IP address

Search at other sites:
.885213.209.159.158
Shodan(more info)
Passive DNS
Tags: Scanner Login attempts
IP blacklists
AbuseIPDB
213.209.159.158 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 05:00:00.598000
Was present on blacklist at: 2025-12-30 05:00, 2025-12-31 05:00, 2026-01-03 05:00, 2026-01-04 05:00, 2026-01-05 05:00, 2026-01-06 05:00, 2026-01-07 05:00, 2026-01-08 05:00, 2026-01-09 05:00, 2026-01-10 05:00, 2026-01-11 05:00, 2026-01-12 05:00, 2026-01-13 05:00, 2026-01-14 05:00, 2026-01-15 05:00, 2026-01-16 05:00, 2026-01-17 05:00, 2026-01-18 05:00, 2026-01-19 05:00, 2026-01-20 05:00, 2026-01-21 05:00, 2026-01-22 05:00, 2026-01-23 05:00, 2026-01-24 05:00, 2026-01-25 05:00, 2026-01-26 05:00, 2026-01-27 05:00, 2026-01-28 05:00, 2026-01-29 05:00, 2026-01-30 05:00, 2026-01-31 05:00, 2026-02-01 05:00, 2026-02-02 05:00, 2026-02-03 05:00, 2026-02-04 05:00, 2026-02-05 05:00, 2026-02-06 05:00, 2026-02-07 05:00, 2026-02-08 05:00, 2026-02-09 05:00, 2026-02-10 05:00
blocklist.de bots
213.209.159.158 is listed on the blocklist.de bots blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the RFI-Attacks,<br>REG-Bots, IRC-Bots or BadBots.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-01 05:05:00.536000
Was present on blacklist at: 2025-12-30 11:05, 2025-12-30 17:05, 2025-12-30 23:05, 2025-12-31 05:05, 2025-12-31 11:05, 2025-12-31 17:05, 2025-12-31 23:05, 2026-01-01 05:05
DShield Block
213.209.159.158 was recently listed on the DShield Block blacklist, but currently it is not.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2026-02-10 04:50:00
Was present on blacklist at: 2025-12-30 04:50, 2026-01-02 04:50, 2026-01-03 04:50, 2026-01-04 04:50, 2026-01-06 04:50, 2026-01-07 04:50, 2026-01-31 04:50
Turris greylist
213.209.159.158 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 22:15:00.134000
Was present on blacklist at: 2025-12-31 22:15, 2026-01-01 22:15, 2026-01-04 22:15, 2026-01-05 22:15, 2026-01-06 22:15, 2026-01-07 22:15, 2026-01-08 22:15, 2026-01-09 22:15, 2026-01-10 22:15, 2026-01-11 22:15, 2026-01-12 22:15, 2026-01-14 22:15, 2026-01-15 22:15, 2026-01-16 22:15, 2026-01-17 22:15, 2026-01-18 22:15, 2026-01-19 22:15, 2026-01-20 22:15, 2026-01-21 22:15, 2026-01-22 22:15, 2026-01-23 22:15, 2026-01-24 22:15, 2026-01-25 22:15, 2026-01-26 22:15, 2026-01-27 22:15, 2026-01-28 22:15, 2026-01-29 22:15, 2026-01-30 22:15, 2026-01-31 22:15, 2026-02-01 22:15, 2026-02-02 22:15, 2026-02-03 22:15, 2026-02-04 22:15, 2026-02-05 22:15, 2026-02-06 22:15, 2026-02-07 22:15, 2026-02-08 22:15, 2026-02-09 22:15, 2026-02-10 22:15
blocklist.de SSH
213.209.159.158 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 23:05:05.327000
Was present on blacklist at: 2026-01-03 05:05, 2026-01-03 11:05, 2026-01-03 17:05, 2026-01-03 23:05, 2026-01-04 05:05, 2026-01-04 11:05, 2026-01-04 23:05, 2026-01-05 05:05, 2026-01-05 11:05, 2026-01-05 17:05, 2026-01-06 23:05, 2026-01-07 05:05, 2026-01-07 11:05, 2026-01-07 17:05, 2026-01-08 11:05, 2026-01-08 17:05, 2026-01-08 23:05, 2026-01-09 05:05, 2026-01-09 11:05, 2026-01-10 05:05, 2026-01-10 11:05, 2026-01-10 17:05, 2026-01-10 23:05, 2026-01-11 23:05, 2026-01-12 11:05, 2026-01-13 23:05, 2026-01-14 05:05, 2026-01-14 11:05, 2026-01-14 17:05, 2026-01-14 23:05, 2026-01-15 05:05, 2026-01-15 11:05, 2026-01-15 17:05, 2026-01-15 23:05, 2026-01-16 11:05, 2026-01-16 17:05, 2026-01-16 23:05, 2026-01-17 05:05, 2026-01-17 11:05, 2026-01-17 17:05, 2026-01-17 23:05, 2026-01-18 05:05, 2026-01-18 11:05, 2026-01-18 17:05, 2026-01-18 23:05, 2026-01-19 11:05, 2026-01-19 23:05, 2026-01-20 05:05, 2026-01-20 11:05, 2026-01-21 05:05, 2026-01-21 11:05, 2026-01-21 17:05, 2026-01-21 23:05, 2026-01-22 05:05, 2026-01-22 11:05, 2026-01-22 17:05, 2026-01-22 23:05, 2026-01-23 05:05, 2026-01-23 11:05, 2026-01-23 17:05, 2026-01-23 23:05, 2026-01-24 05:05, 2026-01-24 11:05, 2026-01-24 17:05, 2026-01-24 23:05, 2026-01-25 05:05, 2026-01-25 11:05, 2026-01-25 23:05, 2026-01-26 05:05, 2026-01-26 11:05, 2026-01-26 17:05, 2026-01-26 23:05, 2026-01-27 23:05, 2026-01-28 05:05, 2026-01-28 11:05, 2026-01-28 17:05, 2026-01-28 23:05, 2026-01-29 05:05, 2026-01-29 11:05, 2026-01-29 17:05, 2026-01-29 23:05, 2026-01-31 05:05, 2026-01-31 11:05, 2026-01-31 17:05, 2026-01-31 23:05, 2026-02-01 23:05, 2026-02-02 05:05, 2026-02-02 11:05, 2026-02-02 17:05, 2026-02-02 23:05, 2026-02-03 17:05, 2026-02-03 23:05, 2026-02-04 05:05, 2026-02-04 11:05, 2026-02-04 23:05, 2026-02-05 11:05, 2026-02-05 23:05, 2026-02-06 05:05, 2026-02-06 11:05, 2026-02-06 23:05, 2026-02-07 05:05, 2026-02-07 11:05, 2026-02-07 17:05, 2026-02-07 23:05, 2026-02-08 05:05, 2026-02-08 11:05, 2026-02-08 23:05, 2026-02-09 05:05, 2026-02-09 11:05, 2026-02-09 17:05, 2026-02-10 11:05, 2026-02-10 23:05
Blocklist.net.ua
213.209.159.158 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks,<br>send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 23:15:02.026000
Was present on blacklist at: 2026-01-03 07:15, 2026-01-03 11:15, 2026-01-03 15:15, 2026-01-03 19:15, 2026-01-03 23:15, 2026-01-04 03:15, 2026-01-04 07:15, 2026-01-04 11:15, 2026-01-04 15:15, 2026-01-04 19:15, 2026-01-04 23:15, 2026-01-05 03:15, 2026-01-06 23:15, 2026-01-07 03:15, 2026-01-07 07:15, 2026-01-07 11:15, 2026-01-07 19:15, 2026-01-07 23:15, 2026-01-08 03:15, 2026-01-08 07:15, 2026-01-08 15:15, 2026-01-08 19:15, 2026-01-08 23:15, 2026-01-09 03:15, 2026-01-09 07:15, 2026-01-09 11:15, 2026-01-09 15:15, 2026-01-09 19:15, 2026-01-09 23:15, 2026-01-10 03:15, 2026-01-10 07:15, 2026-01-10 11:15, 2026-01-10 15:15, 2026-01-10 19:15, 2026-01-10 23:15, 2026-01-11 03:15, 2026-01-11 07:15, 2026-01-11 11:15, 2026-01-11 15:15, 2026-01-11 19:15, 2026-01-11 23:15, 2026-01-12 03:15, 2026-01-12 07:15, 2026-01-12 11:15, 2026-01-12 15:15, 2026-01-12 19:15, 2026-01-12 23:15, 2026-01-13 03:15, 2026-01-13 07:15, 2026-01-13 11:15, 2026-01-13 15:15, 2026-01-13 19:15, 2026-01-15 19:15, 2026-01-15 23:15, 2026-01-16 03:15, 2026-01-16 07:15, 2026-01-16 11:15, 2026-01-16 15:15, 2026-01-16 19:15, 2026-01-16 23:15, 2026-01-17 03:15, 2026-01-17 07:15, 2026-01-17 11:15, 2026-01-17 15:15, 2026-01-17 19:15, 2026-01-17 23:15, 2026-01-18 03:15, 2026-01-18 07:15, 2026-01-18 11:15, 2026-01-18 15:15, 2026-01-18 19:15, 2026-01-18 23:15, 2026-01-19 03:15, 2026-01-19 07:15, 2026-01-19 11:15, 2026-01-19 15:15, 2026-01-19 19:15, 2026-01-19 23:15, 2026-01-20 03:15, 2026-01-20 07:15, 2026-01-20 11:15, 2026-01-20 15:15, 2026-01-20 19:15, 2026-01-20 23:15, 2026-01-21 03:15, 2026-01-21 07:15, 2026-01-21 11:15, 2026-01-21 15:15, 2026-01-21 19:15, 2026-01-21 23:15, 2026-01-22 03:15, 2026-01-22 07:15, 2026-01-22 11:15, 2026-01-22 15:15, 2026-01-22 19:15, 2026-01-22 23:15, 2026-01-23 03:15, 2026-01-23 07:15, 2026-01-23 11:15, 2026-01-23 15:15, 2026-01-23 19:15, 2026-01-23 23:15, 2026-01-24 03:15, 2026-01-24 07:15, 2026-01-24 11:15, 2026-01-24 15:15, 2026-01-24 19:15, 2026-01-24 23:15, 2026-01-25 03:15, 2026-01-25 07:15, 2026-01-25 11:15, 2026-01-25 15:15, 2026-01-25 19:15, 2026-01-25 23:15, 2026-01-26 03:15, 2026-01-26 07:15, 2026-01-26 11:15, 2026-01-26 15:15, 2026-01-26 19:15, 2026-01-26 23:15, 2026-01-27 03:15, 2026-01-27 07:15, 2026-01-27 11:15, 2026-01-27 15:15, 2026-01-27 19:15, 2026-01-27 23:15, 2026-01-28 03:15, 2026-01-28 07:15, 2026-01-28 11:15, 2026-01-28 15:15, 2026-01-28 19:15, 2026-01-28 23:15, 2026-01-29 03:15, 2026-01-29 07:15, 2026-01-29 11:15, 2026-01-29 15:15, 2026-01-29 19:15, 2026-01-29 23:15, 2026-01-30 03:15, 2026-01-30 07:15, 2026-01-30 11:15, 2026-01-30 15:15, 2026-01-30 19:15, 2026-01-30 23:15, 2026-01-31 03:15, 2026-01-31 07:15, 2026-01-31 11:15, 2026-01-31 15:15, 2026-01-31 19:15, 2026-01-31 23:15, 2026-02-01 03:15, 2026-02-01 07:15, 2026-02-01 11:15, 2026-02-01 15:15, 2026-02-01 19:15, 2026-02-01 23:15, 2026-02-02 03:15, 2026-02-02 07:15, 2026-02-02 11:15, 2026-02-02 15:15, 2026-02-02 19:15, 2026-02-02 23:15, 2026-02-03 03:15, 2026-02-03 07:15, 2026-02-03 11:15, 2026-02-03 15:15, 2026-02-03 19:15, 2026-02-03 23:15, 2026-02-04 03:15, 2026-02-04 07:15, 2026-02-04 11:15, 2026-02-04 15:15, 2026-02-04 19:15, 2026-02-04 23:15, 2026-02-05 03:15, 2026-02-05 07:15, 2026-02-05 11:15, 2026-02-05 15:15, 2026-02-05 19:15, 2026-02-05 23:15, 2026-02-06 03:15, 2026-02-06 07:15, 2026-02-06 11:15, 2026-02-06 15:15, 2026-02-06 19:15, 2026-02-06 23:15, 2026-02-07 03:15, 2026-02-07 07:15, 2026-02-07 11:15, 2026-02-07 15:15, 2026-02-07 19:15, 2026-02-07 23:15, 2026-02-08 03:15, 2026-02-08 07:15, 2026-02-08 11:15, 2026-02-08 15:15, 2026-02-08 19:15, 2026-02-08 23:15, 2026-02-09 03:15, 2026-02-09 07:15, 2026-02-09 11:15, 2026-02-09 15:15, 2026-02-09 19:15, 2026-02-09 23:15, 2026-02-10 03:15, 2026-02-10 07:15, 2026-02-10 11:15, 2026-02-10 15:15, 2026-02-10 19:15, 2026-02-10 23:15
UCEPROTECT L1
213.209.159.158 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 16:45:00.426000
Was present on blacklist at: 2026-01-03 08:45, 2026-01-03 16:45, 2026-01-04 00:45, 2026-01-04 08:45, 2026-01-04 16:45, 2026-01-05 00:45, 2026-01-05 08:45, 2026-01-05 16:45, 2026-01-06 00:45, 2026-01-06 08:45, 2026-01-06 16:45, 2026-01-07 00:45, 2026-01-07 08:45, 2026-01-07 16:45, 2026-01-08 00:45, 2026-01-08 08:45, 2026-01-08 16:45, 2026-01-09 00:45, 2026-01-09 08:45, 2026-01-09 16:45, 2026-01-10 00:45, 2026-01-10 08:45, 2026-01-10 16:45, 2026-01-11 00:45, 2026-01-11 08:45, 2026-01-11 16:45, 2026-01-12 00:45, 2026-01-12 08:45, 2026-01-12 16:45, 2026-01-13 00:45, 2026-01-13 08:45, 2026-01-13 16:45, 2026-01-14 00:45, 2026-01-14 08:45, 2026-01-14 16:45, 2026-01-15 00:45, 2026-01-15 08:45, 2026-01-15 16:45, 2026-01-16 00:45, 2026-01-16 08:45, 2026-01-16 16:45, 2026-01-17 00:45, 2026-01-17 08:45, 2026-01-17 16:45, 2026-01-18 00:45, 2026-01-18 08:45, 2026-01-18 16:45, 2026-01-19 00:45, 2026-01-19 08:45, 2026-01-19 16:45, 2026-01-20 00:45, 2026-01-20 08:45, 2026-01-20 16:45, 2026-01-21 00:45, 2026-01-21 16:45, 2026-01-22 00:45, 2026-01-22 08:45, 2026-01-23 00:45, 2026-01-23 08:45, 2026-01-23 16:45, 2026-01-24 00:45, 2026-01-24 08:45, 2026-01-25 00:45, 2026-01-25 16:45, 2026-01-26 00:45, 2026-01-26 08:45, 2026-01-26 16:45, 2026-01-27 16:45, 2026-01-28 00:45, 2026-01-28 08:45, 2026-01-29 00:45, 2026-01-30 08:45, 2026-01-31 00:45, 2026-01-31 08:45, 2026-01-31 16:45, 2026-02-03 00:45, 2026-02-03 08:45, 2026-02-05 00:45, 2026-02-06 08:45, 2026-02-07 16:45, 2026-02-08 08:45, 2026-02-08 16:45, 2026-02-10 00:45, 2026-02-10 08:45, 2026-02-10 16:45
DataPlane SSH login
213.209.159.158 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 07:10:02.486000
Was present on blacklist at: 2026-01-03 15:10, 2026-01-03 19:10, 2026-01-04 03:10, 2026-01-04 07:10, 2026-01-04 15:10, 2026-01-04 19:10, 2026-01-05 03:10, 2026-01-05 07:10, 2026-01-05 15:10, 2026-01-06 03:10, 2026-01-06 15:10, 2026-01-06 19:10, 2026-01-06 23:10, 2026-01-07 03:10, 2026-01-07 07:10, 2026-01-07 11:10, 2026-01-07 15:10, 2026-01-07 19:10, 2026-01-07 23:10, 2026-01-08 03:10, 2026-01-08 07:10, 2026-01-08 11:10, 2026-01-08 15:10, 2026-01-08 19:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-12 07:10, 2026-01-12 15:10, 2026-01-12 19:10, 2026-01-13 03:10, 2026-01-13 07:10, 2026-01-13 15:10, 2026-01-13 19:10, 2026-01-14 03:10, 2026-01-14 15:10, 2026-01-14 19:10, 2026-01-15 03:10, 2026-01-15 07:10, 2026-01-15 15:10, 2026-01-15 19:10, 2026-01-16 03:10, 2026-01-16 07:10, 2026-01-16 15:10, 2026-01-16 19:10, 2026-01-17 03:10, 2026-01-17 07:10, 2026-01-17 15:10, 2026-01-17 19:10, 2026-01-18 03:10, 2026-01-18 07:10, 2026-01-18 15:10, 2026-01-18 19:10, 2026-01-19 03:10, 2026-01-19 07:10, 2026-01-19 15:10, 2026-01-19 19:10, 2026-01-20 03:10, 2026-01-20 07:10, 2026-01-20 19:10, 2026-01-21 03:10, 2026-01-21 07:10, 2026-01-21 15:10, 2026-01-21 19:10, 2026-01-22 03:10, 2026-01-22 07:10, 2026-01-22 15:10, 2026-01-22 19:10, 2026-01-23 03:10, 2026-01-23 07:10, 2026-01-23 15:10, 2026-01-23 19:10, 2026-01-24 03:10, 2026-01-24 07:10, 2026-01-24 15:10, 2026-01-24 19:10, 2026-01-25 07:10, 2026-01-25 15:10, 2026-01-26 07:10, 2026-01-26 15:10, 2026-01-26 19:10, 2026-01-27 03:10, 2026-01-27 07:10, 2026-01-27 15:10, 2026-01-27 19:10, 2026-01-28 03:10, 2026-01-28 07:10, 2026-01-28 15:10, 2026-01-28 19:10, 2026-01-29 03:10, 2026-01-29 07:10, 2026-01-29 19:10, 2026-01-30 03:10, 2026-01-30 07:10, 2026-01-30 15:10, 2026-01-30 19:10, 2026-01-31 03:10, 2026-01-31 07:10, 2026-01-31 15:10, 2026-01-31 19:10, 2026-02-01 03:10, 2026-02-01 07:10, 2026-02-01 15:10, 2026-02-01 19:10, 2026-02-02 03:10, 2026-02-02 07:10, 2026-02-02 15:10, 2026-02-02 19:10, 2026-02-03 03:10, 2026-02-03 07:10, 2026-02-03 15:10, 2026-02-03 19:10, 2026-02-04 03:10, 2026-02-04 07:10, 2026-02-04 15:10, 2026-02-05 03:10, 2026-02-05 15:10, 2026-02-05 19:10, 2026-02-06 03:10, 2026-02-06 07:10, 2026-02-06 15:10, 2026-02-07 03:10, 2026-02-07 07:10, 2026-02-07 15:10, 2026-02-07 19:10, 2026-02-08 03:10, 2026-02-08 07:10, 2026-02-08 15:10, 2026-02-08 19:10, 2026-02-09 03:10, 2026-02-09 07:10, 2026-02-09 15:10, 2026-02-09 19:10, 2026-02-10 03:10, 2026-02-10 07:10
BruteForceBlocker
213.209.159.158 is listed on the BruteForceBlocker blacklist.

Description: Daniel Gerzo's BruteForceBlocker. The list is made by perl script,<br>that works along with pf - OpenBSD's firewall and it's main<br>purpose is to block SSH bruteforce attacks via firewall.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-09 03:52:00.227000
Was present on blacklist at: 2026-01-04 03:52, 2026-01-05 03:52, 2026-01-06 03:52, 2026-01-07 03:52, 2026-01-08 03:52, 2026-01-09 03:52, 2026-01-10 03:52, 2026-01-11 03:52, 2026-01-12 03:52, 2026-01-13 03:52, 2026-01-14 03:52, 2026-01-15 03:52, 2026-01-16 03:52, 2026-01-17 03:52, 2026-01-18 03:52, 2026-01-19 03:52, 2026-01-20 03:52, 2026-01-21 03:52, 2026-01-22 03:52, 2026-01-23 03:52, 2026-01-24 03:52, 2026-01-25 03:52, 2026-01-26 03:52, 2026-01-27 03:52, 2026-01-28 03:52, 2026-01-29 03:52, 2026-01-30 03:52, 2026-01-31 03:52, 2026-02-01 03:52, 2026-02-02 03:52, 2026-02-03 03:52, 2026-02-04 03:52, 2026-02-05 03:52, 2026-02-06 03:52, 2026-02-07 03:52, 2026-02-08 03:52, 2026-02-09 03:52
blocklist.de web-login
213.209.159.158 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 17:05:00.227000
Was present on blacklist at: 2026-01-04 17:05, 2026-01-05 23:05, 2026-01-06 11:05, 2026-01-06 17:05, 2026-01-07 23:05, 2026-01-08 05:05, 2026-01-09 17:05, 2026-01-09 23:05, 2026-01-11 05:05, 2026-01-11 11:05, 2026-01-11 17:05, 2026-01-12 05:05, 2026-01-12 17:05, 2026-01-12 23:05, 2026-01-13 05:05, 2026-01-13 11:05, 2026-01-13 17:05, 2026-01-19 05:05, 2026-01-19 17:05, 2026-01-20 17:05, 2026-01-20 23:05, 2026-01-25 17:05, 2026-01-27 05:05, 2026-01-27 11:05, 2026-01-27 17:05, 2026-01-30 05:05, 2026-01-30 11:05, 2026-01-30 17:05, 2026-01-30 23:05, 2026-02-01 05:05, 2026-02-01 11:05, 2026-02-01 17:05, 2026-02-03 05:05, 2026-02-03 11:05, 2026-02-04 17:05, 2026-02-05 05:05, 2026-02-05 17:05, 2026-02-06 17:05, 2026-02-08 17:05, 2026-02-09 23:05, 2026-02-10 05:05, 2026-02-10 17:05
blocklist.de Apache
213.209.159.158 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 17:05:00.422000
Was present on blacklist at: 2026-01-04 17:05, 2026-01-05 23:05, 2026-01-06 11:05, 2026-01-06 17:05, 2026-01-07 23:05, 2026-01-08 05:05, 2026-01-09 17:05, 2026-01-09 23:05, 2026-01-11 05:05, 2026-01-11 11:05, 2026-01-11 17:05, 2026-01-12 05:05, 2026-01-12 17:05, 2026-01-12 23:05, 2026-01-13 05:05, 2026-01-13 11:05, 2026-01-13 17:05, 2026-01-19 05:05, 2026-01-19 17:05, 2026-01-20 17:05, 2026-01-20 23:05, 2026-01-25 17:05, 2026-01-27 05:05, 2026-01-27 11:05, 2026-01-27 17:05, 2026-01-30 05:05, 2026-01-30 11:05, 2026-01-30 17:05, 2026-01-30 23:05, 2026-02-01 05:05, 2026-02-01 11:05, 2026-02-01 17:05, 2026-02-03 05:05, 2026-02-03 11:05, 2026-02-04 17:05, 2026-02-05 05:05, 2026-02-05 17:05, 2026-02-06 17:05, 2026-02-08 17:05, 2026-02-09 23:05, 2026-02-10 05:05, 2026-02-10 17:05
Spamhaus XBL CBL
213.209.159.158 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-02-09 18:58:10.164000
Was present on blacklist at: 2026-01-05 18:58, 2026-01-12 18:58, 2026-01-19 18:58, 2026-01-26 18:58, 2026-02-02 18:58, 2026-02-09 18:58
DataPlane SSH conn
213.209.159.158 is listed on the DataPlane SSH conn blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IP addresses that<br>has been seen initiating an unsolicited SSH connection to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-10 23:10:06.312000
Was present on blacklist at: 2026-01-06 11:10, 2026-01-06 15:10, 2026-01-06 19:10, 2026-01-06 23:10, 2026-01-07 03:10, 2026-01-07 07:10, 2026-01-07 11:10, 2026-01-07 15:10, 2026-01-07 19:10, 2026-01-07 23:10, 2026-01-08 03:10, 2026-01-08 07:10, 2026-01-08 11:10, 2026-01-08 15:10, 2026-01-08 19:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-12 03:10, 2026-01-12 07:10, 2026-01-12 15:10, 2026-01-12 19:10, 2026-01-13 03:10, 2026-01-13 07:10, 2026-01-13 15:10, 2026-01-13 19:10, 2026-01-14 03:10, 2026-01-14 07:10, 2026-01-14 15:10, 2026-01-14 19:10, 2026-01-15 03:10, 2026-01-15 07:10, 2026-01-15 15:10, 2026-01-15 19:10, 2026-01-16 03:10, 2026-01-16 07:10, 2026-01-16 15:10, 2026-01-16 19:10, 2026-01-17 03:10, 2026-01-17 07:10, 2026-01-17 15:10, 2026-01-17 19:10, 2026-01-18 03:10, 2026-01-18 07:10, 2026-01-18 15:10, 2026-01-18 19:10, 2026-01-19 03:10, 2026-01-19 07:10, 2026-01-19 15:10, 2026-01-19 19:10, 2026-01-20 03:10, 2026-01-20 07:10, 2026-01-20 15:10, 2026-01-20 19:10, 2026-01-21 03:10, 2026-01-21 07:10, 2026-01-21 15:10, 2026-01-21 19:10, 2026-01-22 03:10, 2026-01-22 07:10, 2026-01-22 15:10, 2026-01-22 19:10, 2026-01-23 03:10, 2026-01-23 07:10, 2026-01-23 15:10, 2026-01-23 19:10, 2026-01-24 03:10, 2026-01-24 07:10, 2026-01-24 15:10, 2026-01-24 19:10, 2026-01-25 03:10, 2026-01-25 07:10, 2026-01-25 15:10, 2026-01-25 19:10, 2026-01-26 03:10, 2026-01-26 07:10, 2026-01-26 15:10, 2026-01-26 19:10, 2026-01-27 03:10, 2026-01-27 07:10, 2026-01-27 15:10, 2026-01-27 19:10, 2026-01-28 03:10, 2026-01-28 07:10, 2026-01-28 15:10, 2026-01-28 19:10, 2026-01-29 03:10, 2026-01-29 07:10, 2026-01-29 15:10, 2026-01-29 19:10, 2026-01-30 03:10, 2026-01-30 07:10, 2026-01-30 15:10, 2026-01-30 19:10, 2026-01-31 03:10, 2026-01-31 07:10, 2026-01-31 15:10, 2026-01-31 19:10, 2026-02-01 03:10, 2026-02-01 07:10, 2026-02-01 15:10, 2026-02-01 19:10, 2026-02-02 03:10, 2026-02-02 07:10, 2026-02-02 15:10, 2026-02-02 19:10, 2026-02-03 03:10, 2026-02-03 07:10, 2026-02-03 15:10, 2026-02-03 19:10, 2026-02-04 03:10, 2026-02-04 07:10, 2026-02-04 15:10, 2026-02-04 19:10, 2026-02-05 03:10, 2026-02-05 07:10, 2026-02-05 11:10, 2026-02-05 15:10, 2026-02-05 19:10, 2026-02-05 23:10, 2026-02-06 03:10, 2026-02-06 07:10, 2026-02-06 11:10, 2026-02-06 15:10, 2026-02-06 19:10, 2026-02-06 23:10, 2026-02-07 03:10, 2026-02-07 07:10, 2026-02-07 11:10, 2026-02-07 15:10, 2026-02-07 19:10, 2026-02-07 23:10, 2026-02-08 03:10, 2026-02-08 07:10, 2026-02-08 11:10, 2026-02-08 15:10, 2026-02-08 19:10, 2026-02-08 23:10, 2026-02-09 03:10, 2026-02-09 07:10, 2026-02-09 11:10, 2026-02-09 15:10, 2026-02-09 19:10, 2026-02-09 23:10, 2026-02-10 03:10, 2026-02-10 07:10, 2026-02-10 11:10, 2026-02-10 15:10, 2026-02-10 19:10, 2026-02-10 23:10
FireHOL anonymizers
213.209.159.158 is listed on the FireHOL anonymizers blacklist.

Description: List of anonymizing IPs, aggregated from multiple lists by FireHOL.
Type of feed: secondary (feed detail page)

Last checked at: 2026-02-10 18:05:12
Was present on blacklist at: 2026-01-07 12:05, 2026-01-08 18:05, 2026-01-09 18:05, 2026-01-10 18:05, 2026-01-11 18:05, 2026-01-12 18:05, 2026-01-13 18:05, 2026-01-14 18:05, 2026-01-15 18:05, 2026-01-16 18:05, 2026-01-17 18:05, 2026-01-18 18:05, 2026-01-19 18:05, 2026-01-20 18:05, 2026-01-21 18:05, 2026-01-22 18:05, 2026-01-23 18:05, 2026-01-24 18:05, 2026-01-25 18:05, 2026-01-26 18:05, 2026-01-27 18:05, 2026-01-28 18:05, 2026-01-29 18:05, 2026-01-30 18:05, 2026-01-31 18:05, 2026-02-01 18:05, 2026-02-02 18:05, 2026-02-03 18:05, 2026-02-04 18:05, 2026-02-05 18:05, 2026-02-06 18:05, 2026-02-07 18:05, 2026-02-08 18:05, 2026-02-09 18:05, 2026-02-10 18:05
Spamhaus SBL
213.209.159.158 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-02-09 18:58:10.164000
Was present on blacklist at: 2026-01-12 18:58, 2026-01-19 18:58, 2026-01-26 18:58, 2026-02-02 18:58, 2026-02-09 18:58
Spamhaus DROP
213.209.159.158 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-02-09 18:58:10.164000
Was present on blacklist at: 2026-01-12 18:58, 2026-01-19 18:58, 2026-01-26 18:58, 2026-02-02 18:58, 2026-02-09 18:58

Threat categories

TLRoleCategoryDetails
37 src login protocol: ssh
port: 22
25 src scan port: 22
Warden events (9336)
2026-02-11
AttemptLogin (node.368407): 1
2026-02-10
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
ReconScanning (node.9c1411): 3
AttemptLogin (node.368407): 208
AttemptLogin (node.b17ef8): 5
AttemptLogin (node.03e7a9): 20
AttemptLogin (node.7c8681): 5
2026-02-09
AttemptLogin (node.368407): 225
AttemptLogin (node.985fb4): 4
Malware (node.985fb4): 6
IntrusionUserCompromise (node.985fb4): 2
AttemptLogin (node.b17ef8): 5
IntrusionUserCompromise (node.b17ef8): 2
Malware (node.b17ef8): 6
ReconScanning (node.9c1411): 2
AttemptLogin (node.7c8681): 2
Malware (node.7c8681): 6
IntrusionUserCompromise (node.7c8681): 2
AttemptLogin (node.40929a): 1
2026-02-08
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 29
ReconScanning (node.9c1411): 2
AttemptLogin (node.368407): 59
AttemptLogin (node.40929a): 1
2026-02-07
AttemptLogin (node.368407): 225
AttemptLogin (node.7c8681): 4
AttemptLogin (node.b17ef8): 4
ReconScanning (node.9c1411): 2
AttemptLogin (node.4dc198): 4
AttemptLogin (node.40929a): 1
2026-02-06
AttemptLogin (node.368407): 89
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
ReconScanning (node.9c1411): 2
AttemptLogin (node.40929a): 1
2026-02-05
ReconScanning (node.4dc198): 2
ReconScanning (node.368407): 1
AttemptLogin (node.368407): 273
AttemptLogin (node.7c8681): 5
AttemptLogin (node.b17ef8): 5
AttemptLogin (node.70e749): 5
AttemptLogin (node.4dc198): 7
IntrusionUserCompromise (node.40929a): 2
2026-02-04
AttemptLogin (node.368407): 218
AttemptLogin (node.03e7a9): 15
AttemptLogin (node.b17ef8): 5
ReconScanning (node.9c1411): 1
AttemptLogin (node.985fb4): 5
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 28
ReconScanning (node.4dc198): 28
IntrusionUserCompromise (node.40929a): 2
2026-02-03
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
ReconScanning (node.9c1411): 2
AttemptLogin (node.03e7a9): 12
AttemptLogin (node.368407): 85
AttemptLogin (node.7c8681): 5
IntrusionUserCompromise (node.40929a): 2
2026-02-02
AttemptLogin (node.368407): 234
AttemptLogin (node.03e7a9): 25
AttemptLogin (node.b17ef8): 5
AttemptLogin (node.985fb4): 5
AttemptLogin (node.4dc198): 1
IntrusionUserCompromise (node.40929a): 2
AttemptLogin (node.40929a): 1
2026-02-01
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
AttemptLogin (node.368407): 54
AttemptLogin (node.03e7a9): 5
IntrusionUserCompromise (node.40929a): 2
AttemptLogin (node.40929a): 1
2026-01-31
AttemptLogin (node.368407): 257
AttemptLogin (node.eef996): 4
IntrusionUserCompromise (node.eef996): 2
AttemptLogin (node.985fb4): 4
IntrusionUserCompromise (node.985fb4): 2
AttemptLogin (node.03e7a9): 17
IntrusionUserCompromise (node.03e7a9): 10
AttemptLogin (node.4dc198): 6
AttemptLogin (node.b17ef8): 2
IntrusionUserCompromise (node.b17ef8): 2
AttemptLogin (node.40929a): 1
2026-01-30
AttemptLogin (node.368407): 34
ReconScanning (node.9c1411): 2
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
IntrusionUserCompromise (node.03e7a9): 2
AttemptLogin (node.03e7a9): 1
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 1
2026-01-29
AttemptLogin (node.368407): 269
AttemptLogin (node.03e7a9): 21
IntrusionUserCompromise (node.03e7a9): 12
AttemptLogin (node.eef996): 4
AttemptLogin (node.985fb4): 4
IntrusionUserCompromise (node.eef996): 2
IntrusionUserCompromise (node.985fb4): 2
ReconScanning (node.9c1411): 4
AttemptLogin (node.28c168): 3
IntrusionUserCompromise (node.28c168): 2
AttemptLogin (node.4dc198): 2
IntrusionUserCompromise (node.b17ef8): 2
AttemptLogin (node.b17ef8): 1
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 1
2026-01-28
AttemptLogin (node.368407): 232
ReconScanning (node.9c1411): 1
AttemptLogin (node.03e7a9): 14
AttemptLogin (node.eef996): 5
AttemptLogin (node.b17ef8): 4
AttemptLogin (node.985fb4): 5
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 29
IntrusionUserCompromise (node.40929a): 2
AttemptLogin (node.40929a): 1
2026-01-27
ReconScanning (node.9c1411): 4
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 29
AttemptLogin (node.368407): 82
IntrusionUserCompromise (node.40929a): 2
2026-01-26
AttemptLogin (node.368407): 241
AttemptLogin (node.eef996): 5
ReconScanning (node.9c1411): 6
IntrusionUserCompromise (node.40929a): 2
2026-01-25
ReconScanning (node.9c1411): 4
AttemptLogin (node.368407): 104
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 29
AttemptLogin (node.985fb4): 4
AttemptLogin (node.b17ef8): 4
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 2
2026-01-24
ReconScanning (node.4dc198): 26
ReconScanning (node.368407): 25
AnomalyTraffic (node.ffe95c): 1
AttemptLogin (node.368407): 229
AttemptLogin (node.985fb4): 4
IntrusionUserCompromise (node.985fb4): 2
AttemptLogin (node.eef996): 2
IntrusionUserCompromise (node.eef996): 2
AttemptLogin (node.b17ef8): 2
IntrusionUserCompromise (node.b17ef8): 2
AttemptLogin (node.4dc198): 6
ReconScanning (node.9c1411): 3
IntrusionUserCompromise (node.40929a): 1
AttemptLogin (node.40929a): 1
2026-01-23
AttemptLogin (node.368407): 267
AttemptLogin (node.985fb4): 4
AttemptLogin (node.b17ef8): 1
ReconScanning (node.9c1411): 2
AttemptLogin (node.eef996): 5
AnomalyTraffic (node.ffe95c): 1
ReconScanning (node.368407): 4
ReconScanning (node.4dc198): 4
IntrusionUserCompromise (node.40929a): 2
2026-01-22
AttemptLogin (node.368407): 124
AttemptLogin (node.eef996): 5
ReconScanning (node.9c1411): 2
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 28
ReconScanning (node.4dc198): 30
IntrusionUserCompromise (node.40929a): 2
2026-01-21
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 29
ReconScanning (node.9c1411): 4
AttemptLogin (node.368407): 232
AttemptLogin (node.b17ef8): 5
AttemptLogin (node.985fb4): 5
AttemptLogin (node.4dc198): 8
IntrusionUserCompromise (node.40929a): 2
2026-01-20
ReconScanning (node.9c1411): 2
AttemptLogin (node.368407): 224
AttemptLogin (node.b17ef8): 4
IntrusionUserCompromise (node.b17ef8): 2
AttemptLogin (node.eef996): 3
IntrusionUserCompromise (node.eef996): 2
AttemptLogin (node.40929a): 1
2026-01-19
AttemptLogin (node.368407): 139
ReconScanning (node.9c1411): 4
AttemptLogin (node.b17ef8): 3
IntrusionUserCompromise (node.b17ef8): 2
Malware (node.b17ef8): 6
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
AttemptLogin (node.985fb4): 2
IntrusionUserCompromise (node.985fb4): 2
AttemptLogin (node.40929a): 1
2026-01-18
AttemptLogin (node.368407): 224
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
ReconScanning (node.9c1411): 3
AttemptLogin (node.eef996): 3
IntrusionUserCompromise (node.eef996): 2
Malware (node.eef996): 6
AttemptLogin (node.985fb4): 4
Malware (node.985fb4): 6
IntrusionUserCompromise (node.985fb4): 2
AttemptLogin (node.4dc198): 7
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 2
2026-01-17
AttemptLogin (node.368407): 275
AttemptLogin (node.b17ef8): 5
AttemptLogin (node.985fb4): 4
ReconScanning (node.9c1411): 2
AttemptLogin (node.eef996): 5
IntrusionUserCompromise (node.40929a): 2
2026-01-16
AttemptLogin (node.368407): 223
ReconScanning (node.9c1411): 4
AttemptLogin (node.d2ecc6): 5
AttemptLogin (node.eef996): 5
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 2
2026-01-15
ReconScanning (node.9c1411): 4
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
AttemptLogin (node.368407): 80
AttemptLogin (node.985fb4): 4
AttemptLogin (node.b17ef8): 4
2026-01-14
AttemptLogin (node.368407): 212
ReconScanning (node.9c1411): 1
AttemptLogin (node.b17ef8): 4
IntrusionUserCompromise (node.b17ef8): 2
IntrusionUserCompromise (node.985fb4): 2
AttemptLogin (node.985fb4): 1
IntrusionUserCompromise (node.40929a): 2
AttemptLogin (node.40929a): 1
2026-01-13
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
ReconScanning (node.9c1411): 2
AttemptLogin (node.368407): 70
AttemptLogin (node.eef996): 2
IntrusionUserCompromise (node.eef996): 2
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 2
2026-01-12
AttemptLogin (node.368407): 249
AttemptLogin (node.eef996): 5
AttemptLogin (node.b17ef8): 5
AttemptLogin (node.985fb4): 5
IntrusionUserCompromise (node.40929a): 2
2026-01-11
AttemptLogin (node.368407): 113
AttemptLogin (node.985fb4): 5
ReconScanning (node.9c1411): 6
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 2
2026-01-10
ReconScanning (node.368407): 28
ReconScanning (node.4dc198): 29
AnomalyTraffic (node.ffe95c): 1
AttemptLogin (node.368407): 225
AttemptLogin (node.b17ef8): 4
AttemptLogin (node.eef996): 5
IntrusionUserCompromise (node.40929a): 1
AttemptLogin (node.40929a): 1
2026-01-09
AttemptLogin (node.368407): 82
AttemptLogin (node.985fb4): 2
IntrusionUserCompromise (node.985fb4): 2
ReconScanning (node.9c1411): 4
AnomalyTraffic (node.ffe95c): 1
ReconScanning (node.368407): 1
ReconScanning (node.4dc198): 1
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 1
2026-01-08
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
AttemptLogin (node.368407): 202
AttemptLogin (node.eef996): 3
IntrusionUserCompromise (node.eef996): 2
ReconScanning (node.9c1411): 5
AttemptLogin (node.b17ef8): 2
IntrusionUserCompromise (node.b17ef8): 2
IntrusionUserCompromise (node.40929a): 2
AttemptLogin (node.40929a): 1
2026-01-07
AttemptLogin (node.368407): 262
ReconScanning (node.9c1411): 4
AttemptLogin (node.eef996): 5
AttemptLogin (node.b17ef8): 5
AttemptLogin (node.985fb4): 5
IntrusionUserCompromise (node.40929a): 2
2026-01-06
AttemptLogin (node.368407): 55
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 29
IntrusionUserCompromise (node.40929a): 1
AttemptLogin (node.40929a): 1
2026-01-05
AttemptLogin (node.368407): 273
AttemptLogin (node.eef996): 2
IntrusionUserCompromise (node.eef996): 2
Malware (node.eef996): 3
AttemptLogin (node.b17ef8): 4
Malware (node.b17ef8): 6
IntrusionUserCompromise (node.b17ef8): 2
AttemptLogin (node.985fb4): 4
IntrusionUserCompromise (node.985fb4): 2
Malware (node.985fb4): 6
IntrusionUserCompromise (node.40929a): 2
2026-01-04
AttemptLogin (node.368407): 88
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 29
IntrusionUserCompromise (node.40929a): 2
AttemptLogin (node.40929a): 1
2026-01-03
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.368407): 29
ReconScanning (node.4dc198): 30
AttemptLogin (node.b17ef8): 4
AttemptLogin (node.368407): 235
IntrusionUserCompromise (node.b17ef8): 1
AttemptLogin (node.985fb4): 3
IntrusionUserCompromise (node.985fb4): 1
AttemptLogin (node.eef996): 4
IntrusionUserCompromise (node.eef996): 1
AttemptLogin (node.4dc198): 6
AttemptLogin (node.40929a): 1
IntrusionUserCompromise (node.40929a): 1
2025-12-30
ReconScanning (node.368407): 6
ReconScanning (node.4dc198): 6
AnomalyTraffic (node.ffe95c): 2
2025-12-29
AnomalyTraffic (node.ffe95c): 21
ReconScanning (node.4dc198): 54
ReconScanning (node.368407): 54
DShield reports (IP summary, reports)
2025-12-29
Number of reports: 1109
Distinct targets: 386
2025-12-30
Number of reports: 3876
Distinct targets: 107
2026-01-04
Number of reports: 2026
Distinct targets: 221
2026-01-05
Number of reports: 6357
Distinct targets: 108
2026-01-06
Number of reports: 1818
Distinct targets: 219
2026-01-08
Number of reports: 7095
Distinct targets: 224
2026-01-09
Number of reports: 1546
Distinct targets: 43
2026-01-10
Number of reports: 7906
Distinct targets: 217
2026-01-11
Number of reports: 7906
Distinct targets: 217
2026-01-12
Number of reports: 2998
Distinct targets: 217
2026-01-13
Number of reports: 2689
Distinct targets: 216
2026-01-14
Number of reports: 2689
Distinct targets: 216
2026-01-15
Number of reports: 6899
Distinct targets: 99
2026-01-16
Number of reports: 6299
Distinct targets: 218
2026-01-17
Number of reports: 6299
Distinct targets: 218
2026-01-18
Number of reports: 266
Distinct targets: 64
2026-01-19
Number of reports: 226
Distinct targets: 54
2026-01-20
Number of reports: 226
Distinct targets: 54
2026-01-21
Number of reports: 198
Distinct targets: 58
2026-01-22
Number of reports: 206
Distinct targets: 48
2026-01-23
Number of reports: 7306
Distinct targets: 127
2026-01-24
Number of reports: 7306
Distinct targets: 127
2026-01-25
Number of reports: 3358
Distinct targets: 222
2026-01-26
Number of reports: 3358
Distinct targets: 222
OTX pulses
[6983483fa3183c771502f691] 2026-02-04 13:23:11.129000 | SSH honeypot logs for 2026-02-04
Author name:jnazario
Pulse modified:2026-02-04 13:23:11.129000
Indicator created:2026-02-04 13:23:12
Indicator role:None
Indicator title:
Indicator expiration:2026-03-06 13:00:00
[69849986141a3ddd66e98d0d] 2026-02-05 13:22:14.649000 | SSH honeypot logs for 2026-02-05
Author name:jnazario
Pulse modified:2026-02-05 13:22:14.649000
Indicator created:2026-02-05 13:22:15
Indicator role:None
Indicator title:
Indicator expiration:2026-03-07 13:00:00
Origin AS
AS208137 - FPS12
BGP Prefix
213.209.159.0/24
geo
Germany
🕑 Europe/Berlin
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
213.209.128.0 - 213.209.159.255
last_activity
2026-02-11 00:02:48
last_warden_event
2026-02-11 00:02:48
rep
0.885435267857143
reserved_range
0
Shodan's InternetDB
Open ports: 22
Tags: scanner
CPEs: cpe:/a:openbsd:openssh:9.2p1, cpe:/o:debian:debian_linux, cpe:/o:linux:linux_kernel
ts_added
2025-12-29 18:58:08.964000
ts_last_update
2026-02-11 00:02:59.111000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses