

158.94.208.129 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-10-09 14:43:46.768000
Was present on blacklist at: 2025-09-18 14:30, 2025-09-25 14:30, 2025-10-02 14:30, 2025-10-09 14:43

Spamhaus DROP

158.94.208.129 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-10-09 14:43:46.768000
Was present on blacklist at: 2025-09-18 14:30, 2025-09-25 14:30, 2025-10-02 14:30, 2025-10-09 14:43

Blocklist.net.ua

158.94.208.129 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks,<br>send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2025-10-14 14:15:06.155000
Was present on blacklist at: 2025-09-19 18:15, 2025-09-19 22:15, 2025-09-20 02:15, 2025-09-20 06:15, 2025-09-20 10:15, 2025-09-20 14:15, 2025-09-20 18:15, 2025-09-20 22:15, 2025-09-21 02:15, 2025-09-21 06:15, 2025-09-21 10:15, 2025-09-21 14:15, 2025-09-21 18:15, 2025-09-21 22:15, 2025-09-22 02:15, 2025-09-22 06:15, 2025-09-22 10:15, 2025-09-22 14:15, 2025-09-22 18:15, 2025-09-22 22:15, 2025-09-23 02:15, 2025-09-23 06:15, 2025-09-23 10:15, 2025-09-23 14:15, 2025-09-23 18:15, 2025-09-23 22:15, 2025-09-24 02:15, 2025-09-24 06:15, 2025-09-24 10:15, 2025-09-24 14:15, 2025-09-24 18:15, 2025-09-24 22:15, 2025-09-25 02:15, 2025-09-25 06:15, 2025-09-25 10:15, 2025-09-25 14:15, 2025-09-25 18:15, 2025-09-25 22:15, 2025-09-26 02:15, 2025-09-26 06:15, 2025-09-26 10:15, 2025-09-26 14:15, 2025-09-26 18:15, 2025-09-26 22:15, 2025-09-27 02:15, 2025-09-27 06:15, 2025-09-27 10:15, 2025-09-27 14:15, 2025-09-27 18:15, 2025-09-27 22:15, 2025-09-28 02:15, 2025-09-28 06:15, 2025-09-28 10:15, 2025-09-28 14:15, 2025-09-28 18:15, 2025-09-28 22:15, 2025-09-29 02:15, 2025-09-29 06:15, 2025-09-29 10:15, 2025-09-29 14:15, 2025-09-29 18:15, 2025-09-29 22:15, 2025-09-30 02:15, 2025-09-30 06:15, 2025-09-30 10:15, 2025-09-30 14:15, 2025-09-30 18:15, 2025-09-30 22:15, 2025-10-01 02:15, 2025-10-01 06:15, 2025-10-01 10:15, 2025-10-01 14:15, 2025-10-01 18:15, 2025-10-01 22:15, 2025-10-02 02:15, 2025-10-02 06:15, 2025-10-02 10:15, 2025-10-02 14:15, 2025-10-02 18:15, 2025-10-02 22:15, 2025-10-03 02:15, 2025-10-03 06:15, 2025-10-03 10:15, 2025-10-03 14:15, 2025-10-03 18:15, 2025-10-03 22:15, 2025-10-04 02:15, 2025-10-04 06:15, 2025-10-04 10:15, 2025-10-04 14:15, 2025-10-04 22:15, 2025-10-05 06:15, 2025-10-05 14:15, 2025-10-05 22:15, 2025-10-06 06:15, 2025-10-06 14:15, 2025-10-06 22:15, 2025-10-07 06:15, 2025-10-07 14:15, 2025-10-07 22:15, 2025-10-08 10:15, 2025-10-08 14:15, 2025-10-08 22:15, 2025-10-09 06:15, 2025-10-09 10:15, 2025-10-09 14:15, 2025-10-09 22:15, 2025-10-10 06:15, 2025-10-10 14:15, 2025-10-10 22:15, 2025-10-11 06:15, 2025-10-11 14:15, 2025-10-11 22:15, 2025-10-12 06:15, 2025-10-12 14:15, 2025-10-12 22:15, 2025-10-13 06:15, 2025-10-13 10:15, 2025-10-13 14:15, 2025-10-13 22:15, 2025-10-14 06:15, 2025-10-14 14:15

Turris greylist

158.94.208.129 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-10-10 21:15:00.149000
Was present on blacklist at: 2025-09-20 21:15, 2025-09-21 21:15, 2025-09-22 21:15, 2025-09-23 21:15, 2025-09-24 21:15, 2025-09-25 21:15, 2025-09-26 21:15, 2025-09-27 21:15, 2025-09-28 21:15, 2025-09-29 21:15, 2025-09-30 21:15, 2025-10-01 21:15, 2025-10-02 21:15, 2025-10-03 21:15, 2025-10-04 21:15, 2025-10-05 21:15, 2025-10-06 21:15, 2025-10-07 21:15, 2025-10-08 21:15, 2025-10-09 21:15, 2025-10-10 21:15

Spamhaus SBL CSS

158.94.208.129 is listed on the Spamhaus SBL CSS blacklist.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-10-09 14:43:46.768000
Was present on blacklist at: 2025-09-25 14:30, 2025-10-02 14:30, 2025-10-09 14:43

Warden events (217587)

2025-10-09: IntrusionUserCompromise (node.cfb4f7): 4572
2025-10-08: IntrusionUserCompromise (node.cfb4f7): 46115; ReconScanning (node.9c1411): 86
2025-10-07: IntrusionUserCompromise (node.cfb4f7): 15303; ReconScanning (node.9c1411): 90
2025-10-06: IntrusionUserCompromise (node.cfb4f7): 14900; ReconScanning (node.9c1411): 77
2025-10-05: IntrusionUserCompromise (node.cfb4f7): 13767; ReconScanning (node.9c1411): 76
2025-10-04: IntrusionUserCompromise (node.cfb4f7): 13411; ReconScanning (node.9c1411): 69
2025-10-03: IntrusionUserCompromise (node.cfb4f7): 7372; ReconScanning (node.9c1411): 72
2025-10-02: IntrusionUserCompromise (node.cfb4f7): 5596; ReconScanning (node.9c1411): 86
2025-10-01: IntrusionUserCompromise (node.cfb4f7): 5491; ReconScanning (node.9c1411): 82
2025-09-30: IntrusionUserCompromise (node.cfb4f7): 5713; ReconScanning (node.9c1411): 80
2025-09-29: IntrusionUserCompromise (node.cfb4f7): 5338; ReconScanning (node.9c1411): 77
2025-09-28: IntrusionUserCompromise (node.cfb4f7): 4907; ReconScanning (node.9c1411): 77
2025-09-27: IntrusionUserCompromise (node.cfb4f7): 5045; ReconScanning (node.9c1411): 74
2025-09-26: IntrusionUserCompromise (node.cfb4f7): 7056; ReconScanning (node.9c1411): 78
2025-09-25: IntrusionUserCompromise (node.cfb4f7): 8460; ReconScanning (node.9c1411): 79
2025-09-24: IntrusionUserCompromise (node.cfb4f7): 8497; ReconScanning (node.9c1411): 74
2025-09-23: IntrusionUserCompromise (node.cfb4f7): 8498; ReconScanning (node.9c1411): 83
2025-09-22: IntrusionUserCompromise (node.cfb4f7): 10550; ReconScanning (node.9c1411): 82
2025-09-21: IntrusionUserCompromise (node.cfb4f7): 12394; ReconScanning (node.9c1411): 78
2025-09-20: IntrusionUserCompromise (node.cfb4f7): 10627; ReconScanning (node.9c1411): 22
2025-09-19: IntrusionUserCompromise (node.cfb4f7): 2402; ReconScanning (node.4dc198): 6; ReconScanning (node.368407): 5
2025-09-18: IntrusionUserCompromise (node.cfb4f7): 120

Origin AS: AS209800 - metaspinner-asn
BGP Prefix: 158.94.208.0/22
geo: United States; 🕑 America/Chicago
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 158.94.0.0 - 158.94.255.255
last_activity: 2025-10-09 01:26:31
last_warden_event: 2025-10-09 01:26:31
rep: 0.29999999999999993
reserved_range: 0
Shodan's InternetDB: Open ports: 137, 445, 3389; Tags: self-signed, eol-os; CPEs: –
ts_added: 2025-09-18 14:30:34.208000
ts_last_update: 2025-10-14 17:22:55.254000

Warden event timeline

DShield event timeline

Presence on blacklists