IP address

Search at other sites:

.007164.90.199.217

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de web-login

164.90.199.217 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-10 23:05:00.449000
Was present on blacklist at: 2025-12-08 23:05, 2025-12-09 05:05, 2025-12-09 11:05, 2025-12-09 17:05, 2025-12-09 23:05, 2025-12-10 05:05, 2025-12-10 11:05, 2025-12-10 17:05, 2025-12-10 23:05

blocklist.de Apache

164.90.199.217 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-10 23:05:00.594000
Was present on blacklist at: 2025-12-08 23:05, 2025-12-09 05:05, 2025-12-09 11:05, 2025-12-09 17:05, 2025-12-09 23:05, 2025-12-10 05:05, 2025-12-10 11:05, 2025-12-10 17:05, 2025-12-10 23:05

DataPlane SSH login

164.90.199.217 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-15 19:10:06.145000
Was present on blacklist at: 2025-12-09 03:10, 2025-12-09 07:10, 2025-12-09 15:10, 2025-12-09 19:10, 2025-12-10 03:10, 2025-12-10 07:10, 2025-12-10 15:10, 2025-12-10 19:10, 2025-12-11 03:10, 2025-12-11 07:10, 2025-12-11 15:10, 2025-12-11 19:10, 2025-12-12 03:10, 2025-12-12 07:10, 2025-12-12 15:10, 2025-12-12 19:10, 2025-12-13 03:10, 2025-12-13 07:10, 2025-12-13 15:10, 2025-12-13 19:10, 2025-12-14 03:10, 2025-12-14 07:10, 2025-12-14 15:10, 2025-12-14 19:10, 2025-12-15 03:10, 2025-12-15 07:10, 2025-12-15 15:10, 2025-12-15 19:10

Warden events (1)

2025-12-08

ReconScanning (node.368407): 1

DShield reports (IP summary, reports)

2025-12-08

Number of reports: 1666

Distinct targets: 7

Origin AS

AS14061 - DIGITALOCEAN-ASN

BGP Prefix

164.90.192.0/20

geo

Netherlands, Amsterdam

🕑 Europe/Amsterdam

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

164.90.128.0 - 164.90.255.255

last_activity

2025-12-08 18:45:02

last_warden_event

2025-12-08 18:45:02

rep

0.007142857142857143

reserved_range

0

Shodan's InternetDB

Open ports: 22, 23, 24, 80, 88, 102, 121, 122, 135, 143, 442, 443, 502, 541, 902, 1023, 1024, 1026, 1200, 1433, 1515, 1741, 1800, 1911, 1925, 2122, 2222, 2323, 2404, 2628, 3001, 3006, 3007, 3013, 3128, 3144, 3146, 3301, 3310, 3333, 3345, 3402, 3412, 3531, 3922, 4000, 4120, 4242, 4321, 4433, 4502, 4505, 4506, 4840, 5006, 5007, 5544, 5601, 5609, 5804, 5900, 5908, 5917, 6432, 7006, 7325, 7415, 7434, 7443, 7601, 8003, 8009, 8011, 8028, 8044, 8108, 8119, 8123, 8126, 8200, 8230, 8318, 8333, 8334, 8505, 8521, 8545, 8601, 8745, 8800, 8805, 8838, 8839, 8845, 8913, 9000, 9007, 9014, 9027, 9033, 9100, 9112, 9117, 9132, 9145, 9200, 9217, 9245, 9333, 9600, 9633, 9700, 9810, 9944, 9999, 10002, 10024, 10037, 10043, 10134, 10243, 10302, 10443, 10911, 11007, 11210, 11211

Tags: cloud, eol-product

CPEs: cpe:/a:openbsd:openssh:8.9p1, cpe:/o:canonical:ubuntu_linux, cpe:/a:f5:nginx:1.20.1

ts_added

2025-12-08 18:45:44.202000

ts_last_update

2025-12-19 18:45:50.126000

Warden event timeline

DShield event timeline

Presence on blacklists