IP address

Search at other sites:

.000207.154.204.4

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de web-login

207.154.204.4 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-22 11:05:05.397000
Was present on blacklist at: 2025-03-20 17:05, 2025-03-20 23:05, 2025-03-21 05:05, 2025-03-21 11:05, 2025-03-21 17:05, 2025-03-21 23:05, 2025-03-22 05:05, 2025-03-22 11:05

blocklist.de Apache

207.154.204.4 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-22 11:05:05.442000
Was present on blacklist at: 2025-03-20 17:05, 2025-03-20 23:05, 2025-03-21 05:05, 2025-03-21 11:05, 2025-03-21 17:05, 2025-03-21 23:05, 2025-03-22 05:05, 2025-03-22 11:05

DataPlane SMTP greeting

207.154.204.4 is listed on the DataPlane SMTP greeting blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs that are<br>identified as SMTP clients issuing unsolicited HELO or EHLO commands.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-02 02:10:06.253000
Was present on blacklist at: 2025-03-20 23:10, 2025-03-21 03:10, 2025-03-21 07:10, 2025-03-21 11:10, 2025-03-21 15:10, 2025-03-21 19:10, 2025-03-21 23:10, 2025-03-22 03:10, 2025-03-22 07:10, 2025-03-22 11:10, 2025-03-22 15:10, 2025-03-22 19:10, 2025-03-22 23:10, 2025-03-23 03:10, 2025-03-23 07:10, 2025-03-23 11:10, 2025-03-23 15:10, 2025-03-23 19:10, 2025-03-23 23:10, 2025-03-24 03:10, 2025-03-24 07:10, 2025-03-24 11:10, 2025-03-24 15:10, 2025-03-24 19:10, 2025-03-24 23:10, 2025-03-25 03:10, 2025-03-25 07:10, 2025-03-25 11:10, 2025-03-25 15:10, 2025-03-25 19:10, 2025-03-25 23:10, 2025-03-26 03:10, 2025-03-26 07:10, 2025-03-26 11:10, 2025-03-26 15:10, 2025-03-26 19:10, 2025-03-26 23:10, 2025-03-27 03:10, 2025-03-27 07:10, 2025-03-27 11:10, 2025-03-27 15:10, 2025-03-27 19:10, 2025-03-27 23:10, 2025-03-28 03:10, 2025-03-28 07:10, 2025-03-28 11:10, 2025-03-28 15:10, 2025-03-28 19:10, 2025-03-28 23:10, 2025-03-29 03:10, 2025-03-29 07:10, 2025-03-29 11:10, 2025-03-29 15:10, 2025-03-29 19:10, 2025-03-29 23:10, 2025-03-30 02:10, 2025-03-30 06:10, 2025-03-30 10:10, 2025-03-30 14:10, 2025-03-30 18:10, 2025-03-30 22:10, 2025-03-31 02:10, 2025-03-31 06:10, 2025-03-31 10:10, 2025-03-31 14:10, 2025-03-31 18:10, 2025-03-31 22:10, 2025-04-01 02:10, 2025-04-01 06:10, 2025-04-01 10:10, 2025-04-01 14:10, 2025-04-01 18:10, 2025-04-01 22:10, 2025-04-02 02:10

UCEPROTECT L1

207.154.204.4 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-01 15:45:00.767000
Was present on blacklist at: 2025-03-21 00:45, 2025-03-21 08:45, 2025-03-21 16:45, 2025-03-22 00:45, 2025-03-22 08:45, 2025-03-22 16:45, 2025-03-23 00:45, 2025-03-23 08:45, 2025-03-23 16:45, 2025-03-24 00:45, 2025-03-24 08:45, 2025-03-24 16:45, 2025-03-25 00:45, 2025-03-25 08:45, 2025-03-25 16:45, 2025-03-26 00:45, 2025-03-26 08:45, 2025-03-26 16:45, 2025-03-27 00:45, 2025-03-27 08:45, 2025-03-27 16:45, 2025-03-28 00:45, 2025-03-28 08:45, 2025-03-28 16:45, 2025-03-29 00:45, 2025-03-29 08:45, 2025-03-29 16:45, 2025-03-30 00:45, 2025-03-30 07:45, 2025-03-30 15:45, 2025-03-30 23:45, 2025-03-31 07:45, 2025-03-31 15:45, 2025-03-31 23:45, 2025-04-01 07:45, 2025-04-01 15:45

AbuseIPDB

207.154.204.4 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-03-28 05:00:00.508000
Was present on blacklist at: 2025-03-21 05:00, 2025-03-25 05:00, 2025-03-26 05:00, 2025-03-27 05:00, 2025-03-28 05:00

Turris greylist

207.154.204.4 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-26 22:15:00.186000
Was present on blacklist at: 2025-03-21 22:15, 2025-03-22 22:15, 2025-03-23 22:15, 2025-03-24 22:15, 2025-03-25 22:15, 2025-03-26 22:15

blocklist.de IMAP

207.154.204.4 is listed on the blocklist.de IMAP blacklist.

Description: Blocklist.de feed is a free and voluntary service<br>provided by a Fraud/Abuse-specialist. IPs performing attacks<br>on the Service imap, sasl, pop3.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-24 11:05:00.237000
Was present on blacklist at: 2025-03-22 17:05, 2025-03-22 23:05, 2025-03-23 05:05, 2025-03-23 11:05, 2025-03-23 17:05, 2025-03-23 23:05, 2025-03-24 05:05, 2025-03-24 11:05

blocklist.de mail

207.154.204.4 is listed on the blocklist.de mail blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing Mail attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-24 11:05:00.441000
Was present on blacklist at: 2025-03-22 17:05, 2025-03-22 23:05, 2025-03-23 05:05, 2025-03-23 11:05, 2025-03-23 17:05, 2025-03-23 23:05, 2025-03-24 05:05, 2025-03-24 11:05

Spamhaus SBL CSS

207.154.204.4 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-01 14:07:40.188000
Was present on blacklist at: 2025-03-27 14:07, 2025-04-03 14:07

Spamhaus XBL CBL

207.154.204.4 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-01 14:07:40.188000
Was present on blacklist at: 2025-03-27 14:07

Warden events (970)

2025-03-25

IntrusionUserCompromise (node.cfb4f7): 297

2025-03-24

IntrusionUserCompromise (node.cfb4f7): 321

2025-03-23

IntrusionUserCompromise (node.cfb4f7): 99

ReconScanning (node.06f8e8): 1

2025-03-22

IntrusionUserCompromise (node.cfb4f7): 165

2025-03-21

IntrusionUserCompromise (node.cfb4f7): 75

2025-03-20

IntrusionUserCompromise (node.cfb4f7): 12

DShield reports (IP summary, reports)

2025-03-20

Number of reports: 28

Distinct targets: 8

2025-03-21

Number of reports: 120

Distinct targets: 28

2025-03-22

Number of reports: 195

Distinct targets: 35

2025-03-23

Number of reports: 158

Distinct targets: 49

2025-03-24

Number of reports: 187

Distinct targets: 49

2025-03-25

Number of reports: 75

Distinct targets: 27

OTX pulses

[67e000074669122b6254638d] 2025-03-23 12:35:19.332000 | Apache honeypot logs for 23/Mar/2025

Author name:	jnazario
Pulse modified:	2025-03-23 12:35:19.332000
Indicator created:	2025-03-23 12:35:20
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-22 12:00:00

Origin AS

AS14061 - DIGITALOCEAN-ASN

BGP Prefix

207.154.192.0/20

geo

Germany, Frankfurt am Main

🕑 Europe/Berlin

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

207.154.192.0 - 207.154.255.255

last_activity

2025-03-25 08:42:00

last_warden_event

2025-03-25 08:42:00

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 80, 81, 443, 8089

Tags: cloud

CPEs: –

ts_added

2025-03-20 14:07:38.815000

ts_last_update

2025-05-06 14:07:40.133000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses