IP address

Search at other sites:
.32595.214.53.41
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
UCEPROTECT L1
95.214.53.41 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-10-28 16:45:00.583000
Was present on blacklist at: 2025-10-27 00:45, 2025-10-27 08:45, 2025-10-27 16:45, 2025-10-28 00:45, 2025-10-28 08:45, 2025-10-28 16:45
DataPlane VNC RFB
95.214.53.41 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2025-10-28 19:10:01.378000
Was present on blacklist at: 2025-10-27 03:10, 2025-10-27 07:10, 2025-10-27 15:10, 2025-10-27 19:10, 2025-10-28 03:10, 2025-10-28 07:10, 2025-10-28 15:10, 2025-10-28 19:10
CI Army
95.214.53.41 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-10-28 03:50:00.968000
Was present on blacklist at: 2025-10-27 03:50, 2025-10-28 03:50
AbuseIPDB
95.214.53.41 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-10-28 05:00:00.736000
Was present on blacklist at: 2025-10-27 05:00, 2025-10-28 05:00
Warden events (1057)
2025-10-28
ReconScanning (node.4dc198): 261
ReconScanning (node.368407): 214
ReconScanning (node.9c1411): 39
2025-10-27
ReconScanning (node.4dc198): 209
ReconScanning (node.368407): 195
ReconScanning (node.9c1411): 38
2025-10-26
ReconScanning (node.4dc198): 50
ReconScanning (node.368407): 42
ReconScanning (node.9c1411): 9
DShield reports (IP summary, reports)
2025-10-27
Number of reports: 588
Distinct targets: 353
OTX pulses
[6900cd91315d0ceee92080c4] 2025-10-28 14:05:05.334000 | VNC honeypot logs for 2025/10/28
Author name:jnazario
Pulse modified:2025-10-28 14:05:05.334000
Indicator created:2025-10-28 14:05:06
Indicator role:None
Indicator title:
Indicator expiration:2025-11-27 14:00:00
Origin AS
AS201814 - PL-SKYTECH-AS
BGP Prefix
95.214.52.0/23
geo
Poland
🕑 Europe/Warsaw
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
95.214.52.0 - 95.214.55.255
last_activity
2025-10-28 22:50:49
last_warden_event
2025-10-28 22:50:49
rep
0.325
reserved_range
0
Shodan's InternetDB
Open ports: 22, 111, 5900, 5901, 6080, 9090, 9100, 10050
Tags: eol-product
CPEs: cpe:/a:f5:nginx:1.18.0, cpe:/a:openbsd:openssh:8.9p1, cpe:/a:python:python:3.10.12, cpe:/o:linux:linux_kernel, cpe:/o:canonical:ubuntu_linux
ts_added
2025-10-26 19:19:01.296000
ts_last_update
2025-10-28 22:50:54.317000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses