IP address
Tags:
IP in hostname
Login attempts
- IP blacklists
AbuseIPDB
107.174.242.20 is listed on the AbuseIPDB blacklist.
Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed:
primary (
feed detail page)
Last checked at:
2025-09-13 04:00:00.685000
Was present on blacklist at:
2025-09-10 04:00,
2025-09-11 04:00,
2025-09-12 04:00,
2025-09-13 04:00
blocklist.de SSH
107.174.242.20 is listed on the blocklist.de SSH blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed:
primary (
feed detail page)
Last checked at:
2025-09-15 10:05:05.236000
Was present on blacklist at:
2025-09-10 04:05,
2025-09-10 10:05,
2025-09-10 16:05,
2025-09-10 22:05,
2025-09-11 04:05,
2025-09-11 16:05,
2025-09-11 22:05,
2025-09-12 04:05,
2025-09-12 10:05,
2025-09-12 16:05,
2025-09-12 22:05,
2025-09-13 04:05,
2025-09-13 10:05,
2025-09-13 16:05,
2025-09-13 22:05,
2025-09-14 04:05,
2025-09-14 10:05,
2025-09-14 16:05,
2025-09-14 22:05,
2025-09-15 04:05,
2025-09-15 10:05
DataPlane SSH login
107.174.242.20 is listed on the DataPlane SSH login blacklist.
Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed:
primary (
feed detail page)
Last checked at:
2025-09-17 18:10:02.042000
Was present on blacklist at:
2025-09-11 02:10,
2025-09-11 06:10,
2025-09-11 14:10,
2025-09-11 18:10,
2025-09-12 02:10,
2025-09-12 06:10,
2025-09-12 14:10,
2025-09-13 02:10,
2025-09-13 06:10,
2025-09-13 14:10,
2025-09-13 18:10,
2025-09-14 02:10,
2025-09-14 06:10,
2025-09-14 14:10,
2025-09-14 18:10,
2025-09-15 02:10,
2025-09-15 06:10,
2025-09-15 14:10,
2025-09-15 18:10,
2025-09-16 02:10,
2025-09-16 06:10,
2025-09-16 14:10,
2025-09-16 18:10,
2025-09-17 02:10,
2025-09-17 06:10,
2025-09-17 14:10,
2025-09-17 18:10
blocklist.de SIP
107.174.242.20 is listed on the blocklist.de SIP blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IP addresses that tried to login in a SIP,<br>VOIP or Asterisk Server.
Type of feed:
primary (
feed detail page)
Last checked at:
2025-09-11 10:05:00.374000
Was present on blacklist at:
2025-09-11 10:05
- Warden events (10)
- 2025-09-12
-
-
AttemptLogin (node.ce2b59): 3
-
AttemptLogin (node.40929a): 1
-
IntrusionUserCompromise (node.40929a): 2
- 2025-09-10
-
-
AttemptLogin (node.ce2b59): 4
- DShield reports (IP summary, reports)
- 2025-09-10
- Number of reports: 764
- Distinct targets: 13
- 2025-09-11
- Number of reports: 712
- Distinct targets: 12
- 2025-09-12
- Number of reports: 855
- Distinct targets: 13
- 2025-09-13
- Number of reports: 267
- Distinct targets: 5
- Origin AS
- AS36352 - AS-COLOCROSSING
- BGP Prefix
- 107.174.240.0/22
- geo
-
United States, Seattle
- 🕑 America/Los_Angeles
- hostname
- 107-174-242-20-host.colocrossing.com
- hostname_class
- ['ip_in_hostname']
- Address block ('inetnum' or 'NetRange' in whois database)
- 107.172.0.0 - 107.175.255.255
- last_activity
- 2025-09-12 23:48:35.682000
- last_warden_event
- 2025-09-12 23:48:35.682000
- rep
- 0.08303571428571428
- reserved_range
- 0
- Shodan's InternetDB
- Open ports: 22, 80, 443, 631, 2000, 8091, 8096, 8097, 9200
- Tags: database, eol-product, compromised
- CPEs: cpe:/a:openbsd:openssh:9.8, cpe:/o:canonical:ubuntu_linux, cpe:/a:f5:nginx:1.18.0, cpe:/a:php:php:8.2.27, cpe:/o:linux:linux_kernel, cpe:/a:elastic:elasticsearch:7.16.3, cpe:/a:mariadb:mariadb:10.6.21-MariaDB-ubu2004
- ts_added
- 2025-09-10 01:50:38.028000
- ts_last_update
- 2025-09-18 01:50:40.533000
Warden event timeline
DShield event timeline
Presence on blacklists
