IP address

Search at other sites:
.27145.149.207.68srv.smtphost.cloud
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
Spamhaus XBL CBL
45.149.207.68 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2024-11-05 05:32:50.209000
Was present on blacklist at: 2024-10-29 05:32, 2024-11-05 05:32
Mirai tracker
45.149.207.68 is listed on the Mirai tracker blacklist.

Description: IPs scanning the internet in a specific way known to be used by Mirai malware and its variants.
Type of feed: primary (feed detail page)

Last checked at: 2024-11-03 00:40:01.179000
Was present on blacklist at: 2024-10-30 00:40, 2024-10-31 00:40, 2024-11-01 00:40, 2024-11-02 00:40, 2024-11-03 00:40
Turris greylist
45.149.207.68 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-11-04 22:15:00.245000
Was present on blacklist at: 2024-10-30 22:15, 2024-10-31 22:15, 2024-11-01 22:15, 2024-11-02 22:15, 2024-11-03 22:15, 2024-11-04 22:15
AbuseIPDB
45.149.207.68 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-11-01 05:00:00.724000
Was present on blacklist at: 2024-11-01 05:00
Warden events (197)
2024-11-03
ReconScanning (node.ce2b59): 21
2024-11-02
ReconScanning (node.ce2b59): 31
2024-11-01
ReconScanning (node.ce2b59): 31
2024-10-31
ReconScanning (node.ce2b59): 31
2024-10-30
ReconScanning (node.ce2b59): 31
2024-10-29
ReconScanning (node.ce2b59): 52
DShield reports (IP summary, reports)
2024-10-29
Number of reports: 197
Distinct targets: 69
2024-10-30
Number of reports: 183
Distinct targets: 60
2024-10-31
Number of reports: 179
Distinct targets: 63
2024-11-01
Number of reports: 167
Distinct targets: 55
2024-11-02
Number of reports: 121
Distinct targets: 42
2024-11-03
Number of reports: 103
Distinct targets: 41
OTX pulses
[602bc528f447d628d41494f2] 2021-02-16 13:14:16.945000 | Ka's Honeypot visitors
Author name:Kapppppa
Pulse modified:2024-11-05 19:54:37.611000
Indicator created:2024-11-01 19:51:07
Indicator role:bruteforce
Indicator title:Telnet Login attempt
Indicator expiration:2024-12-01 19:00:00
Origin AS
AS51167 - CONTABO
BGP Prefix
45.149.206.0/23
geo
Germany, Karlsruhe
🕑 Europe/Berlin
hostname
srv.smtphost.cloud
Address block ('inetnum' or 'NetRange' in whois database)
45.149.204.0 - 45.149.207.255
last_activity
2024-11-05 20:40:47.181000
last_warden_event
2024-11-03 15:35:18
rep
0.2714285714285714
reserved_range
0
Shodan's InternetDB
Open ports: 21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 7080
Tags: starttls, self-signed
CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:pureftpd:pure-ftpd, cpe:/a:postfix:postfix, cpe:/a:openbsd:openssh:8.9p1
ts_added
2024-10-29 05:32:46.141000
ts_last_update
2024-11-05 20:40:47.192000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses