IP address

Search at other sites:

--58.249.159.158

Shodan(more info)

Passive DNS

IP blacklists

DataPlane SSH login

58.249.159.158 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-05 19:10:02.835000
Was present on blacklist at: 2025-11-26 15:10, 2025-11-26 19:10, 2025-11-27 03:10, 2025-11-27 07:10, 2025-11-27 15:10, 2025-11-27 19:10, 2025-11-28 03:10, 2025-11-28 07:10, 2025-11-28 15:10, 2025-11-28 19:10, 2025-11-29 03:10, 2025-11-29 07:10, 2025-11-29 15:10, 2025-11-29 19:10, 2025-11-30 03:10, 2025-11-30 07:10, 2025-11-30 15:10, 2025-11-30 19:10, 2025-12-01 03:10, 2025-12-01 07:10, 2025-12-01 15:10, 2025-12-01 19:10, 2025-12-02 03:10, 2025-12-02 07:10, 2025-12-02 15:10, 2025-12-02 19:10, 2025-12-03 03:10, 2025-12-03 07:10, 2025-12-03 15:10, 2025-12-03 19:10, 2025-12-04 03:10, 2025-12-04 07:10, 2025-12-04 15:10, 2025-12-04 19:10, 2025-12-05 03:10, 2025-12-05 07:10, 2025-12-05 15:10, 2025-12-05 19:10

AbuseIPDB

58.249.159.158 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-11-29 05:00:00.723000
Was present on blacklist at: 2025-11-28 05:00, 2025-11-29 05:00

CI Army

58.249.159.158 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-11-29 03:50:00.960000
Was present on blacklist at: 2025-11-29 03:50

Spamhaus XBL CBL

58.249.159.158 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-03 15:18:02.553000
Was present on blacklist at: 2025-12-03 15:18

DShield reports (IP summary, reports)

2025-11-26

Number of reports: 39

Distinct targets: 10

2025-11-27

Number of reports: 28

Distinct targets: 6

2025-11-28

Number of reports: 16

Distinct targets: 4

2025-11-29

Number of reports: 16

Distinct targets: 4

Origin AS

AS17622 - CNCGROUP-GZ

BGP Prefix

58.249.128.0/19

geo

China

🕑 Asia/Shanghai

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

58.248.0.0 - 58.255.255.255

reserved_range

0

ts_added

2025-11-26 15:17:58.018000

ts_last_update

2025-12-07 15:18:01.920000

Warden event timeline

DShield event timeline

Presence on blacklists