IP address

Search at other sites:

--2.58.56.552.58.56.55.powered.by.rdp.sh

Shodan(more info)

Passive DNS

IP blacklists

AbuseIPDB

2.58.56.55 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-12-19 05:00:00.708000
Was present on blacklist at: 2025-12-14 05:00, 2025-12-15 05:00, 2025-12-16 05:00, 2025-12-17 05:00, 2025-12-18 05:00, 2025-12-19 05:00

Spamhaus SBL

2.58.56.55 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-21 05:04:29.123000
Was present on blacklist at: 2025-12-14 05:01, 2025-12-21 05:04

Spamhaus DROP

2.58.56.55 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-21 05:04:29.123000
Was present on blacklist at: 2025-12-14 05:01, 2025-12-21 05:04

Turris greylist

2.58.56.55 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-20 22:15:00.171000
Was present on blacklist at: 2025-12-14 22:15, 2025-12-16 22:15, 2025-12-19 22:15, 2025-12-20 22:15

Spamhaus XBL CBL

2.58.56.55 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-21 05:04:29.123000
Was present on blacklist at: 2025-12-21 05:04

Origin AS

AS210558 - services-1337-gmbh

BGP Prefix

2.58.56.0/24

geo

Netherlands, Oude Meer

🕑 Europe/Amsterdam

hostname

2.58.56.55.powered.by.rdp.sh

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

2.58.56.0 - 2.58.56.255

reserved_range

0

Shodan's InternetDB

Open ports: 22, 80, 3389, 5060, 5357

Tags: self-signed

CPEs: cpe:/a:apache:http_server:2.4.65, cpe:/o:linux:linux_kernel, cpe:/a:openbsd:openssh:9.2p1, cpe:/o:debian:debian_linux

ts_added

2025-12-14 05:01:48.614000

ts_last_update

2025-12-21 05:04:29.156000

Warden event timeline

DShield event timeline

Presence on blacklists