IP address

Search at other sites:

.00095.214.55.23

Shodan(more info)

Passive DNS

IP blacklists

AbuseIPDB

95.214.55.23 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-04-27 04:00:00.678000
Was present on blacklist at: 2025-04-11 04:00, 2025-04-12 04:00, 2025-04-13 04:00, 2025-04-14 04:00, 2025-04-15 04:00, 2025-04-16 04:00, 2025-04-17 04:00, 2025-04-18 04:00, 2025-04-19 04:00, 2025-04-20 04:00, 2025-04-21 04:00, 2025-04-22 04:00, 2025-04-23 04:00, 2025-04-24 04:00, 2025-04-25 04:00, 2025-04-26 04:00, 2025-04-27 04:00

CI Army

95.214.55.23 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-01 02:50:01.011000
Was present on blacklist at: 2025-04-11 02:50, 2025-04-18 02:50, 2025-04-19 02:50, 2025-04-24 02:50, 2025-04-25 02:50, 2025-04-26 02:50, 2025-04-27 02:50, 2025-04-28 02:50, 2025-04-29 02:50, 2025-04-30 02:50, 2025-05-01 02:50

Turris greylist

95.214.55.23 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-27 21:15:00.159000
Was present on blacklist at: 2025-04-10 21:15, 2025-04-11 21:15, 2025-04-12 21:15, 2025-04-13 21:15, 2025-04-14 21:15, 2025-04-15 21:15, 2025-04-17 21:15, 2025-04-18 21:15, 2025-04-19 21:15, 2025-04-20 21:15, 2025-04-21 21:15, 2025-04-22 21:15, 2025-04-23 21:15, 2025-04-25 21:15, 2025-04-26 21:15, 2025-04-27 21:15

UCEPROTECT L1

95.214.55.23 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-02 15:45:00.647000
Was present on blacklist at: 2025-04-10 07:45, 2025-04-10 15:45, 2025-04-10 23:45, 2025-04-11 07:45, 2025-04-11 15:45, 2025-04-11 23:45, 2025-04-12 07:45, 2025-04-12 15:45, 2025-04-12 23:45, 2025-04-13 07:45, 2025-04-13 15:45, 2025-04-13 23:45, 2025-04-25 23:45, 2025-04-26 07:45, 2025-04-26 15:45, 2025-04-26 23:45, 2025-04-27 07:45, 2025-04-27 15:45, 2025-04-27 23:45, 2025-04-28 07:45, 2025-04-28 15:45, 2025-04-28 23:45, 2025-04-29 07:45, 2025-04-29 15:45, 2025-04-29 23:45, 2025-04-30 07:45, 2025-04-30 15:45, 2025-04-30 23:45, 2025-05-01 07:45, 2025-05-01 15:45, 2025-05-01 23:45, 2025-05-02 07:45, 2025-05-02 15:45

DataPlane TELNET login

95.214.55.23 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-14 06:10:05.517000
Was present on blacklist at: 2025-04-10 14:10, 2025-04-10 18:10, 2025-04-11 02:10, 2025-04-11 06:10, 2025-04-11 14:10, 2025-04-11 18:10, 2025-04-12 02:10, 2025-04-12 06:10, 2025-04-12 14:10, 2025-04-12 18:10, 2025-04-13 06:10, 2025-04-13 14:10, 2025-04-13 18:10, 2025-04-14 02:10, 2025-04-14 06:10

Spamhaus XBL CBL

95.214.55.23 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-07-03 06:54:30.683000
Was present on blacklist at: 2025-04-17 06:54, 2025-05-01 06:54

Warden events (1817)

2025-04-26

ReconScanning (node.4dc198): 7

ReconScanning (node.368407): 7

AnomalyTraffic (node.ffe95c): 3

AnomalyTraffic (node.86dac8): 1

IntrusionUserCompromise (node.cfb4f7): 32

2025-04-25

ReconScanning (node.368407): 8

AnomalyTraffic (node.86dac8): 9

ReconScanning (node.4dc198): 17

AnomalyTraffic (node.ffe95c): 11

2025-04-24

AnomalyTraffic (node.86dac8): 4

AnomalyTraffic (node.ffe95c): 5

ReconScanning (node.4dc198): 7

ReconScanning (node.368407): 2

2025-04-23

ReconScanning (node.f90c6b): 18

ReconScanning (node.368407): 22

ReconScanning (node.4dc198): 22

AnomalyTraffic (node.86dac8): 2

AnomalyTraffic (node.ffe95c): 4

2025-04-22

ReconScanning (node.f90c6b): 139

2025-04-21

ReconScanning (node.f90c6b): 140

2025-04-20

ReconScanning (node.f90c6b): 136

2025-04-19

ReconScanning (node.f90c6b): 130

2025-04-18

ReconScanning (node.f90c6b): 128

ReconScanning (node.4dc198): 1

2025-04-17

ReconScanning (node.f90c6b): 128

ReconScanning (node.4dc198): 4

ReconScanning (node.9c1411): 4

2025-04-16

ReconScanning (node.f90c6b): 124

2025-04-15

ReconScanning (node.f90c6b): 127

2025-04-14

ReconScanning (node.f90c6b): 119

2025-04-13

ReconScanning (node.f90c6b): 117

2025-04-12

ReconScanning (node.f90c6b): 117

2025-04-11

ReconScanning (node.f90c6b): 114

2025-04-10

ReconScanning (node.f90c6b): 108

DShield reports (IP summary, reports)

2025-04-10

Number of reports: 105236

Distinct targets: 95048

2025-04-11

Number of reports: 167813

Distinct targets: 115072

2025-04-12

Number of reports: 161734

Distinct targets: 114299

2025-04-13

Number of reports: 116852

Distinct targets: 106713

2025-04-14

Number of reports: 108475

Distinct targets: 102184

2025-04-15

Number of reports: 101475

Distinct targets: 95324

2025-04-16

Number of reports: 156065

Distinct targets: 107015

2025-04-17

Number of reports: 152227

Distinct targets: 106002

2025-04-18

Number of reports: 150558

Distinct targets: 104068

2025-04-19

Number of reports: 104133

Distinct targets: 94821

2025-04-20

Number of reports: 150492

Distinct targets: 104684

2025-04-21

Number of reports: 157292

Distinct targets: 107139

2025-04-22

Number of reports: 118910

Distinct targets: 103598

2025-04-23

Number of reports: 18621

Distinct targets: 12485

2025-04-24

Number of reports: 300

Distinct targets: 180

2025-04-25

Number of reports: 621

Distinct targets: 486

2025-04-26

Number of reports: 409

Distinct targets: 298

OTX pulses

[5a7e3e70c44e7b48947593a7] 2018-02-10 00:36:00.396000 | Webscanners 2018-02-09 thru current day

Author name:	david3
Pulse modified:	2025-05-25 03:20:14.113000
Indicator created:	2025-04-25 05:55:25
Indicator role:	scanning_host
Indicator title:	404 NOT FOUND
Indicator expiration:	2025-07-24 00:00:00

Origin AS

AS201814 - PL-SKYTECH-AS

BGP Prefix

95.214.54.0/23

geo

Poland

🕑 Europe/Warsaw

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

95.214.52.0 - 95.214.55.255

last_activity

2025-05-25 04:01:00.721000

last_warden_event

2025-04-26 09:27:59

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 22

Tags: –

CPEs: cpe:/a:openbsd:openssh:9.6p1, cpe:/o:canonical:ubuntu_linux

ts_added

2025-03-27 06:54:21.242000

ts_last_update

2025-07-09 06:54:30.521000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses