IP address
Tags:
IP in hostname
Scanner
- IP blacklists
Spamhaus PBL
188.149.153.37 is listed on the Spamhaus PBL blacklist.
Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed:
secondary (DNSBL) (
feed detail page)
Last checked at:
2026-03-26 06:54:30.268000
Was present on blacklist at:
2026-03-12 06:54,
2026-03-19 06:54,
2026-03-26 06:54
CI Army
188.149.153.37 is listed on the CI Army blacklist.
Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed:
primary (
feed detail page)
Last checked at:
2026-03-16 03:50:01.026000
Was present on blacklist at:
2026-03-14 03:50,
2026-03-15 03:50,
2026-03-16 03:50
AbuseIPDB
188.149.153.37 is listed on the AbuseIPDB blacklist.
Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed:
primary (
feed detail page)
Last checked at:
2026-03-18 05:00:00.760000
Was present on blacklist at:
2026-03-14 05:00,
2026-03-15 05:00,
2026-03-16 05:00,
2026-03-17 05:00,
2026-03-18 05:00
Echelon telnet bruteforce
188.149.153.37 is listed on the Echelon telnet bruteforce blacklist.
Description: Multiple telnet authentication attempts detected
Type of feed:
primary (
feed detail page)
Last checked at:
2026-03-19 10:45:00.347000
Was present on blacklist at:
2026-03-14 10:45,
2026-03-16 10:45,
2026-03-17 10:45,
2026-03-18 10:45,
2026-03-19 10:45
Threat categories
| TL | Role | Category | Details |
|---|
| 65 |
src |
scan |
port: 22, 23, 80, 443, 2222, 2375
|
| 31 |
src |
— |
|
| 25 |
src |
login |
protocol: telnet
|
- Warden events (174)
- 2026-03-16
-
-
ReconScanning (node.9c1411): 13
- 2026-03-15
-
-
ReconScanning (node.9c1411): 44
- 2026-03-14
-
-
ReconScanning (node.9c1411): 45
- 2026-03-13
-
-
ReconScanning (node.9c1411): 41
- 2026-03-12
-
-
ReconScanning (node.9c1411): 31
- DShield reports (IP summary, reports)
- 2026-03-12
- Number of reports: 16
- Distinct targets: 10
- 2026-03-13
- Number of reports: 16
- Distinct targets: 10
- 2026-03-14
- Number of reports: 40
- Distinct targets: 21
- 2026-03-15
- Number of reports: 10
- Distinct targets: 7
- Origin AS
- AS39651 - COMHEM-SWEDEN
- AS1257 - SWIPNET
- BGP Prefix
- 188.148.0.0/14
- geo
-
Sweden, Stockholm
- 🕑 Europe/Stockholm
- hostname
- c188-149-153-37.bredband.tele2.se
- hostname_class
- ['ip_in_hostname']
- Address block ('inetnum' or 'NetRange' in whois database)
- 188.148.0.0 - 188.149.255.255
- last_activity
- 2026-03-16 07:32:49
- last_warden_event
- 2026-03-16 07:32:49
- rep
- 0.04761672247023809
- reserved_range
- 0
- ts_added
- 2026-03-12 06:54:22.378000
- ts_last_update
- 2026-03-26 06:54:30.342000
Warden event timeline
DShield event timeline
Presence on blacklists
