IP address

Search at other sites:

.046194.0.234.215

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus SBL

194.0.234.215 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-13 05:00:22.708000
Was present on blacklist at: 2025-03-04 05:00, 2025-03-11 05:00, 2025-03-18 05:00, 2025-03-25 05:00, 2025-04-01 05:00, 2025-04-08 05:00, 2025-04-15 05:00, 2025-04-22 05:00, 2025-04-29 05:00, 2025-05-06 05:00, 2025-05-13 05:00

Spamhaus DROP

194.0.234.215 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-13 05:00:22.708000
Was present on blacklist at: 2025-03-04 05:00, 2025-03-11 05:00, 2025-03-18 05:00, 2025-03-25 05:00, 2025-04-01 05:00, 2025-04-08 05:00, 2025-04-15 05:00, 2025-04-22 05:00, 2025-04-29 05:00, 2025-05-06 05:00, 2025-05-13 05:00

DataPlane VNC RFB

194.0.234.215 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-12 15:10:01.187000
Was present on blacklist at: 2025-03-05 03:10, 2025-03-05 07:10, 2025-03-05 11:10, 2025-03-05 15:10, 2025-03-05 19:10, 2025-03-05 23:10, 2025-03-06 03:10, 2025-03-06 07:10, 2025-03-06 11:10, 2025-03-06 15:10, 2025-03-06 19:10, 2025-03-06 23:10, 2025-03-07 03:10, 2025-03-07 07:10, 2025-03-07 11:10, 2025-03-07 15:10, 2025-03-07 19:10, 2025-03-07 23:10, 2025-03-08 03:10, 2025-03-08 07:10, 2025-03-08 11:10, 2025-03-08 15:10, 2025-03-08 19:10, 2025-03-08 23:10, 2025-03-09 03:10, 2025-03-09 07:10, 2025-03-09 11:10, 2025-03-09 15:10, 2025-03-09 19:10, 2025-03-09 23:10, 2025-03-10 03:10, 2025-03-10 07:10, 2025-03-10 11:10, 2025-03-10 15:10, 2025-03-10 19:10, 2025-03-10 23:10, 2025-03-11 03:10, 2025-03-11 07:10, 2025-03-11 11:10, 2025-03-11 15:10, 2025-03-11 19:10, 2025-03-11 23:10, 2025-03-12 03:10, 2025-03-12 07:10, 2025-03-12 11:10, 2025-03-12 15:10

UCEPROTECT L1

194.0.234.215 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-20 16:45:00.620000
Was present on blacklist at: 2025-03-05 08:45, 2025-03-05 16:45, 2025-03-06 00:45, 2025-03-06 08:45, 2025-03-06 16:45, 2025-03-07 00:45, 2025-03-07 08:45, 2025-03-07 16:45, 2025-03-08 00:45, 2025-03-08 08:45, 2025-03-08 16:45, 2025-03-09 00:45, 2025-03-09 08:45, 2025-03-09 16:45, 2025-03-10 00:45, 2025-03-10 08:45, 2025-03-10 16:45, 2025-03-11 00:45, 2025-03-11 08:45, 2025-03-11 16:45, 2025-03-12 00:45, 2025-03-12 08:45, 2025-03-12 16:45, 2025-03-13 00:45, 2025-03-13 08:45, 2025-03-13 16:45, 2025-03-14 00:45, 2025-03-14 08:45, 2025-03-14 16:45, 2025-03-15 00:45, 2025-03-15 08:45, 2025-03-15 16:45, 2025-03-16 00:45, 2025-03-16 08:45, 2025-03-16 16:45, 2025-03-17 00:45, 2025-03-17 08:45, 2025-03-17 16:45, 2025-03-18 00:45, 2025-03-18 08:45, 2025-03-18 16:45, 2025-03-19 00:45, 2025-03-19 08:45, 2025-03-19 16:45, 2025-03-20 00:45, 2025-03-20 08:45, 2025-03-20 16:45

DShield Block

194.0.234.215 was recently listed on the DShield Block blacklist, but currently it is not.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2025-05-16 04:50:00
Was present on blacklist at: 2025-03-12 04:50, 2025-03-17 04:50

AbuseIPDB

194.0.234.215 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-14 04:00:00.572000
Was present on blacklist at: 2025-04-03 04:00, 2025-04-04 04:00, 2025-05-07 04:00, 2025-05-09 04:00, 2025-05-12 04:00, 2025-05-14 04:00

blocklist.de SSH

194.0.234.215 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-16 10:05:05.486000
Was present on blacklist at: 2025-04-03 04:05, 2025-04-03 10:05, 2025-04-03 16:05, 2025-04-03 22:05, 2025-04-04 04:05, 2025-04-04 10:05, 2025-04-04 16:05, 2025-04-04 22:05, 2025-04-05 04:05, 2025-04-05 10:05, 2025-04-05 16:05, 2025-04-05 22:05, 2025-04-06 04:05, 2025-04-06 10:05, 2025-04-06 16:05, 2025-05-06 10:05, 2025-05-06 16:05, 2025-05-06 22:05, 2025-05-07 04:05, 2025-05-07 10:05, 2025-05-07 16:05, 2025-05-07 22:05, 2025-05-08 04:05, 2025-05-08 10:05, 2025-05-08 16:05, 2025-05-08 22:05, 2025-05-09 04:05, 2025-05-09 10:05, 2025-05-09 16:05, 2025-05-09 22:05, 2025-05-10 04:05, 2025-05-10 10:05, 2025-05-10 16:05, 2025-05-10 22:05, 2025-05-11 04:05, 2025-05-11 10:05, 2025-05-11 16:05, 2025-05-11 22:05, 2025-05-12 04:05, 2025-05-12 10:05, 2025-05-12 16:05, 2025-05-12 22:05, 2025-05-13 04:05, 2025-05-13 10:05, 2025-05-13 16:05, 2025-05-13 22:05, 2025-05-14 04:05, 2025-05-14 10:05, 2025-05-14 16:05, 2025-05-14 22:05, 2025-05-15 04:05, 2025-05-15 10:05, 2025-05-15 16:05, 2025-05-15 22:05, 2025-05-16 04:05, 2025-05-16 10:05

DataPlane SSH login

194.0.234.215 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-16 14:10:06.142000
Was present on blacklist at: 2025-04-03 06:10, 2025-04-03 10:10, 2025-04-03 14:10, 2025-04-03 18:10, 2025-04-03 22:10, 2025-04-04 02:10, 2025-04-04 06:10, 2025-04-04 10:10, 2025-04-04 14:10, 2025-04-04 18:10, 2025-04-04 22:10, 2025-04-05 02:10, 2025-04-05 06:10, 2025-04-05 10:10, 2025-04-05 14:10, 2025-04-05 18:10, 2025-04-05 22:10, 2025-04-06 02:10, 2025-04-06 06:10, 2025-04-06 10:10, 2025-04-06 14:10, 2025-04-06 18:10, 2025-04-06 22:10, 2025-04-07 02:10, 2025-04-07 06:10, 2025-04-07 10:10, 2025-04-07 14:10, 2025-04-07 18:10, 2025-04-07 22:10, 2025-04-08 02:10, 2025-04-08 06:10, 2025-04-08 10:10, 2025-04-08 14:10, 2025-04-08 18:10, 2025-04-08 22:10, 2025-04-09 02:10, 2025-04-09 06:10, 2025-04-09 10:10, 2025-04-09 14:10, 2025-04-09 18:10, 2025-04-09 22:10, 2025-04-10 02:10, 2025-04-10 06:10, 2025-04-10 10:10, 2025-04-10 14:10, 2025-04-10 18:10, 2025-04-10 22:10, 2025-04-11 02:10, 2025-04-11 06:10, 2025-04-11 10:10, 2025-04-11 14:10, 2025-04-11 18:10, 2025-04-11 22:10, 2025-05-07 06:10, 2025-05-07 10:10, 2025-05-07 14:10, 2025-05-07 18:10, 2025-05-07 22:10, 2025-05-08 02:10, 2025-05-08 06:10, 2025-05-08 10:10, 2025-05-08 14:10, 2025-05-08 18:10, 2025-05-08 22:10, 2025-05-09 02:10, 2025-05-09 06:10, 2025-05-09 10:10, 2025-05-09 14:10, 2025-05-09 18:10, 2025-05-09 22:10, 2025-05-10 02:10, 2025-05-10 06:10, 2025-05-10 10:10, 2025-05-10 14:10, 2025-05-10 18:10, 2025-05-10 22:10, 2025-05-11 02:10, 2025-05-11 06:10, 2025-05-11 10:10, 2025-05-11 14:10, 2025-05-11 18:10, 2025-05-11 22:10, 2025-05-12 02:10, 2025-05-12 06:10, 2025-05-12 10:10, 2025-05-12 14:10, 2025-05-12 18:10, 2025-05-12 22:10, 2025-05-13 02:10, 2025-05-13 06:10, 2025-05-13 10:10, 2025-05-13 14:10, 2025-05-13 18:10, 2025-05-13 22:10, 2025-05-14 02:10, 2025-05-14 06:10, 2025-05-14 10:10, 2025-05-14 14:10, 2025-05-14 18:10, 2025-05-14 22:10, 2025-05-15 02:10, 2025-05-15 06:10, 2025-05-15 10:10, 2025-05-15 14:10, 2025-05-15 18:10, 2025-05-15 22:10, 2025-05-16 02:10, 2025-05-16 06:10, 2025-05-16 10:10, 2025-05-16 14:10

Warden events (4)

2025-05-10

AttemptLogin (node.5f02e7): 2

2025-05-07

AttemptLogin (node.ce2b59): 2

DShield reports (IP summary, reports)

2025-03-03

Number of reports: 339

Distinct targets: 218

2025-04-02

Number of reports: 278

Distinct targets: 6

2025-04-03

Number of reports: 560

Distinct targets: 8

2025-04-04

Number of reports: 270

Distinct targets: 4

2025-05-07

Number of reports: 74

Distinct targets: 3

2025-05-08

Number of reports: 96

Distinct targets: 4

2025-05-09

Number of reports: 270

Distinct targets: 8

2025-05-10

Number of reports: 172

Distinct targets: 5

2025-05-11

Number of reports: 204

Distinct targets: 5

2025-05-12

Number of reports: 160

Distinct targets: 5

2025-05-13

Number of reports: 123

Distinct targets: 6

2025-05-14

Number of reports: 268

Distinct targets: 10

OTX pulses

[67cd8932646f774236789ca3] 2025-03-09 12:27:30.204000 | VNC honeypot logs for 2025/03/09

Author name:	jnazario
Pulse modified:	2025-03-09 12:27:30.204000
Indicator created:	2025-03-09 12:27:31
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-08 12:00:00

[67cede98af39b6c4e991011b] 2025-03-10 12:44:08.554000 | VNC honeypot logs for 2025/03/10

Author name:	jnazario
Pulse modified:	2025-03-10 12:44:08.554000
Indicator created:	2025-03-10 12:44:09
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-09 12:00:00

[67d02c5fe2cc563b1b294462] 2025-03-11 12:28:15.009000 | VNC honeypot logs for 2025/03/11

Author name:	jnazario
Pulse modified:	2025-03-11 12:28:15.009000
Indicator created:	2025-03-11 12:28:15
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-10 12:00:00

[67d2d029fd0ab016325d0018] 2025-03-13 12:31:36.989000 | VNC honeypot logs for 2025/03/13

Author name:	jnazario
Pulse modified:	2025-03-13 12:31:36.989000
Indicator created:	2025-03-13 12:31:37
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-12 12:00:00

[67d41fc3ac952d8ce5699a6e] 2025-03-14 12:23:31.558000 | VNC honeypot logs for 2025/03/14

Author name:	jnazario
Pulse modified:	2025-03-14 12:23:31.558000
Indicator created:	2025-03-14 12:23:32
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-13 12:00:00

Origin AS

AS214295 - SKYNET

BGP Prefix

194.0.234.0/24

geo

Iran

🕑 Asia/Tehran

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

194.0.234.0 - 194.0.234.255

last_activity

2025-05-10 21:45:22.709000

last_warden_event

2025-05-10 21:45:22.709000

rep

0.04642857142857142

reserved_range

0

Shodan's InternetDB

Open ports: 22

Tags: –

CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:9.6p1

ts_added

2025-03-04 05:00:12.618000

ts_last_update

2025-05-16 14:22:59.476000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses