IP address

Search at other sites:

.00162.3.168.202rhus-202.man.poznan.pl

Shodan(more info)

Passive DNS

IP blacklists

Echelon CMS enumeration

62.3.168.202 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:05:02.884000
Was present on blacklist at: 2026-05-05 09:05, 2026-05-06 09:05, 2026-05-07 09:05, 2026-05-08 09:05, 2026-05-09 09:05, 2026-05-10 09:05, 2026-05-11 09:05

Echelon admin panel hunt

62.3.168.202 is listed on the Echelon admin panel hunt blacklist.

Description: Scanning for administrative interfaces
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:05:02.842000
Was present on blacklist at: 2026-05-05 09:05, 2026-05-06 09:05, 2026-05-07 09:05, 2026-05-08 09:05, 2026-05-09 09:05, 2026-05-10 09:05, 2026-05-11 09:05

Echelon config file hunt

62.3.168.202 is listed on the Echelon config file hunt blacklist.

Description: Scanning for exposed configuration files
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:10:01.682000
Was present on blacklist at: 2026-05-05 09:10, 2026-05-06 09:10, 2026-05-07 09:10, 2026-05-08 09:10, 2026-05-10 09:10, 2026-05-11 09:10

Echelon directory traversal

62.3.168.202 is listed on the Echelon directory traversal blacklist.

Description: Path traversal attack attempting to access restricted files
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:15:01.634000
Was present on blacklist at: 2026-05-05 09:15, 2026-05-06 09:15, 2026-05-07 09:15, 2026-05-08 09:15, 2026-05-09 09:15, 2026-05-10 09:15, 2026-05-11 09:15

Echelon port scan

62.3.168.202 is listed on the Echelon port scan blacklist.

Description: Scanning 5+ ports on target host
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:25:02.484000
Was present on blacklist at: 2026-05-05 09:25, 2026-05-06 09:25, 2026-05-07 09:25, 2026-05-08 09:25, 2026-05-09 09:25, 2026-05-10 09:25, 2026-05-11 09:25

Echelon router exploit

62.3.168.202 is listed on the Echelon router exploit blacklist.

Description: Attempting router firmware exploits (Netgear, D-Link, etc.)
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:30:01.634000
Was present on blacklist at: 2026-05-05 09:30, 2026-05-06 09:30, 2026-05-07 09:30, 2026-05-08 09:30, 2026-05-09 09:30, 2026-05-10 09:30, 2026-05-11 09:30

Echelon SSH bruteforce

62.3.168.202 is listed on the Echelon SSH bruteforce blacklist.

Description: Multiple SSH authentication attempts detected
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:35:02.256000
Was present on blacklist at: 2026-05-05 09:35, 2026-05-07 09:35, 2026-05-08 09:35, 2026-05-09 09:35, 2026-05-10 09:35, 2026-05-11 09:35

Echelon SSH connection attempt

62.3.168.202 is listed on the Echelon SSH connection attempt blacklist.

Description: SSH connection attempt detected on port 22 or 2222
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:35:02.018000
Was present on blacklist at: 2026-05-05 09:35, 2026-05-07 09:35, 2026-05-08 09:35, 2026-05-09 09:35, 2026-05-10 09:35, 2026-05-11 09:35

Echelon TLS/SSL crawler

62.3.168.202 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:40:02.127000
Was present on blacklist at: 2026-05-05 09:40, 2026-05-07 09:40, 2026-05-08 09:40, 2026-05-09 09:40, 2026-05-10 09:40, 2026-05-11 09:40

Echelon web shell hunt

62.3.168.202 is listed on the Echelon web shell hunt blacklist.

Description: Scanning for web shells (WSO, c99, r57, etc.)
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:50:01.653000
Was present on blacklist at: 2026-05-05 09:50, 2026-05-07 09:50, 2026-05-08 09:50, 2026-05-09 09:50, 2026-05-10 09:50, 2026-05-11 09:50

Echelon web crawler

62.3.168.202 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-05-11 09:50:01.869000
Was present on blacklist at: 2026-05-05 09:50, 2026-05-07 09:50, 2026-05-08 09:50, 2026-05-09 09:50, 2026-05-10 09:50, 2026-05-11 09:50

Threat categories

TL	Role	Category	Details
49	src	scan
38	src	login	protocol: ssh port: 22, 2222
38	src	exploit	protocol: http

---

Warden events (2)

2026-05-04

AttemptLogin (node.c26a5f): 2

Origin AS

AS9112 - POZMAN

BGP Prefix

62.3.160.0/19

geo

Poland

🕑 Europe/Warsaw

hostname

rhus-202.man.poznan.pl

Address block ('inetnum' or 'NetRange' in whois database)

62.3.160.0 - 62.3.191.255

last_activity

2026-05-04 15:27:40.408000

last_warden_event

2026-05-04 15:27:40.408000

rep

0.000722187851234013

reserved_range

0

ts_added

2026-05-04 15:05:36.315000

ts_last_update

2026-05-16 15:05:40.136000

Warden event timeline

DShield event timeline

Presence on blacklists