IP address

Search at other sites:
.550221.159.184.218
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
blocklist.de SSH
221.159.184.218 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-28 23:05:05.303000
Was present on blacklist at: 2026-03-24 05:05, 2026-03-24 11:05, 2026-03-24 17:05, 2026-03-24 23:05, 2026-03-25 05:05, 2026-03-25 11:05, 2026-03-25 23:05, 2026-03-27 05:05, 2026-03-27 11:05, 2026-03-27 17:05, 2026-03-27 23:05, 2026-03-28 05:05, 2026-03-28 11:05, 2026-03-28 17:05, 2026-03-28 23:05
AbuseIPDB
221.159.184.218 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-07 04:00:00.628000
Was present on blacklist at: 2026-03-26 05:00, 2026-03-27 05:00, 2026-03-28 05:00, 2026-03-29 04:00, 2026-03-30 04:00, 2026-04-01 04:00, 2026-04-02 04:00, 2026-04-03 04:00, 2026-04-04 04:00, 2026-04-05 04:00, 2026-04-06 04:00, 2026-04-07 04:00

Threat categories

TLRoleCategoryDetails
71 src scan port: 22
50 src login protocol: ssh
25 src
Warden events (449)
2026-04-07
ReconScanning (node.ce2b59): 26
2026-04-06
ReconScanning (node.ce2b59): 31
ReconScanning (node.4dc198): 4
2026-04-05
ReconScanning (node.ce2b59): 31
2026-04-04
ReconScanning (node.ce2b59): 30
2026-04-03
ReconScanning (node.ce2b59): 31
2026-04-02
ReconScanning (node.ce2b59): 30
2026-04-01
ReconScanning (node.ce2b59): 32
2026-03-31
ReconScanning (node.ce2b59): 31
2026-03-30
ReconScanning (node.ce2b59): 31
2026-03-29
ReconScanning (node.ce2b59): 31
ReconScanning (node.4dc198): 2
2026-03-28
ReconScanning (node.ce2b59): 31
2026-03-27
ReconScanning (node.ce2b59): 32
2026-03-26
ReconScanning (node.ce2b59): 27
IntrusionUserCompromise (node.40929a): 7
2026-03-25
ReconScanning (node.ce2b59): 13
IntrusionUserCompromise (node.40929a): 9
2026-03-24
AttemptLogin (node.03e7a9): 1
IntrusionUserCompromise (node.03e7a9): 1
IntrusionUserCompromise (node.40929a): 9
2026-03-23
IntrusionUserCompromise (node.40929a): 9
DShield reports (IP summary, reports)
2026-03-27
Number of reports: 138
Distinct targets: 87
2026-03-28
Number of reports: 120
Distinct targets: 69
2026-03-29
Number of reports: 120
Distinct targets: 69
2026-03-30
Number of reports: 149
Distinct targets: 85
2026-03-31
Number of reports: 149
Distinct targets: 85
2026-04-01
Number of reports: 148
Distinct targets: 91
2026-04-02
Number of reports: 101
Distinct targets: 64
2026-04-03
Number of reports: 133
Distinct targets: 72
2026-04-04
Number of reports: 140
Distinct targets: 77
2026-04-05
Number of reports: 116
Distinct targets: 65
2026-04-06
Number of reports: 142
Distinct targets: 83
Origin AS
AS4766 - KIXS-AS-KR KIXS-AS-KR-KR
BGP Prefix
221.152.0.0/13
geo
South Korea, Iksan
🕑 Asia/Seoul
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
221.144.0.0 - 221.159.255.255
last_activity
2026-04-07 20:07:48
last_warden_event
2026-04-07 20:07:48
rep
0.55
reserved_range
0
Shodan's InternetDB
Open ports: 5555
Tags:
CPEs:
ts_added
2026-03-24 05:00:30.929000
ts_last_update
2026-04-07 20:10:34.183000

Warden event timeline

DShield event timeline

Presence on blacklists