IP address

Search at other sites:

.95895.214.52.169

Shodan(more info)

Passive DNS

IP blacklists

CI Army

95.214.52.169 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-07-09 02:50:00.877000
Was present on blacklist at: 2025-06-20 02:50, 2025-06-21 02:50, 2025-06-22 02:50, 2025-06-23 02:50, 2025-06-24 02:50, 2025-06-25 02:50, 2025-06-26 02:50, 2025-06-27 02:50, 2025-06-28 02:50, 2025-06-29 02:50, 2025-06-30 02:50, 2025-07-01 02:50, 2025-07-02 02:50, 2025-07-03 02:50, 2025-07-04 02:50, 2025-07-05 02:50, 2025-07-06 02:50, 2025-07-07 02:50, 2025-07-08 02:50, 2025-07-09 02:50

AbuseIPDB

95.214.52.169 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-07-09 04:00:00.752000
Was present on blacklist at: 2025-06-20 04:00, 2025-06-21 04:00, 2025-06-22 04:00, 2025-06-23 04:00, 2025-06-24 04:00, 2025-06-25 04:00, 2025-06-26 04:00, 2025-06-27 04:00, 2025-06-28 04:00, 2025-06-29 04:00, 2025-06-30 04:00, 2025-07-01 04:00, 2025-07-02 04:00, 2025-07-03 04:00, 2025-07-04 04:00, 2025-07-05 04:00, 2025-07-06 04:00, 2025-07-07 04:00, 2025-07-08 04:00, 2025-07-09 04:00

Turris greylist

95.214.52.169 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-07-08 21:15:00.173000
Was present on blacklist at: 2025-06-20 21:15, 2025-06-21 21:15, 2025-06-22 21:15, 2025-06-23 21:15, 2025-06-24 21:15, 2025-06-25 21:15, 2025-06-26 21:15, 2025-06-27 21:15, 2025-06-28 21:15, 2025-06-29 21:15, 2025-06-30 21:15, 2025-07-01 21:15, 2025-07-02 21:15, 2025-07-03 21:15, 2025-07-04 21:15, 2025-07-05 21:15, 2025-07-06 21:15, 2025-07-07 21:15, 2025-07-08 21:15

Spamhaus XBL CBL

95.214.52.169 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-07-03 18:07:00.374000
Was present on blacklist at: 2025-06-26 18:07, 2025-07-03 18:07

Warden events (2038)

2025-07-09

ReconScanning (node.368407): 28

ReconScanning (node.4dc198): 23

IntrusionUserCompromise (node.cfb4f7): 8

AnomalyTraffic (node.ffe95c): 8

AnomalyTraffic (node.86dac8): 6

2025-07-08

AnomalyTraffic (node.86dac8): 17

AnomalyTraffic (node.ffe95c): 21

ReconScanning (node.4dc198): 50

ReconScanning (node.368407): 46

IntrusionUserCompromise (node.cfb4f7): 21

2025-07-07

AnomalyTraffic (node.ffe95c): 20

AnomalyTraffic (node.86dac8): 17

ReconScanning (node.4dc198): 59

ReconScanning (node.368407): 46

IntrusionUserCompromise (node.cfb4f7): 32

2025-07-06

IntrusionUserCompromise (node.cfb4f7): 70

ReconScanning (node.9c1411): 6

ReconScanning (node.368407): 46

ReconScanning (node.4dc198): 51

AnomalyTraffic (node.ffe95c): 25

AnomalyTraffic (node.86dac8): 24

2025-07-05

IntrusionUserCompromise (node.cfb4f7): 28

ReconScanning (node.368407): 19

ReconScanning (node.4dc198): 16

ReconScanning (node.9c1411): 5

AnomalyTraffic (node.ffe95c): 5

AnomalyTraffic (node.86dac8): 4

2025-07-04

ReconScanning (node.368407): 40

AnomalyTraffic (node.ffe95c): 11

AnomalyTraffic (node.86dac8): 9

ReconScanning (node.9c1411): 17

ReconScanning (node.4dc198): 26

IntrusionUserCompromise (node.cfb4f7): 75

2025-07-03

IntrusionUserCompromise (node.cfb4f7): 85

ReconScanning (node.368407): 42

AnomalyTraffic (node.ffe95c): 10

AnomalyTraffic (node.86dac8): 7

ReconScanning (node.4dc198): 25

ReconScanning (node.9c1411): 12

2025-07-02

ReconScanning (node.368407): 45

ReconScanning (node.4dc198): 26

AnomalyTraffic (node.ffe95c): 10

ReconScanning (node.9c1411): 13

IntrusionUserCompromise (node.cfb4f7): 123

AnomalyTraffic (node.86dac8): 6

2025-07-01

ReconScanning (node.368407): 47

AnomalyTraffic (node.ffe95c): 9

AnomalyTraffic (node.86dac8): 6

ReconScanning (node.4dc198): 18

ReconScanning (node.9c1411): 11

IntrusionUserCompromise (node.cfb4f7): 10

2025-06-30

ReconScanning (node.4dc198): 21

ReconScanning (node.368407): 21

ReconScanning (node.9c1411): 4

2025-06-29

ReconScanning (node.4dc198): 21

ReconScanning (node.368407): 23

AnomalyTraffic (node.ffe95c): 7

AnomalyTraffic (node.86dac8): 6

2025-06-28

ReconScanning (node.4dc198): 12

ReconScanning (node.368407): 21

2025-06-27

ReconScanning (node.4dc198): 10

ReconScanning (node.368407): 21

2025-06-26

ReconScanning (node.368407): 21

ReconScanning (node.4dc198): 14

2025-06-25

ReconScanning (node.368407): 23

ReconScanning (node.4dc198): 20

2025-06-24

ReconScanning (node.368407): 25

ReconScanning (node.4dc198): 20

2025-06-23

ReconScanning (node.368407): 27

ReconScanning (node.4dc198): 28

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.9c1411): 1

2025-06-22

ReconScanning (node.4dc198): 20

ReconScanning (node.368407): 27

ReconScanning (node.9c1411): 6

2025-06-21

ReconScanning (node.368407): 36

AnomalyTraffic (node.ffe95c): 5

AnomalyTraffic (node.86dac8): 5

ReconScanning (node.4dc198): 32

ReconScanning (node.9c1411): 2

2025-06-20

ReconScanning (node.368407): 72

ReconScanning (node.4dc198): 60

ReconScanning (node.9c1411): 4

2025-06-19

ReconScanning (node.4dc198): 17

ReconScanning (node.368407): 19

AnomalyTraffic (node.ffe95c): 2

DShield reports (IP summary, reports)

2025-06-19

Number of reports: 354

Distinct targets: 53

2025-06-20

Number of reports: 2411

Distinct targets: 38

2025-06-21

Number of reports: 3337

Distinct targets: 206

2025-06-22

Number of reports: 3372

Distinct targets: 88

2025-06-23

Number of reports: 2130

Distinct targets: 75

2025-06-24

Number of reports: 2132

Distinct targets: 73

2025-06-25

Number of reports: 1962

Distinct targets: 82

2025-06-26

Number of reports: 1278

Distinct targets: 60

2025-06-27

Number of reports: 2513

Distinct targets: 84

2025-06-28

Number of reports: 1800

Distinct targets: 80

2025-06-29

Number of reports: 2389

Distinct targets: 124

2025-06-30

Number of reports: 1443

Distinct targets: 79

2025-07-01

Number of reports: 2938

Distinct targets: 109

2025-07-02

Number of reports: 3269

Distinct targets: 108

2025-07-03

Number of reports: 3273

Distinct targets: 146

2025-07-04

Number of reports: 3541

Distinct targets: 175

2025-07-05

Number of reports: 1195

Distinct targets: 167

2025-07-06

Number of reports: 3269

Distinct targets: 168

2025-07-07

Number of reports: 4042

Distinct targets: 171

2025-07-08

Number of reports: 2771

Distinct targets: 199

OTX pulses

[6856a4e7ffdc53d8f2e96f86] 2025-06-21 12:26:15.710000 | Apache honeypot logs for 21/Jun/2025

Author name:	jnazario
Pulse modified:	2025-06-21 12:26:15.710000
Indicator created:	2025-06-21 12:26:16
Indicator role:	None
Indicator title:
Indicator expiration:	2025-07-21 12:00:00

Origin AS

AS201814 - PL-SKYTECH-AS

BGP Prefix

95.214.52.0/23

geo

Poland

🕑 Europe/Warsaw

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

95.214.52.0 - 95.214.55.255

last_activity

2025-07-09 11:19:28

last_warden_event

2025-07-09 11:19:28

rep

0.9581845238095238

reserved_range

0

Shodan's InternetDB

Open ports: 22

Tags: –

CPEs: cpe:/a:openbsd:openssh:7.6p1, cpe:/o:canonical:ubuntu_linux

ts_added

2025-06-19 18:06:56.011000

ts_last_update

2025-07-09 11:38:50.349000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses