IP address

Passive DNS

Tags: Scanner

IP blacklists

CI Army

176.65.138.118 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-04-13 02:50:01.687000
Was present on blacklist at: 2025-01-28 03:50, 2025-01-29 03:50, 2025-01-31 03:50, 2025-02-05 03:50, 2025-02-06 03:50, 2025-02-07 03:50, 2025-02-08 03:50, 2025-02-09 03:50, 2025-02-10 03:50, 2025-02-11 03:50, 2025-02-12 03:50, 2025-02-13 03:50, 2025-02-14 03:50, 2025-02-15 03:50, 2025-02-16 03:50, 2025-02-17 03:50, 2025-02-18 03:50, 2025-02-19 03:50, 2025-02-20 03:50, 2025-02-21 03:50, 2025-02-22 03:50, 2025-03-04 03:50, 2025-03-05 03:50, 2025-03-06 03:50, 2025-03-07 03:50, 2025-03-08 03:50, 2025-03-09 03:50, 2025-03-10 03:50, 2025-03-12 03:50, 2025-03-13 03:50, 2025-03-14 03:50, 2025-03-27 03:50, 2025-03-28 03:50, 2025-03-29 03:50, 2025-03-31 02:50, 2025-04-01 02:50, 2025-04-02 02:50, 2025-04-03 02:50, 2025-04-04 02:50, 2025-04-06 02:50, 2025-04-07 02:50, 2025-04-08 02:50, 2025-04-09 02:50, 2025-04-10 02:50, 2025-04-11 02:50, 2025-04-12 02:50, 2025-04-13 02:50

AbuseIPDB

176.65.138.118 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-04-13 04:00:00.656000
Was present on blacklist at: 2025-01-28 05:00, 2025-02-05 05:00, 2025-02-06 05:00, 2025-02-07 05:00, 2025-02-08 05:00, 2025-02-09 05:00, 2025-02-10 05:00, 2025-02-11 05:00, 2025-02-12 05:00, 2025-02-13 05:00, 2025-02-14 05:00, 2025-02-17 05:00, 2025-02-18 05:00, 2025-02-19 05:00, 2025-03-05 05:00, 2025-03-07 05:00, 2025-03-08 05:00, 2025-03-09 05:00, 2025-03-10 05:00, 2025-03-12 05:00, 2025-03-22 05:00, 2025-03-25 05:00, 2025-03-27 05:00, 2025-03-31 04:00, 2025-04-01 04:00, 2025-04-02 04:00, 2025-04-03 04:00, 2025-04-04 04:00, 2025-04-06 04:00, 2025-04-07 04:00, 2025-04-08 04:00, 2025-04-09 04:00, 2025-04-10 04:00, 2025-04-11 04:00, 2025-04-12 04:00, 2025-04-13 04:00

Turris greylist

176.65.138.118 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-11 21:15:00.163000
Was present on blacklist at: 2025-02-08 22:15, 2025-02-10 22:15, 2025-02-12 22:15, 2025-02-15 22:15, 2025-03-28 22:15, 2025-03-29 22:15, 2025-04-03 21:15, 2025-04-05 21:15, 2025-04-11 21:15

UCEPROTECT L1

176.65.138.118 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-28 16:45:00.569000
Was present on blacklist at: 2025-02-17 00:45, 2025-02-17 08:45, 2025-02-17 16:45, 2025-02-18 00:45, 2025-02-18 08:45, 2025-02-18 16:45, 2025-02-19 00:45, 2025-02-19 08:45, 2025-02-19 16:45, 2025-02-20 00:45, 2025-02-20 08:45, 2025-02-20 16:45, 2025-02-21 00:45, 2025-02-21 08:45, 2025-02-21 16:45, 2025-02-22 00:45, 2025-02-22 08:45, 2025-02-22 16:45, 2025-02-23 00:45, 2025-02-23 08:45, 2025-02-23 16:45, 2025-02-24 00:45, 2025-02-24 08:45, 2025-02-24 16:45, 2025-03-22 00:45, 2025-03-22 08:45, 2025-03-22 16:45, 2025-03-23 00:45, 2025-03-23 08:45, 2025-03-23 16:45, 2025-03-24 00:45, 2025-03-24 08:45, 2025-03-24 16:45, 2025-03-25 00:45, 2025-03-25 08:45, 2025-03-25 16:45, 2025-03-26 00:45, 2025-03-26 08:45, 2025-03-26 16:45, 2025-03-27 00:45, 2025-03-27 08:45, 2025-03-27 16:45, 2025-03-28 00:45, 2025-03-28 08:45, 2025-03-28 16:45

Spamhaus SBL

176.65.138.118 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-04-14 09:47:20.167000
Was present on blacklist at: 2025-03-03 09:47, 2025-03-10 09:47, 2025-03-17 09:47, 2025-03-24 09:47, 2025-03-31 09:47, 2025-04-07 09:47, 2025-04-14 09:47

Spamhaus DROP

176.65.138.118 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-04-14 09:47:20.167000
Was present on blacklist at: 2025-03-03 09:47, 2025-03-10 09:47, 2025-03-17 09:47, 2025-03-24 09:47, 2025-03-31 09:47, 2025-04-07 09:47, 2025-04-14 09:47

Warden events (12836)

2025-04-12: ReconScanning (node.4dc198): 238; ReconScanning (node.368407): 228; ReconScanning (node.9c1411): 40
2025-04-11: ReconScanning (node.4dc198): 282; ReconScanning (node.368407): 272; ReconScanning (node.9c1411): 40
2025-04-10: ReconScanning (node.4dc198): 288; ReconScanning (node.368407): 268; ReconScanning (node.9c1411): 49; ReconScanning (node.5f02e7): 1
2025-04-09: ReconScanning (node.368407): 194; ReconScanning (node.4dc198): 201; ReconScanning (node.9c1411): 43
2025-04-08: ReconScanning (node.368407): 182; ReconScanning (node.4dc198): 191; ReconScanning (node.9c1411): 35
2025-04-07: ReconScanning (node.4dc198): 286; ReconScanning (node.368407): 281; ReconScanning (node.9c1411): 48
2025-04-06: ReconScanning (node.368407): 279; ReconScanning (node.4dc198): 285; ReconScanning (node.9c1411): 51
2025-04-05: ReconScanning (node.368407): 81; ReconScanning (node.4dc198): 84; ReconScanning (node.9c1411): 19
2025-04-04: ReconScanning (node.9c1411): 15
2025-04-03: ReconScanning (node.9c1411): 60
2025-04-02: ReconScanning (node.9c1411): 57
2025-04-01: ReconScanning (node.9c1411): 46; ReconScanning (node.5f02e7): 1
2025-03-31: ReconScanning (node.9c1411): 58
2025-03-30: ReconScanning (node.9c1411): 27
2025-03-29: ReconScanning (node.9c1411): 2
2025-03-28: ReconScanning (node.9c1411): 61
2025-03-27: ReconScanning (node.9c1411): 61
2025-03-26: ReconScanning (node.9c1411): 40
2025-03-25: ReconScanning (node.9c1411): 38
2025-03-24: AttemptLogin (node.d2ecc6): 1; ReconScanning (node.9c1411): 28
2025-03-23: ReconScanning (node.9c1411): 11
2025-03-22: ReconScanning (node.368407): 14; ReconScanning (node.4dc198): 34; ReconScanning (node.9c1411): 18
2025-03-21: ReconScanning (node.368407): 61; ReconScanning (node.4dc198): 178; ReconScanning (node.9c1411): 11; AttemptLogin (node.9c160c): 1; AttemptLogin (node.ee25b8): 1; AttemptLogin (node.e47683): 1
2025-03-16: ReconScanning (node.4dc198): 24; ReconScanning (node.368407): 3
2025-03-15: ReconScanning (node.4dc198): 277; ReconScanning (node.368407): 63
2025-03-14: ReconScanning (node.4dc198): 279; ReconScanning (node.368407): 45
2025-03-13: ReconScanning (node.4dc198): 241; ReconScanning (node.368407): 30
2025-03-12: ReconScanning (node.4dc198): 283; ReconScanning (node.368407): 34
2025-03-11: ReconScanning (node.4dc198): 287; ReconScanning (node.368407): 32
2025-03-10: ReconScanning (node.368407): 115; ReconScanning (node.4dc198): 284
2025-03-09: ReconScanning (node.368407): 175; ReconScanning (node.4dc198): 282
2025-03-08: ReconScanning (node.4dc198): 282; ReconScanning (node.368407): 160
2025-03-07: ReconScanning (node.368407): 94; ReconScanning (node.4dc198): 285
2025-03-06: ReconScanning (node.4dc198): 280; ReconScanning (node.368407): 82
2025-03-05: ReconScanning (node.4dc198): 289; ReconScanning (node.368407): 56
2025-03-04: ReconScanning (node.4dc198): 288; ReconScanning (node.368407): 68
2025-03-03: ReconScanning (node.4dc198): 179; ReconScanning (node.368407): 96
2025-02-19: ReconScanning (node.368407): 122; ReconScanning (node.4dc198): 126
2025-02-18: ReconScanning (node.368407): 282; ReconScanning (node.4dc198): 287
2025-02-17: ReconScanning (node.4dc198): 287; ReconScanning (node.368407): 242; ReconScanning (node.5f02e7): 1
2025-02-16: ReconScanning (node.368407): 109; ReconScanning (node.4dc198): 135
2025-02-13: ReconScanning (node.5f02e7): 1
2025-02-06: ReconScanning (node.368407): 84; ReconScanning (node.4dc198): 91
2025-02-05: ReconScanning (node.4dc198): 286; ReconScanning (node.368407): 274
2025-02-04: ReconScanning (node.368407): 191; ReconScanning (node.4dc198): 193
2025-01-28: ReconScanning (node.368407): 202; ReconScanning (node.4dc198): 205
2025-01-27: ReconScanning (node.4dc198): 160; ReconScanning (node.368407): 152; AnomalyTraffic (node.ffe95c): 2

DShield reports (IP summary, reports)

2025-01-27: Number of reports: 1100; Distinct targets: 739
2025-01-28: Number of reports: 1372; Distinct targets: 941
2025-02-04: Number of reports: 1164; Distinct targets: 809
2025-02-05: Number of reports: 1052; Distinct targets: 906
2025-02-06: Number of reports: 1407; Distinct targets: 962
2025-02-07: Number of reports: 1222; Distinct targets: 827
2025-02-08: Number of reports: 937; Distinct targets: 600
2025-02-09: Number of reports: 1090; Distinct targets: 694
2025-02-10: Number of reports: 1219; Distinct targets: 781
2025-02-11: Number of reports: 1357; Distinct targets: 901
2025-02-12: Number of reports: 1090; Distinct targets: 728
2025-02-13: Number of reports: 914; Distinct targets: 606
2025-02-14: Number of reports: 551; Distinct targets: 353
2025-02-16: Number of reports: 531; Distinct targets: 358
2025-02-17: Number of reports: 1035; Distinct targets: 688
2025-02-18: Number of reports: 1610; Distinct targets: 1069
2025-02-19: Number of reports: 682; Distinct targets: 419
2025-02-28: Number of reports: 695; Distinct targets: 348
2025-03-01: Number of reports: 285; Distinct targets: 285
2025-03-03: Number of reports: 444; Distinct targets: 299
2025-03-04: Number of reports: 673; Distinct targets: 441
2025-03-05: Number of reports: 639; Distinct targets: 419
2025-03-06: Number of reports: 514; Distinct targets: 316
2025-03-07: Number of reports: 536; Distinct targets: 350
2025-03-08: Number of reports: 587; Distinct targets: 377
2025-03-09: Number of reports: 571; Distinct targets: 391
2025-03-10: Number of reports: 371; Distinct targets: 234
2025-03-11: Number of reports: 272; Distinct targets: 184
2025-03-12: Number of reports: 298; Distinct targets: 191
2025-03-13: Number of reports: 296; Distinct targets: 185
2025-03-14: Number of reports: 281; Distinct targets: 188
2025-03-15: Number of reports: 181; Distinct targets: 162
2025-03-16: Number of reports: 24; Distinct targets: 17
2025-03-21: Number of reports: 262; Distinct targets: 231
2025-03-22: Number of reports: 101; Distinct targets: 63
2025-03-24: Number of reports: 1148; Distinct targets: 806
2025-03-25: Number of reports: 918; Distinct targets: 810
2025-03-26: Number of reports: 988; Distinct targets: 911
2025-03-27: Number of reports: 1486; Distinct targets: 1178
2025-03-28: Number of reports: 1518; Distinct targets: 1302
2025-03-29: Number of reports: 165; Distinct targets: 125
2025-03-30: Number of reports: 877; Distinct targets: 617
2025-03-31: Number of reports: 1476; Distinct targets: 1002
2025-04-01: Number of reports: 1448; Distinct targets: 927
2025-04-02: Number of reports: 1215; Distinct targets: 809
2025-04-03: Number of reports: 1330; Distinct targets: 886
2025-04-04: Number of reports: 320; Distinct targets: 235
2025-04-05: Number of reports: 376; Distinct targets: 254
2025-04-06: Number of reports: 1474; Distinct targets: 972
2025-04-07: Number of reports: 1585; Distinct targets: 1055
2025-04-08: Number of reports: 713; Distinct targets: 567
2025-04-09: Number of reports: 777; Distinct targets: 511
2025-04-10: Number of reports: 835; Distinct targets: 722
2025-04-11: Number of reports: 1248; Distinct targets: 819
2025-04-12: Number of reports: 1093; Distinct targets: 727

Origin AS
geo: Germany; 🕑 Europe/Berlin
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 176.65.128.0 - 176.65.159.255
last_activity: 2025-04-12 20:04:53
last_warden_event: 2025-04-12 20:04:53
rep: 0.2363095238095238
reserved_range: 0
Shodan's InternetDB: Open ports: 22, 4433, 8081; Tags: self-signed, scanner; CPEs: cpe:/a:openbsd:openssh:7.6p1, cpe:/o:canonical:ubuntu_linux
ts_added: 2025-01-27 09:47:16.428000
ts_last_update: 2025-04-19 09:47:20.152000

Warden event timeline

DShield event timeline

Presence on blacklists