IP address

Search at other sites:
--159.54.168.239
Shodan(more info)
Passive DNS
Tags:
IP blacklists
AbuseIPDB
159.54.168.239 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-19 04:00:00.595000
Was present on blacklist at: 2025-05-14 04:00, 2025-05-18 04:00, 2025-05-19 04:00
UCEPROTECT L1
159.54.168.239 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-25 07:45:00.676000
Was present on blacklist at: 2025-05-15 07:45, 2025-05-15 15:45, 2025-05-15 23:45, 2025-05-16 07:45, 2025-05-16 15:45, 2025-05-16 23:45, 2025-05-17 07:45, 2025-05-17 15:45, 2025-05-17 23:45, 2025-05-18 07:45, 2025-05-18 15:45, 2025-05-18 23:45, 2025-05-19 07:45, 2025-05-19 15:45, 2025-05-19 23:45, 2025-05-20 07:45, 2025-05-20 15:45, 2025-05-20 23:45, 2025-05-21 07:45, 2025-05-21 15:45, 2025-05-21 23:45, 2025-05-22 07:45, 2025-05-22 15:45, 2025-05-22 23:45, 2025-05-23 07:45, 2025-05-23 15:45, 2025-05-23 23:45, 2025-05-24 07:45, 2025-05-24 15:45, 2025-05-24 23:45, 2025-05-25 07:45
Turris greylist
159.54.168.239 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-21 21:15:00.162000
Was present on blacklist at: 2025-05-15 21:15, 2025-05-21 21:15
Spamhaus SBL CSS
159.54.168.239 is listed on the Spamhaus SBL CSS blacklist.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-07-15 20:43:00.518000
Was present on blacklist at: 2025-06-24 20:43, 2025-07-01 20:43, 2025-07-08 20:43, 2025-07-15 20:43
DShield reports (IP summary, reports)
2025-05-13
Number of reports: 672
Distinct targets: 317
2025-05-14
Number of reports: 393
Distinct targets: 193
2025-05-16
Number of reports: 264
Distinct targets: 11
2025-05-17
Number of reports: 263
Distinct targets: 10
2025-05-18
Number of reports: 20
Distinct targets: 12
2025-05-19
Number of reports: 51
Distinct targets: 19
OTX pulses
[5a7e3e70c44e7b48947593a7] 2018-02-10 00:36:00.396000 | Webscanners 2018-02-09 thru current day
Author name:david3
Pulse modified:2025-06-12 15:51:33.026000
Indicator created:2025-05-13 18:40:18
Indicator role:scanning_host
Indicator title:404 NOT FOUND
Indicator expiration:2025-08-11 00:00:00
Origin AS
AS31898 - ORACLE-BMC-31898
BGP Prefix
159.54.160.0/19
geo
United States, San Jose
🕑 America/Los_Angeles
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
159.54.128.0 - 159.54.191.255
last_activity
2025-06-12 16:02:24.204000
reserved_range
0
ts_added
2025-05-13 20:42:57.161000
ts_last_update
2025-07-17 20:43:00.095000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses