IP address

Passive DNS

Tags:

IP blacklists

Spamhaus SBL CSS

217.216.64.26 is listed on the Spamhaus SBL CSS blacklist.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-11-13 03:51:00.226000
Was present on blacklist at: 2025-11-13 03:51

DataPlane TELNET login

217.216.64.26 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds, and measurement resource for operators, by operators. IPs trying an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-11-16 19:10:02.400000
Was present on blacklist at: 2025-11-13 07:10, 2025-11-13 11:10, 2025-11-13 15:10, 2025-11-13 19:10, 2025-11-13 23:10, 2025-11-14 03:10, 2025-11-14 07:10, 2025-11-14 11:10, 2025-11-14 15:10, 2025-11-14 19:10, 2025-11-14 23:10, 2025-11-15 03:10, 2025-11-15 07:10, 2025-11-15 11:10, 2025-11-15 15:10, 2025-11-15 19:10, 2025-11-15 23:10, 2025-11-16 03:10, 2025-11-16 07:10, 2025-11-16 11:10, 2025-11-16 15:10, 2025-11-16 19:10

blocklist.de SSH

217.216.64.26 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-11-15 11:05:05.325000
Was present on blacklist at: 2025-11-13 11:05, 2025-11-13 17:05, 2025-11-13 23:05, 2025-11-14 11:05, 2025-11-14 17:05, 2025-11-14 23:05, 2025-11-15 05:05, 2025-11-15 11:05

CI Army

217.216.64.26 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence database that provides scores for IPs. Source of unspecified malicious attacks most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-11-16 03:50:00.971000
Was present on blacklist at: 2025-11-14 03:50, 2025-11-15 03:50, 2025-11-16 03:50

AbuseIPDB

217.216.64.26 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc. Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-11-14 05:00:00.694000
Was present on blacklist at: 2025-11-14 05:00

Turris greylist

217.216.64.26 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC, which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-11-15 22:15:00.150000
Was present on blacklist at: 2025-11-14 22:15, 2025-11-15 22:15

Warden events (42092)

2025-11-14: IntrusionUserCompromise (node.cfb4f7): 8917
2025-11-13: IntrusionUserCompromise (node.cfb4f7): 33175

DShield reports (IP summary, reports)

2025-11-13: Number of reports: 497; Distinct targets: 55
2025-11-14: Number of reports: 22; Distinct targets: 7

Origin AS: AS40021 - CONTABO
BGP Prefix: 217.216.64.0/22
geo: Spain, Dos Hermanas; 🕑 Europe/Madrid
hostname: vmi2888491.contaboserver.net
Address block ('inetnum' or 'NetRange' in whois database): 217.216.0.0 - 217.217.255.255
last_activity: 2025-11-14 03:31:49
last_warden_event: 2025-11-14 03:31:49
rep: 0.10952380952380952
reserved_range: 0
ts_added: 2025-11-13 03:50:59.187000
ts_last_update: 2025-11-16 19:44:18.421000

Warden event timeline

DShield event timeline

Presence on blacklists