IP address

Search at other sites:

.484160.191.171.42

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de SSH

160.191.171.42 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-13 11:05:05.248000
Was present on blacklist at: 2026-01-08 17:05, 2026-01-08 23:05, 2026-01-09 05:05, 2026-01-09 11:05, 2026-01-09 17:05, 2026-01-09 23:05, 2026-01-10 05:05, 2026-01-10 11:05, 2026-01-10 23:05, 2026-01-11 11:05, 2026-01-11 17:05, 2026-01-11 23:05, 2026-01-12 05:05, 2026-01-12 11:05, 2026-01-12 17:05, 2026-01-12 23:05, 2026-01-13 05:05, 2026-01-13 11:05

DataPlane SSH login

160.191.171.42 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-13 07:10:02.701000
Was present on blacklist at: 2026-01-08 19:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-12 07:10, 2026-01-12 15:10, 2026-01-12 19:10, 2026-01-13 03:10, 2026-01-13 07:10

DataPlane SSH conn

160.191.171.42 is listed on the DataPlane SSH conn blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IP addresses that<br>has been seen initiating an unsolicited SSH connection to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-13 07:10:01.941000
Was present on blacklist at: 2026-01-08 19:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-12 03:10, 2026-01-12 07:10, 2026-01-12 15:10, 2026-01-12 19:10, 2026-01-13 03:10, 2026-01-13 07:10

DataPlane TELNET login

160.191.171.42 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-13 11:10:05.731000
Was present on blacklist at: 2026-01-08 19:10, 2026-01-08 23:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 11:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-09 23:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 11:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-10 23:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 11:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-11 23:10, 2026-01-12 03:10, 2026-01-12 07:10, 2026-01-12 11:10, 2026-01-12 15:10, 2026-01-12 19:10, 2026-01-12 23:10, 2026-01-13 03:10, 2026-01-13 07:10, 2026-01-13 11:10

BruteForceBlocker

160.191.171.42 is listed on the BruteForceBlocker blacklist.

Description: Daniel Gerzo's BruteForceBlocker. The list is made by perl script,<br>that works along with pf - OpenBSD's firewall and it's main<br>purpose is to block SSH bruteforce attacks via firewall.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-13 03:52:00.250000
Was present on blacklist at: 2026-01-09 03:52, 2026-01-10 03:52, 2026-01-11 03:52, 2026-01-12 03:52, 2026-01-13 03:52

CI Army

160.191.171.42 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-01-13 03:50:00.936000
Was present on blacklist at: 2026-01-09 03:50, 2026-01-10 03:50, 2026-01-11 03:50, 2026-01-12 03:50, 2026-01-13 03:50

AbuseIPDB

160.191.171.42 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-01-12 05:00:00.762000
Was present on blacklist at: 2026-01-09 05:00, 2026-01-10 05:00, 2026-01-11 05:00, 2026-01-12 05:00

Turris greylist

160.191.171.42 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-12 22:15:00.170000
Was present on blacklist at: 2026-01-09 22:15, 2026-01-10 22:15, 2026-01-11 22:15, 2026-01-12 22:15

blocklist.de Apache

160.191.171.42 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-11 05:05:00.611000
Was present on blacklist at: 2026-01-10 17:05, 2026-01-11 05:05

blocklist.de web-login

160.191.171.42 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-11 05:05:00.474000
Was present on blacklist at: 2026-01-10 17:05, 2026-01-11 05:05

FireHOL anonymizers

160.191.171.42 is listed on the FireHOL anonymizers blacklist.

Description: List of anonymizing IPs, aggregated from multiple lists by FireHOL.
Type of feed: secondary (feed detail page)

Last checked at: 2026-01-12 12:05:09
Was present on blacklist at: 2026-01-11 12:05, 2026-01-12 12:05

Warden events (2137)

2026-01-13

ReconScanning (node.9c1411): 45

2026-01-12

ReconScanning (node.9c1411): 74

2026-01-11

ReconScanning (node.9c1411): 68

IntrusionUserCompromise (node.cfb4f7): 19

AttemptLogin (node.b17ef8): 1

AttemptLogin (node.40929a): 1

2026-01-10

IntrusionUserCompromise (node.cfb4f7): 348

AttemptLogin (node.00aee5): 2

ReconScanning (node.4dc198): 3

AttemptLogin (node.d2ecc6): 7

IntrusionUserCompromise (node.d2ecc6): 1

AttemptLogin (node.40929a): 1

2026-01-09

IntrusionUserCompromise (node.cfb4f7): 622

AttemptLogin (node.28c168): 4

IntrusionUserCompromise (node.28c168): 1

2026-01-08

ReconScanning (node.4dc198): 3

IntrusionUserCompromise (node.cfb4f7): 936

AttemptLogin (node.40929a): 1

DShield reports (IP summary, reports)

2026-01-08

Number of reports: 111

Distinct targets: 25

2026-01-09

Number of reports: 329

Distinct targets: 60

2026-01-10

Number of reports: 164

Distinct targets: 46

2026-01-11

Number of reports: 164

Distinct targets: 46

2026-01-12

Number of reports: 141

Distinct targets: 38

OTX pulses

[602bc528f447d628d41494f2] 2021-02-16 13:14:16.945000 | Ka's Honeypot visitors

Author name:	Kapppppa
Pulse modified:	2026-01-13 12:00:06.383000
Indicator created:	2026-01-11 09:03:25
Indicator role:	bruteforce
Indicator title:	Telnet Login attempt
Indicator expiration:	2026-02-10 09:00:00

Origin AS

AS153154 - IDNIC-SCU-AS-ID

BGP Prefix

160.191.171.0/24

geo

Indonesia

🕑 Asia/Jakarta

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

160.191.171.0 - 160.191.171.255

last_activity

2026-01-13 15:00:45

last_warden_event

2026-01-13 15:00:45

rep

0.4836309523809524

reserved_range

0

ts_added

2026-01-08 16:21:58.028000

ts_last_update

2026-01-13 15:02:55.370000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses