IP address

Search at other sites:
.000195.211.191.212
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
Spamhaus SBL
195.211.191.212 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-04 21:57:30.186000
Was present on blacklist at: 2025-03-09 21:57, 2025-03-16 21:57, 2025-03-23 21:57, 2025-03-30 21:57, 2025-04-06 21:57, 2025-04-13 21:57, 2025-04-20 21:57, 2025-04-27 21:57, 2025-05-04 21:57
Spamhaus DROP
195.211.191.212 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-04 21:57:30.186000
Was present on blacklist at: 2025-03-09 21:57, 2025-03-16 21:57, 2025-03-23 21:57, 2025-03-30 21:57, 2025-04-06 21:57, 2025-04-13 21:57, 2025-04-20 21:57, 2025-04-27 21:57, 2025-05-04 21:57
UCEPROTECT L1
195.211.191.212 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-03-17 08:45:00.830000
Was present on blacklist at: 2025-03-10 16:45, 2025-03-11 00:45, 2025-03-11 08:45, 2025-03-11 16:45, 2025-03-12 00:45, 2025-03-12 08:45, 2025-03-12 16:45, 2025-03-13 00:45, 2025-03-13 08:45, 2025-03-13 16:45, 2025-03-14 00:45, 2025-03-14 08:45, 2025-03-14 16:45, 2025-03-15 00:45, 2025-03-15 08:45, 2025-03-15 16:45, 2025-03-16 00:45, 2025-03-16 08:45, 2025-03-16 16:45, 2025-03-17 00:45, 2025-03-17 08:45
blocklist.de SSH
195.211.191.212 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-02 16:05:00.366000
Was present on blacklist at: 2025-03-10 17:05, 2025-03-10 23:05, 2025-03-11 05:05, 2025-03-11 11:05, 2025-03-11 17:05, 2025-03-11 23:05, 2025-03-12 05:05, 2025-03-12 11:05, 2025-03-18 23:05, 2025-03-19 05:05, 2025-03-19 11:05, 2025-03-19 17:05, 2025-03-19 23:05, 2025-03-20 05:05, 2025-03-20 11:05, 2025-03-20 17:05, 2025-04-30 22:05, 2025-05-01 04:05, 2025-05-01 10:05, 2025-05-01 16:05, 2025-05-01 22:05, 2025-05-02 04:05, 2025-05-02 10:05, 2025-05-02 16:05
AbuseIPDB
195.211.191.212 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-09 04:00:00.604000
Was present on blacklist at: 2025-03-11 05:00, 2025-03-12 05:00, 2025-03-13 05:00, 2025-03-14 05:00, 2025-03-15 05:00, 2025-04-16 04:00, 2025-04-17 04:00, 2025-04-18 04:00, 2025-04-19 04:00, 2025-04-20 04:00, 2025-04-23 04:00, 2025-04-24 04:00, 2025-04-26 04:00, 2025-04-27 04:00, 2025-04-28 04:00, 2025-04-29 04:00, 2025-04-30 04:00, 2025-05-01 04:00, 2025-05-02 04:00, 2025-05-03 04:00, 2025-05-04 04:00, 2025-05-05 04:00, 2025-05-06 04:00, 2025-05-07 04:00, 2025-05-08 04:00, 2025-05-09 04:00
Turris greylist
195.211.191.212 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-04 21:15:00.216000
Was present on blacklist at: 2025-04-21 21:15, 2025-04-28 21:15, 2025-05-04 21:15
Warden events (60)
2025-03-14
ReconScanning (node.9c1411): 1
2025-03-10
ReconScanning (node.368407): 5
ReconScanning (node.4dc198): 5
2025-03-09
ReconScanning (node.368407): 25
ReconScanning (node.4dc198): 24
DShield reports (IP summary, reports)
2025-03-09
Number of reports: 376
Distinct targets: 259
2025-03-10
Number of reports: 384
Distinct targets: 205
2025-04-15
Number of reports: 82
Distinct targets: 82
2025-04-16
Number of reports: 702
Distinct targets: 415
2025-04-17
Number of reports: 850
Distinct targets: 380
2025-04-18
Number of reports: 1002
Distinct targets: 585
2025-04-19
Number of reports: 567
Distinct targets: 513
2025-04-20
Number of reports: 856
Distinct targets: 497
2025-04-22
Number of reports: 245
Distinct targets: 218
2025-04-23
Number of reports: 804
Distinct targets: 464
2025-04-24
Number of reports: 857
Distinct targets: 490
2025-04-25
Number of reports: 176
Distinct targets: 133
2025-04-26
Number of reports: 652
Distinct targets: 527
2025-04-27
Number of reports: 887
Distinct targets: 508
2025-04-28
Number of reports: 222
Distinct targets: 131
2025-04-29
Number of reports: 453
Distinct targets: 430
2025-04-30
Number of reports: 351
Distinct targets: 195
2025-05-01
Number of reports: 835
Distinct targets: 489
2025-05-02
Number of reports: 858
Distinct targets: 491
2025-05-03
Number of reports: 593
Distinct targets: 473
2025-05-04
Number of reports: 544
Distinct targets: 494
2025-05-05
Number of reports: 921
Distinct targets: 512
2025-05-06
Number of reports: 224
Distinct targets: 134
2025-05-07
Number of reports: 865
Distinct targets: 499
2025-05-08
Number of reports: 564
Distinct targets: 461
OTX pulses
[67cede9a85af662116e9515c] 2025-03-10 12:44:09.986000 | SSH honeypot logs for 2025-03-10
Author name:jnazario
Pulse modified:2025-03-10 12:44:09.986000
Indicator created:2025-03-10 12:44:10
Indicator role:None
Indicator title:
Indicator expiration:2025-04-09 12:00:00
Origin AS
AS205463 - PEMBEGULISG
AS214940 - KPRONET
BGP Prefix
195.211.191.0/24
geo
Ukraine
🕑 Europe/Kyiv
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
195.211.188.0 - 195.211.191.255
last_activity
2025-03-14 17:47:56
last_warden_event
2025-03-14 17:47:56
rep
0.0
reserved_range
0
ts_added
2025-03-09 21:57:27.216000
ts_last_update
2025-05-09 05:01:01.940000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses