IP address

Search at other sites:

.000165.154.209.50

Shodan(more info)

Passive DNS

IP blacklists

UCEPROTECT L1

165.154.209.50 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-30 15:45:00.673000
Was present on blacklist at: 2025-03-30 07:45, 2025-03-30 15:45, 2025-03-30 23:45, 2025-03-31 07:45, 2025-03-31 15:45, 2025-03-31 23:45, 2025-04-01 07:45, 2025-04-01 15:45, 2025-04-01 23:45, 2025-04-02 07:45, 2025-04-02 15:45, 2025-04-02 23:45, 2025-04-03 07:45, 2025-04-03 15:45, 2025-04-03 23:45, 2025-04-04 07:45, 2025-04-04 15:45, 2025-04-04 23:45, 2025-04-05 07:45, 2025-04-05 15:45, 2025-04-05 23:45, 2025-04-06 07:45, 2025-04-06 15:45, 2025-04-06 23:45, 2025-04-07 07:45, 2025-04-07 15:45, 2025-04-07 23:45, 2025-04-08 07:45, 2025-04-08 15:45, 2025-04-08 23:45, 2025-04-09 07:45, 2025-04-09 15:45, 2025-04-21 23:45, 2025-04-22 07:45, 2025-04-22 15:45, 2025-04-22 23:45, 2025-04-23 07:45, 2025-04-23 15:45, 2025-04-23 23:45, 2025-04-24 07:45, 2025-04-24 15:45, 2025-04-24 23:45, 2025-04-25 07:45, 2025-04-25 15:45, 2025-04-25 23:45, 2025-04-26 07:45, 2025-04-26 15:45, 2025-04-26 23:45, 2025-04-27 07:45, 2025-04-27 15:45, 2025-04-27 23:45, 2025-04-28 07:45, 2025-04-28 15:45, 2025-04-28 23:45, 2025-04-29 07:45, 2025-04-29 15:45, 2025-04-29 23:45, 2025-04-30 07:45, 2025-04-30 15:45

Spamhaus SBL

165.154.209.50 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-04-27 07:51:32.557000
Was present on blacklist at: 2025-03-30 07:51, 2025-04-06 07:51, 2025-04-13 07:51, 2025-04-20 07:51, 2025-04-27 07:51

Spamhaus SBL CSS

165.154.209.50 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-04-27 07:51:32.557000
Was present on blacklist at: 2025-03-30 07:51, 2025-04-06 07:51, 2025-04-13 07:51, 2025-04-20 07:51

Spamhaus XBL CBL

165.154.209.50 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-04-27 07:51:32.557000
Was present on blacklist at: 2025-03-30 07:51, 2025-04-06 07:51, 2025-04-13 07:51, 2025-04-20 07:51, 2025-04-27 07:51

Spamhaus DROP

165.154.209.50 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-04-27 07:51:32.557000
Was present on blacklist at: 2025-03-30 07:51, 2025-04-06 07:51, 2025-04-13 07:51, 2025-04-20 07:51, 2025-04-27 07:51

Blocklist.net.ua

165.154.209.50 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks,<br>send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-02 06:15:02.684000
Was present on blacklist at: 2025-04-01 10:15, 2025-04-01 14:15, 2025-04-01 18:15, 2025-04-01 22:15, 2025-04-02 02:15, 2025-04-02 06:15, 2025-04-07 10:15, 2025-04-07 14:15, 2025-04-07 18:15, 2025-04-07 22:15, 2025-04-08 02:15, 2025-04-08 06:15, 2025-04-14 18:15, 2025-04-14 22:15, 2025-04-15 02:15, 2025-04-15 06:15, 2025-04-15 10:15, 2025-04-15 14:15, 2025-04-18 10:15, 2025-04-18 14:15, 2025-04-18 18:15, 2025-04-18 22:15, 2025-04-19 02:15, 2025-04-19 06:15, 2025-04-24 02:15, 2025-04-24 06:15, 2025-04-24 10:15, 2025-04-24 14:15, 2025-04-24 18:15, 2025-04-24 22:15, 2025-04-25 02:15, 2025-04-25 06:15, 2025-04-25 10:15, 2025-04-25 14:15, 2025-04-25 18:15, 2025-04-25 22:15, 2025-04-26 02:15, 2025-04-26 06:15, 2025-04-26 10:15, 2025-04-26 14:15, 2025-04-26 18:15, 2025-04-26 22:15, 2025-04-27 02:15, 2025-04-27 06:15, 2025-04-27 10:15, 2025-04-27 14:15, 2025-04-27 18:15, 2025-04-27 22:15, 2025-04-28 02:15, 2025-04-28 06:15, 2025-04-28 10:15, 2025-04-28 14:15, 2025-04-28 18:15, 2025-04-28 22:15, 2025-04-29 02:15, 2025-04-29 06:15, 2025-04-29 10:15, 2025-04-29 14:15, 2025-04-29 18:15, 2025-04-29 22:15, 2025-04-30 02:15, 2025-04-30 06:15, 2025-04-30 10:15, 2025-04-30 14:15, 2025-04-30 18:15, 2025-04-30 22:15, 2025-05-01 02:15, 2025-05-01 06:15, 2025-05-01 10:15, 2025-05-01 14:15, 2025-05-01 18:15, 2025-05-01 22:15, 2025-05-02 02:15, 2025-05-02 06:15

AbuseIPDB

165.154.209.50 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-04-23 04:00:00.649000
Was present on blacklist at: 2025-04-07 04:00, 2025-04-08 04:00, 2025-04-16 04:00, 2025-04-23 04:00

blocklist.de SIP

165.154.209.50 is listed on the blocklist.de SIP blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IP addresses that tried to login in a SIP,<br>VOIP or Asterisk Server.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-19 16:05:05.224000
Was present on blacklist at: 2025-04-07 22:05, 2025-04-08 04:05, 2025-04-08 10:05, 2025-04-08 16:05, 2025-04-08 22:05, 2025-04-09 04:05, 2025-04-09 10:05, 2025-04-09 16:05, 2025-04-17 22:05, 2025-04-18 04:05, 2025-04-18 10:05, 2025-04-18 16:05, 2025-04-18 22:05, 2025-04-19 04:05, 2025-04-19 10:05, 2025-04-19 16:05

Warden events (224)

2025-04-06

IntrusionUserCompromise (node.cfb4f7): 112

2025-03-31

IntrusionUserCompromise (node.cfb4f7): 112

Origin AS

AS142002 - SCLOUDPTELTD-AS

BGP Prefix

165.154.209.0/24

geo

United Kingdom

🕑 Europe/London

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

165.154.208.0 - 165.154.215.255

last_activity

2025-04-06 18:34:28

last_warden_event

2025-04-06 18:34:28

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 22, 111, 3389

Tags: eol-os, self-signed

CPEs: cpe:/a:openbsd:openssh:7.4

ts_added

2025-03-30 07:51:20.238000

ts_last_update

2025-05-02 07:51:30.768000

Warden event timeline

DShield event timeline

Presence on blacklists