IP address

Search at other sites:
.3592.57.122.189
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
Spamhaus SBL
2.57.122.189 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-03-13 23:45:10.787000
Was present on blacklist at: 2026-03-13 23:45
Spamhaus DROP
2.57.122.189 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-03-13 23:45:10.787000
Was present on blacklist at: 2026-03-13 23:45
FireHOL anonymizers
2.57.122.189 is listed on the FireHOL anonymizers blacklist.

Description: List of anonymizing IPs, aggregated from multiple lists by FireHOL.
Type of feed: secondary (feed detail page)

Last checked at: 2026-03-16 00:05:11
Was present on blacklist at: 2026-03-14 00:05, 2026-03-15 00:05, 2026-03-16 00:05
AbuseIPDB
2.57.122.189 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-03-16 05:00:00.655000
Was present on blacklist at: 2026-03-14 05:00, 2026-03-15 05:00, 2026-03-16 05:00
blocklist.de SSH
2.57.122.189 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-16 17:05:00.478000
Was present on blacklist at: 2026-03-14 05:05, 2026-03-14 11:05, 2026-03-14 23:05, 2026-03-15 05:05, 2026-03-15 11:05, 2026-03-15 23:05, 2026-03-16 05:05, 2026-03-16 11:05, 2026-03-16 17:05
UCEPROTECT L1
2.57.122.189 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-16 16:45:00.740000
Was present on blacklist at: 2026-03-14 08:45, 2026-03-14 16:45, 2026-03-15 00:45, 2026-03-15 08:45, 2026-03-15 16:45, 2026-03-16 00:45, 2026-03-16 08:45, 2026-03-16 16:45

Threat categories

TLRoleCategoryDetails
73 src login protocol: ssh
57 src scan port: 22
46 src
Warden events (242)
2026-03-16
ReconScanning (node.9c1411): 64
AttemptLogin (node.d2ecc6): 1
AttemptLogin (node.e1f86c): 1
2026-03-15
ReconScanning (node.9c1411): 81
AttemptLogin (node.b17ef8): 1
AttemptLogin (node.c26a5f): 1
AttemptLogin (node.d2ecc6): 1
2026-03-14
ReconScanning (node.9c1411): 89
AttemptLogin (node.eef996): 1
AttemptLogin (node.03e7a9): 1
2026-03-13
ReconScanning (node.9c1411): 1
DShield reports (IP summary, reports)
2026-03-14
Number of reports: 271
Distinct targets: 26
2026-03-15
Number of reports: 177
Distinct targets: 21
Origin AS
AS48090 - PPTECHNOLOGY
AS47890 - UNMANAGED-DEDICATED-SERVERS
BGP Prefix
2.57.122.0/24
geo
Romania
🕑 Europe/Bucharest
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
2.57.120.0 - 2.57.123.255
last_activity
2026-03-16 20:43:24
last_warden_event
2026-03-16 20:43:24
rep
0.3589285714285715
reserved_range
0
ts_added
2026-03-13 23:45:07.221000
ts_last_update
2026-03-16 20:57:26.356000

Warden event timeline

DShield event timeline

Presence on blacklists