IP address

Search at other sites:

.01794.26.88.2929.88.26.94.tbc.bg

Shodan(more info)

Passive DNS

IP blacklists

UCEPROTECT L1

94.26.88.29 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-06-07 07:45:00.641000
Was present on blacklist at: 2026-05-27 15:45, 2026-05-27 23:45, 2026-05-28 07:45, 2026-05-28 15:45, 2026-05-28 23:45, 2026-05-29 15:45, 2026-05-29 23:45, 2026-05-30 07:45, 2026-05-30 15:45, 2026-05-30 23:45, 2026-05-31 07:45, 2026-05-31 15:45, 2026-05-31 23:45, 2026-06-01 07:45, 2026-06-01 15:45, 2026-06-01 23:45, 2026-06-02 07:45, 2026-06-02 15:45, 2026-06-02 23:45, 2026-06-03 07:45, 2026-06-03 15:45, 2026-06-03 23:45, 2026-06-04 07:45, 2026-06-04 15:45, 2026-06-04 23:45, 2026-06-05 07:45, 2026-06-05 15:45, 2026-06-05 23:45, 2026-06-06 07:45, 2026-06-06 15:45, 2026-06-06 23:45, 2026-06-07 07:45

Spamhaus SBL

94.26.88.29 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-17 16:02:41.133000
Was present on blacklist at: 2026-05-27 16:02, 2026-06-03 16:02, 2026-06-10 16:02, 2026-06-17 16:02

Spamhaus DROP

94.26.88.29 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-17 16:02:41.133000
Was present on blacklist at: 2026-05-27 16:02, 2026-06-03 16:02, 2026-06-10 16:02, 2026-06-17 16:02

AbuseIPDB

94.26.88.29 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-05-31 04:00:00.611000
Was present on blacklist at: 2026-05-28 04:00, 2026-05-31 04:00

Threat categories

TL	Role	Category	Details
25	src	—

---

OTX pulses

[6a16e1bcd062ade27bb039ec] 2026-05-27 12:21:16.292000 | RDP honeypot logs for 2026/05/27

Author name:	jnazario
Pulse modified:	2026-05-27 12:21:16.292000
Indicator created:	2026-05-27 12:21:17
Indicator role:	None
Indicator title:
Indicator expiration:	2026-06-26 12:00:00

[6a1c27bb8b6566577bbc26e0] 2026-05-31 12:21:15.686000 | RDP honeypot logs for 2026/05/31

Author name:	jnazario
Pulse modified:	2026-05-31 12:21:15.686000
Indicator created:	2026-05-31 12:21:16
Indicator role:	None
Indicator title:
Indicator expiration:	2026-06-30 12:00:00

Origin AS

AS201814 - PL-SKYTECH-AS

BGP Prefix

94.26.88.0/24

geo

Bulgaria

🕑 Europe/Sofia

hostname

29.88.26.94.tbc.bg

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

94.26.88.0 - 94.26.88.255

last_activity

2026-05-31 17:12:13.339000

rep

0.017204301075268824

reserved_range

0

Shodan's InternetDB

Open ports: 5985

Tags: –

CPEs: –

ts_added

2026-05-27 16:02:38.848000

ts_last_update

2026-06-20 16:02:42.128000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses