IP address

Search at other sites:
.8008.213.212.153
Shodan(more info)
Passive DNS
Tags:
IP blacklists
DataPlane TELNET login
8.213.212.153 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-16 07:10:02.553000
Was present on blacklist at: 2025-11-20 15:10, 2025-11-20 19:10, 2025-11-20 23:10, 2025-11-21 03:10, 2025-11-21 07:10, 2025-11-21 11:10, 2025-11-21 15:10, 2025-11-21 19:10, 2025-11-21 23:10, 2025-11-22 03:10, 2025-11-22 07:10, 2025-11-22 11:10, 2025-11-22 15:10, 2025-11-22 19:10, 2025-11-22 23:10, 2025-11-23 03:10, 2025-11-23 07:10, 2025-11-23 11:10, 2025-11-23 15:10, 2025-11-23 19:10, 2025-11-23 23:10, 2025-11-24 03:10, 2025-11-24 07:10, 2025-11-24 11:10, 2025-11-24 15:10, 2025-11-24 19:10, 2025-11-24 23:10, 2025-11-25 03:10, 2025-11-25 07:10, 2025-11-25 11:10, 2025-11-25 15:10, 2025-11-25 19:10, 2025-11-25 23:10, 2025-11-26 03:10, 2025-11-26 07:10, 2025-11-26 11:10, 2025-11-26 15:10, 2025-11-26 19:10, 2025-11-26 23:10, 2025-11-27 03:10, 2025-11-27 07:10, 2025-11-27 11:10, 2025-11-27 15:10, 2025-11-27 19:10, 2025-11-27 23:10, 2025-11-28 03:10, 2025-11-28 07:10, 2025-11-28 11:10, 2025-11-28 15:10, 2025-11-28 19:10, 2025-11-28 23:10, 2025-11-29 03:10, 2025-11-29 07:10, 2025-11-29 11:10, 2025-11-29 15:10, 2025-11-29 19:10, 2025-11-29 23:11, 2025-11-30 03:10, 2025-11-30 07:10, 2025-11-30 11:10, 2025-11-30 15:10, 2025-11-30 19:10, 2025-11-30 23:10, 2025-12-01 03:10, 2025-12-01 07:10, 2025-12-01 11:10, 2025-12-01 15:10, 2025-12-01 19:10, 2025-12-01 23:10, 2025-12-02 03:10, 2025-12-02 07:10, 2025-12-02 11:10, 2025-12-02 15:10, 2025-12-02 19:10, 2025-12-02 23:10, 2025-12-03 03:10, 2025-12-03 07:10, 2025-12-03 11:10, 2025-12-03 15:10, 2025-12-03 19:10, 2025-12-03 23:10, 2025-12-04 03:10, 2025-12-04 07:10, 2025-12-04 11:10, 2025-12-04 15:10, 2025-12-04 19:10, 2025-12-04 23:10, 2025-12-05 03:10, 2025-12-05 07:10, 2025-12-05 11:10, 2025-12-05 15:10, 2025-12-05 19:10, 2025-12-05 23:10, 2025-12-06 03:10, 2025-12-06 07:10, 2025-12-06 11:10, 2025-12-06 15:10, 2025-12-06 19:10, 2025-12-06 23:10, 2025-12-07 03:10, 2025-12-07 07:10, 2025-12-07 11:10, 2025-12-07 15:10, 2025-12-07 19:10, 2025-12-07 23:10, 2025-12-08 03:10, 2025-12-08 07:10, 2025-12-08 11:10, 2025-12-08 15:10, 2025-12-08 19:10, 2025-12-08 23:10, 2025-12-09 03:10, 2025-12-09 07:10, 2025-12-09 11:10, 2025-12-09 15:10, 2025-12-09 19:10, 2025-12-09 23:10, 2025-12-10 03:10, 2025-12-10 07:10, 2025-12-10 11:10, 2025-12-10 15:10, 2025-12-10 19:10, 2025-12-10 23:10, 2025-12-11 03:10, 2025-12-11 07:10, 2025-12-11 11:10, 2025-12-11 15:10, 2025-12-11 19:10, 2025-12-11 23:10, 2025-12-12 03:10, 2025-12-12 07:10, 2025-12-12 11:10, 2025-12-12 15:10, 2025-12-12 19:10, 2025-12-12 23:10, 2025-12-13 03:10, 2025-12-13 07:10, 2025-12-13 11:10, 2025-12-13 15:10, 2025-12-13 19:10, 2025-12-13 23:10, 2025-12-14 03:10, 2025-12-14 07:10, 2025-12-14 11:10, 2025-12-14 15:10, 2025-12-14 19:10, 2025-12-14 23:10, 2025-12-15 03:10, 2025-12-15 07:10, 2025-12-15 11:10, 2025-12-15 15:10, 2025-12-15 19:10, 2025-12-15 23:10, 2025-12-16 03:10, 2025-12-16 07:10
CI Army
8.213.212.153 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-12-16 03:50:00.961000
Was present on blacklist at: 2025-11-21 03:50, 2025-11-22 03:50, 2025-11-23 03:50, 2025-11-24 03:50, 2025-11-25 03:50, 2025-11-26 03:50, 2025-11-27 03:50, 2025-11-28 03:50, 2025-11-29 03:50, 2025-11-30 03:50, 2025-12-02 03:50, 2025-12-03 03:50, 2025-12-04 03:50, 2025-12-05 03:50, 2025-12-06 03:50, 2025-12-08 03:50, 2025-12-09 03:50, 2025-12-10 03:50, 2025-12-12 03:50, 2025-12-13 03:50, 2025-12-14 03:50, 2025-12-15 03:50, 2025-12-16 03:50
AbuseIPDB
8.213.212.153 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-12-14 05:00:00.671000
Was present on blacklist at: 2025-11-21 05:00, 2025-11-22 05:00, 2025-11-23 05:00, 2025-11-24 05:00, 2025-11-25 05:00, 2025-11-26 05:00, 2025-11-27 05:00, 2025-11-28 05:00, 2025-11-29 05:00, 2025-11-30 05:00, 2025-12-01 05:00, 2025-12-02 05:00, 2025-12-03 05:00, 2025-12-04 05:00, 2025-12-05 05:00, 2025-12-07 05:00, 2025-12-08 05:00, 2025-12-09 05:00, 2025-12-10 05:00, 2025-12-12 05:00, 2025-12-13 05:00, 2025-12-14 05:00
blocklist.de SSH
8.213.212.153 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-15 11:05:00.581000
Was present on blacklist at: 2025-11-21 11:05, 2025-11-21 17:05, 2025-11-21 23:05, 2025-11-22 05:05, 2025-11-22 11:05, 2025-11-22 23:05, 2025-11-23 05:05, 2025-11-27 11:05, 2025-11-27 17:05, 2025-11-27 23:05, 2025-11-28 05:05, 2025-11-28 11:05, 2025-11-28 17:05, 2025-11-28 23:05, 2025-11-29 05:05, 2025-11-29 11:05, 2025-11-29 17:05, 2025-11-29 23:05, 2025-11-30 05:05, 2025-11-30 11:05, 2025-11-30 17:05, 2025-11-30 23:05, 2025-12-01 05:05, 2025-12-01 11:05, 2025-12-01 17:05, 2025-12-01 23:05, 2025-12-02 05:05, 2025-12-02 11:05, 2025-12-02 17:05, 2025-12-02 23:05, 2025-12-03 05:05, 2025-12-03 11:05, 2025-12-07 17:05, 2025-12-07 23:05, 2025-12-08 05:05, 2025-12-08 11:05, 2025-12-08 17:05, 2025-12-08 23:05, 2025-12-09 05:05, 2025-12-09 11:05, 2025-12-09 23:05, 2025-12-10 05:05, 2025-12-10 11:05, 2025-12-10 17:05, 2025-12-10 23:05, 2025-12-11 05:05, 2025-12-11 11:05, 2025-12-11 17:05, 2025-12-11 23:05, 2025-12-12 05:05, 2025-12-12 11:05, 2025-12-12 17:05, 2025-12-12 23:05, 2025-12-13 05:05, 2025-12-13 11:05, 2025-12-13 17:05, 2025-12-13 23:05, 2025-12-14 05:05, 2025-12-14 11:05, 2025-12-14 17:05, 2025-12-14 23:05, 2025-12-15 05:05, 2025-12-15 11:05
Turris greylist
8.213.212.153 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-15 22:15:00.177000
Was present on blacklist at: 2025-11-21 22:15, 2025-11-22 22:15, 2025-11-23 22:15, 2025-11-24 22:15, 2025-11-25 22:15, 2025-11-26 22:15, 2025-11-27 22:15, 2025-11-28 22:15, 2025-11-29 22:15, 2025-11-30 22:15, 2025-12-01 22:15, 2025-12-02 22:15, 2025-12-03 22:15, 2025-12-04 22:15, 2025-12-05 22:15, 2025-12-06 22:15, 2025-12-07 22:15, 2025-12-08 22:15, 2025-12-09 22:15, 2025-12-10 22:15, 2025-12-11 22:15, 2025-12-12 22:15, 2025-12-13 22:15, 2025-12-14 22:15, 2025-12-15 22:15
UCEPROTECT L1
8.213.212.153 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-09 16:45:00.512000
Was present on blacklist at: 2025-11-26 08:45, 2025-11-26 16:45, 2025-11-27 00:45, 2025-11-27 08:45, 2025-11-27 16:45, 2025-11-28 00:45, 2025-11-28 08:45, 2025-11-28 16:45, 2025-11-29 00:45, 2025-11-29 08:45, 2025-11-29 16:45, 2025-11-30 00:45, 2025-11-30 08:45, 2025-11-30 16:45, 2025-12-01 00:45, 2025-12-01 08:45, 2025-12-01 16:45, 2025-12-02 00:45, 2025-12-02 08:45, 2025-12-02 16:45, 2025-12-03 00:45, 2025-12-03 08:45, 2025-12-03 16:45, 2025-12-04 00:45, 2025-12-04 08:45, 2025-12-04 16:45, 2025-12-05 00:45, 2025-12-05 08:45, 2025-12-05 16:45, 2025-12-06 00:45, 2025-12-06 08:45, 2025-12-06 16:45, 2025-12-07 00:45, 2025-12-07 08:45, 2025-12-07 16:45, 2025-12-08 00:45, 2025-12-08 08:45, 2025-12-08 16:45, 2025-12-09 00:45, 2025-12-09 08:45, 2025-12-09 16:45
blocklist.de FTP
8.213.212.153 is listed on the blocklist.de FTP blacklist.

Description: Blocklist.de feed is a free and voluntary service<br>provided by a Fraud/Abuse-specialist. IPs performing attacks<br>on the Service FTP.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-07 11:05:05.223000
Was present on blacklist at: 2025-12-07 11:05
DataPlane SSH login
8.213.212.153 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-16 07:10:06.329000
Was present on blacklist at: 2025-12-09 03:10, 2025-12-09 07:10, 2025-12-09 15:10, 2025-12-09 19:10, 2025-12-10 03:10, 2025-12-10 07:10, 2025-12-10 15:10, 2025-12-10 19:10, 2025-12-11 03:10, 2025-12-11 07:10, 2025-12-11 15:10, 2025-12-11 19:10, 2025-12-12 03:10, 2025-12-12 07:10, 2025-12-12 15:10, 2025-12-12 19:10, 2025-12-13 03:10, 2025-12-13 07:10, 2025-12-13 15:10, 2025-12-13 19:10, 2025-12-14 03:10, 2025-12-14 07:10, 2025-12-14 15:10, 2025-12-14 19:10, 2025-12-15 03:10, 2025-12-15 07:10, 2025-12-15 15:10, 2025-12-15 19:10, 2025-12-16 03:10, 2025-12-16 07:10
blocklist.de web-login
8.213.212.153 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-09 17:05:00.511000
Was present on blacklist at: 2025-12-09 17:05
blocklist.de Apache
8.213.212.153 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-09 17:05:00.607000
Was present on blacklist at: 2025-12-09 17:05
Warden events (271108)
2025-12-15
ReconScanning (node.9c1411): 44
2025-12-14
IntrusionUserCompromise (node.cfb4f7): 10195
ReconScanning (node.9c1411): 87
ReconScanning (node.4dc198): 6
2025-12-13
ReconScanning (node.9c1411): 77
IntrusionUserCompromise (node.cfb4f7): 3079
ReconScanning (node.4dc198): 10
2025-12-12
IntrusionUserCompromise (node.cfb4f7): 60568
ReconScanning (node.9c1411): 80
2025-12-11
ReconScanning (node.9c1411): 78
IntrusionUserCompromise (node.cfb4f7): 2589
2025-12-10
ReconScanning (node.9c1411): 86
IntrusionUserCompromise (node.cfb4f7): 28728
ReconScanning (node.4dc198): 8
2025-12-09
IntrusionUserCompromise (node.cfb4f7): 4084
ReconScanning (node.9c1411): 84
ReconScanning (node.4dc198): 49
2025-12-08
IntrusionUserCompromise (node.cfb4f7): 14249
ReconScanning (node.4dc198): 53
ReconScanning (node.9c1411): 78
2025-12-07
ReconScanning (node.9c1411): 83
IntrusionUserCompromise (node.cfb4f7): 3091
ReconScanning (node.4dc198): 31
2025-12-06
IntrusionUserCompromise (node.cfb4f7): 7993
ReconScanning (node.9c1411): 75
ReconScanning (node.4dc198): 34
2025-12-05
ReconScanning (node.9c1411): 76
IntrusionUserCompromise (node.cfb4f7): 7599
ReconScanning (node.4dc198): 20
2025-12-04
ReconScanning (node.9c1411): 73
IntrusionUserCompromise (node.cfb4f7): 18205
ReconScanning (node.4dc198): 4
2025-12-03
IntrusionUserCompromise (node.cfb4f7): 10022
ReconScanning (node.9c1411): 76
ReconScanning (node.4dc198): 119
2025-12-02
ReconScanning (node.4dc198): 51
IntrusionUserCompromise (node.cfb4f7): 18474
ReconScanning (node.9c1411): 82
2025-12-01
ReconScanning (node.9c1411): 72
ReconScanning (node.4dc198): 117
IntrusionUserCompromise (node.cfb4f7): 1860
2025-11-30
IntrusionUserCompromise (node.cfb4f7): 1021
ReconScanning (node.4dc198): 106
ReconScanning (node.9c1411): 56
2025-11-29
IntrusionUserCompromise (node.cfb4f7): 9227
ReconScanning (node.9c1411): 62
ReconScanning (node.4dc198): 22
2025-11-28
IntrusionUserCompromise (node.cfb4f7): 9567
ReconScanning (node.9c1411): 80
ReconScanning (node.4dc198): 1
2025-11-27
ReconScanning (node.9c1411): 85
IntrusionUserCompromise (node.cfb4f7): 978
2025-11-26
IntrusionUserCompromise (node.cfb4f7): 14152
ReconScanning (node.9c1411): 67
ReconScanning (node.4dc198): 12
2025-11-25
ReconScanning (node.4dc198): 88
ReconScanning (node.9c1411): 66
IntrusionUserCompromise (node.cfb4f7): 8646
2025-11-24
IntrusionUserCompromise (node.cfb4f7): 9384
ReconScanning (node.9c1411): 65
ReconScanning (node.4dc198): 165
2025-11-23
IntrusionUserCompromise (node.cfb4f7): 11709
ReconScanning (node.9c1411): 64
ReconScanning (node.4dc198): 25
2025-11-22
IntrusionUserCompromise (node.cfb4f7): 3286
ReconScanning (node.9c1411): 53
ReconScanning (node.4dc198): 21
2025-11-21
ReconScanning (node.368407): 6
IntrusionUserCompromise (node.cfb4f7): 7893
ReconScanning (node.9c1411): 10
2025-11-20
IntrusionUserCompromise (node.cfb4f7): 1797
ReconScanning (node.368407): 5
DShield reports (IP summary, reports)
2025-11-21
Number of reports: 400
Distinct targets: 76
2025-11-22
Number of reports: 488
Distinct targets: 148
2025-11-23
Number of reports: 554
Distinct targets: 111
2025-11-24
Number of reports: 994
Distinct targets: 157
2025-11-25
Number of reports: 994
Distinct targets: 157
2025-11-26
Number of reports: 845
Distinct targets: 65
2025-11-27
Number of reports: 296
Distinct targets: 51
2025-11-28
Number of reports: 537
Distinct targets: 129
2025-11-29
Number of reports: 537
Distinct targets: 129
2025-11-30
Number of reports: 620
Distinct targets: 156
2025-12-01
Number of reports: 530
Distinct targets: 155
2025-12-02
Number of reports: 530
Distinct targets: 155
2025-12-03
Number of reports: 1041
Distinct targets: 86
2025-12-04
Number of reports: 1166
Distinct targets: 143
2025-12-05
Number of reports: 386
Distinct targets: 131
2025-12-06
Number of reports: 250
Distinct targets: 66
2025-12-07
Number of reports: 250
Distinct targets: 66
2025-12-08
Number of reports: 997
Distinct targets: 169
2025-12-09
Number of reports: 521
Distinct targets: 117
2025-12-10
Number of reports: 606
Distinct targets: 93
2025-12-11
Number of reports: 410
Distinct targets: 125
2025-12-12
Number of reports: 410
Distinct targets: 125
2025-12-13
Number of reports: 545
Distinct targets: 163
2025-12-14
Number of reports: 432
Distinct targets: 94
OTX pulses
[602bc528f447d628d41494f2] 2021-02-16 13:14:16.945000 | Ka's Honeypot visitors
Author name:Kapppppa
Pulse modified:2025-12-16 07:55:03.932000
Indicator created:2025-12-13 03:10:50
Indicator role:bruteforce
Indicator title:Telnet Login attempt
Indicator expiration:2026-01-12 03:00:00
Origin AS
AS45102 - CNNIC-ALIBABA-CN-NET-AP
BGP Prefix
8.213.192.0/19
geo
Thailand, Bangkok
🕑 Asia/Bangkok
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
8.208.0.0 - 8.223.255.255
last_activity
2025-12-16 08:38:00.376000
last_warden_event
2025-12-15 13:16:26
rep
0.8
reserved_range
0
ts_added
2025-11-20 13:09:11.976000
ts_last_update
2025-12-16 08:38:00.383000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses