IP address

Search at other sites:

.543154.197.57.181

Shodan(more info)

Passive DNS

IP blacklists

CI Army

154.197.57.181 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-05-08 02:50:00.772000
Was present on blacklist at: 2026-05-02 02:50, 2026-05-03 02:50, 2026-05-04 02:50, 2026-05-05 02:50, 2026-05-06 02:50, 2026-05-07 02:50, 2026-05-08 02:50

AbuseIPDB

154.197.57.181 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-05-05 04:00:00.599000
Was present on blacklist at: 2026-05-03 04:00, 2026-05-05 04:00

Threat categories

TL	Role	Category	Details
69	src	scan	port: many
28	src	—

---

Warden events (629)

2026-05-08

ReconScanning (node.9c1411): 51

ReconScanning (node.ce2b59): 14

2026-05-07

ReconScanning (node.9c1411): 76

ReconScanning (node.ce2b59): 31

2026-05-06

ReconScanning (node.ce2b59): 32

ReconScanning (node.9c1411): 68

2026-05-05

ReconScanning (node.9c1411): 72

ReconScanning (node.ce2b59): 31

2026-05-04

ReconScanning (node.ce2b59): 39

ReconScanning (node.9c1411): 20

2026-05-03

ReconScanning (node.ce2b59): 49

2026-05-02

ReconScanning (node.ce2b59): 78

2026-05-01

ReconScanning (node.ce2b59): 68

DShield reports (IP summary, reports)

2026-05-02

Number of reports: 149

Distinct targets: 107

2026-05-03

Number of reports: 149

Distinct targets: 107

2026-05-04

Number of reports: 111

Distinct targets: 103

2026-05-05

Number of reports: 131

Distinct targets: 98

2026-05-06

Number of reports: 122

Distinct targets: 98

2026-05-07

Number of reports: 122

Distinct targets: 91

Origin AS

AS135377 - UHGL-AS-AP

BGP Prefix

154.197.57.0/24

geo

Seychelles

🕑 Indian/Mahe

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

154.192.0.0 - 154.223.255.255

last_activity

2026-05-08 17:18:12

last_warden_event

2026-05-08 17:18:12

rep

0.5428571428571428

reserved_range

0

Shodan's InternetDB

Open ports: 22, 666, 9100, 10001, 10015, 10024, 10026, 10027, 10028, 10037, 10042, 10068, 10082, 10083, 10089, 10093, 10134, 10181, 10197, 10225, 10240, 10243, 10250, 10254, 10256, 10283, 10390, 10443, 10810, 10894, 10909, 10911, 11007, 11084, 11112, 11180, 11210, 11211, 11371, 12105, 12106, 12107, 12111, 12112, 12118, 12119, 12122, 12124, 12125, 12126, 12133, 12137, 12145, 12151, 12156, 12162, 12176, 12178, 12184, 12185, 12187, 12198, 12208, 12216, 12225, 12227, 12230, 12247, 12255, 12256, 12258, 12259, 12260, 12261, 12262, 12280, 12295, 12296, 12329, 12330, 12339, 12341, 12346, 12351, 12356, 12367, 12370, 12375, 12390, 12406, 12410, 12413, 12415, 12430, 12433, 12435, 12446, 12447, 12455, 12462, 12467, 12472, 12480, 12488, 12509, 12524, 12530, 12532, 12533, 12541, 12543, 12550, 12553, 12554, 12556, 12565, 12572, 12575, 12580, 12586, 12902, 13228, 13443, 13610, 14101, 14344, 14403, 14443, 14684, 14873, 14894

Tags: –

CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.2p1

ts_added

2026-05-01 05:45:05.587000

ts_last_update

2026-05-08 17:20:20.578000

Warden event timeline

DShield event timeline

Presence on blacklists