IP address

Search at other sites:

.000154.198.42.54

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de SSH

154.198.42.54 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-08-24 16:05:05.280000
Was present on blacklist at: 2025-08-22 22:05, 2025-08-23 04:05, 2025-08-23 10:05, 2025-08-23 16:05, 2025-08-23 22:05, 2025-08-24 04:05, 2025-08-24 10:05, 2025-08-24 16:05

Warden events (2)

2025-08-13

ReconScanning (node.4dc198): 1

2025-08-11

ReconScanning (node.368407): 1

OTX pulses

[689c84ae399aae4bdc7aab71] 2025-08-13 12:27:26.082000 | Redis honeypot logs for 2025-08-13

Author name:	jnazario
Pulse modified:	2025-08-13 12:27:26.082000
Indicator created:	2025-08-13 12:27:26
Indicator role:	None
Indicator title:
Indicator expiration:	2025-09-12 12:00:00

Origin AS

AS134365 - HKLNIL

BGP Prefix

154.198.42.0/24

geo

United States, San Jose

🕑 America/Los_Angeles

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

154.192.0.0 - 154.223.255.255

last_activity

2025-08-13 16:01:27.211000

last_warden_event

2025-08-13 07:49:59

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 21, 80, 111

Tags: starttls, self-signed

CPEs: cpe:/a:pureftpd:pure-ftpd, cpe:/a:f5:nginx

ts_added

2025-08-11 04:02:49.751000

ts_last_update

2025-08-31 04:02:50.154000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses