IP address

Search at other sites:
.055211.42.153.113
Shodan(more info)
Passive DNS
Tags: Login attempts
IP blacklists
CI Army
211.42.153.113 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-12-10 03:50:00.929000
Was present on blacklist at: 2025-10-11 02:50, 2025-10-12 02:50, 2025-10-14 02:50, 2025-10-15 02:50, 2025-11-02 03:50, 2025-11-03 03:50, 2025-12-08 03:50, 2025-12-09 03:50, 2025-12-10 03:50
Blocklist.net.ua
211.42.153.113 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks,<br>send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2025-11-29 03:15:01.350000
Was present on blacklist at: 2025-10-19 02:15, 2025-10-19 06:15, 2025-10-19 10:15, 2025-10-19 14:15, 2025-10-19 18:15, 2025-10-19 22:15, 2025-11-28 07:15, 2025-11-28 11:15, 2025-11-28 15:15, 2025-11-28 19:15, 2025-11-28 23:15, 2025-11-29 03:15
DataPlane SSH login
211.42.153.113 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-11-07 07:10:01.693000
Was present on blacklist at: 2025-10-31 15:10, 2025-10-31 19:10, 2025-11-01 07:10, 2025-11-01 15:10, 2025-11-01 19:10, 2025-11-02 03:10, 2025-11-02 07:10, 2025-11-02 15:10, 2025-11-02 19:10, 2025-11-03 03:10, 2025-11-03 07:10, 2025-11-03 15:10, 2025-11-03 19:10, 2025-11-04 03:10, 2025-11-04 07:10, 2025-11-04 15:10, 2025-11-04 19:10, 2025-11-05 03:10, 2025-11-05 07:10, 2025-11-05 15:10, 2025-11-05 19:10, 2025-11-06 03:10, 2025-11-06 07:10, 2025-11-06 15:10, 2025-11-06 19:10, 2025-11-07 03:10, 2025-11-07 07:10
blocklist.de SSH
211.42.153.113 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-11-05 17:05:05.295000
Was present on blacklist at: 2025-11-03 23:05, 2025-11-04 05:05, 2025-11-04 11:05, 2025-11-04 17:05, 2025-11-04 23:05, 2025-11-05 05:05, 2025-11-05 11:05, 2025-11-05 17:05
Warden events (1369)
2025-12-22
IntrusionUserCompromise (node.cfb4f7): 1
2025-12-13
IntrusionUserCompromise (node.40929a): 1
2025-12-12
IntrusionUserCompromise (node.40929a): 1
2025-12-04
AttemptLogin (node.368407): 186
2025-12-03
AttemptLogin (node.368407): 131
2025-11-30
IntrusionUserCompromise (node.cfb4f7): 1
2025-11-28
IntrusionUserCompromise (node.40929a): 9
2025-11-21
AttemptLogin (node.4dc198): 2
2025-11-18
AttemptLogin (node.7c0a3c): 118
2025-11-12
AttemptLogin (node.ce2b59): 1
2025-11-11
AttemptLogin (node.4dc198): 3
IntrusionUserCompromise (node.40929a): 9
2025-11-10
AttemptLogin (node.368407): 109
2025-11-09
AttemptLogin (node.368407): 218
2025-11-08
AttemptLogin (node.368407): 75
2025-11-07
AttemptLogin (node.368407): 170
2025-11-06
AttemptLogin (node.368407): 55
2025-10-31
AttemptLogin (node.4dc198): 10
2025-10-30
AttemptLogin (node.4dc198): 38
2025-10-24
AttemptLogin (node.368407): 9
2025-10-21
IntrusionUserCompromise (node.40929a): 9
2025-10-13
AttemptLogin (node.368407): 19
2025-10-05
AttemptLogin (node.4dc198): 137
2025-10-04
AttemptLogin (node.4dc198): 57
Origin AS
AS4766 - KIXS-AS-KR KIXS-AS-KR-KR
BGP Prefix
211.42.128.0/19
geo
South Korea
🕑 Asia/Seoul
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
211.42.128.0 - 211.42.159.255
last_activity
2025-12-22 04:21:39
last_warden_event
2025-12-22 04:21:39
rep
0.05476190476190476
reserved_range
0
Shodan's InternetDB
Open ports: 22, 3306
Tags: database
CPEs: cpe:/a:oracle:mysql:8.0.44-0ubuntu0.22.04.1, cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.9p1
ts_added
2025-10-05 03:56:08.332000
ts_last_update
2025-12-22 05:00:01.225000

Warden event timeline

DShield event timeline

Presence on blacklists