IP address

Search at other sites:

.159172.121.80.210

Shodan(more info)

Passive DNS

IP blacklists

Echelon TLS/SSL crawler

172.121.80.210 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-05-29 09:40:00.334000
Was present on blacklist at: 2026-05-22 09:40, 2026-05-24 09:40, 2026-05-25 09:40, 2026-05-26 09:40, 2026-05-27 09:40, 2026-05-28 09:40, 2026-05-29 09:40

Echelon router exploit

172.121.80.210 is listed on the Echelon router exploit blacklist.

Description: Attempting router firmware exploits (Netgear, D-Link, etc.)
Type of feed: primary (feed detail page)

Last checked at: 2026-06-04 09:30:00.275000
Was present on blacklist at: 2026-05-27 09:30, 2026-05-28 09:30, 2026-05-29 09:30, 2026-05-30 09:30, 2026-05-31 09:30, 2026-06-01 09:30, 2026-06-02 09:30, 2026-06-03 09:30, 2026-06-04 09:30

Threat categories

TL	Role	Category	Details
25	src	scan
25	src	exploit

---

Origin AS

AS214238 - iwihost

BGP Prefix

172.121.80.0/24

geo

United States, Miami

🕑 America/New_York

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

172.120.0.0 - 172.121.255.255

rep

0.1591035847462855

reserved_range

0

Shodan's InternetDB

Open ports: 24442

Tags: –

CPEs: cpe:/o:linux:linux_kernel, cpe:/a:openbsd:openssh:9.2p1, cpe:/o:debian:debian_linux

ts_added

2026-05-22 09:40:09.861000

ts_last_update

2026-06-04 09:40:11.690000

Warden event timeline

DShield event timeline

Presence on blacklists