IP address

Search at other sites:

.000185.219.84.139139.84.219.185.dataforest.net

Shodan(more info)

Passive DNS

IP blacklists

UCEPROTECT L1

185.219.84.139 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-09-19 23:45:00.464000
Was present on blacklist at: 2024-08-23 23:45, 2024-08-24 07:45, 2024-08-24 15:45, 2024-08-24 23:45, 2024-08-25 07:45, 2024-08-25 15:45, 2024-08-25 23:45, 2024-08-26 07:45, 2024-08-26 15:45, 2024-08-26 23:45, 2024-08-27 15:45, 2024-08-27 23:45, 2024-08-28 07:45, 2024-08-28 15:45, 2024-08-28 23:45, 2024-08-29 07:45, 2024-08-29 15:45, 2024-08-29 23:45, 2024-08-30 07:45, 2024-08-30 23:45, 2024-08-31 07:45, 2024-08-31 15:45, 2024-08-31 23:45, 2024-09-01 07:45, 2024-09-01 15:45, 2024-09-01 23:45, 2024-09-02 07:45, 2024-09-02 15:45, 2024-09-02 23:45, 2024-09-03 07:45, 2024-09-03 15:45, 2024-09-03 23:45, 2024-09-04 07:45, 2024-09-04 15:45, 2024-09-04 23:45, 2024-09-05 07:45, 2024-09-10 15:45, 2024-09-10 23:45, 2024-09-11 07:45, 2024-09-11 15:45, 2024-09-11 23:45, 2024-09-12 07:45, 2024-09-12 15:45, 2024-09-12 23:45, 2024-09-13 07:45, 2024-09-13 15:45, 2024-09-13 23:45, 2024-09-14 07:45, 2024-09-14 15:45, 2024-09-14 23:45, 2024-09-15 07:45, 2024-09-15 15:45, 2024-09-15 23:45, 2024-09-16 07:45, 2024-09-16 15:45, 2024-09-17 07:45, 2024-09-17 15:45, 2024-09-17 23:45, 2024-09-18 07:45, 2024-09-18 15:45, 2024-09-18 23:45, 2024-09-19 07:45, 2024-09-19 15:45, 2024-09-19 23:45

blocklist.de Apache

185.219.84.139 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2024-09-18 10:05:00.552000
Was present on blacklist at: 2024-08-30 10:05, 2024-08-30 16:05, 2024-08-30 22:05, 2024-08-31 04:05, 2024-08-31 10:05, 2024-08-31 16:05, 2024-08-31 22:05, 2024-09-01 04:05, 2024-09-01 10:05, 2024-09-01 16:05, 2024-09-01 22:05, 2024-09-02 04:05, 2024-09-02 10:05, 2024-09-02 16:05, 2024-09-02 22:05, 2024-09-03 04:05, 2024-09-03 10:05, 2024-09-03 16:05, 2024-09-03 22:05, 2024-09-04 04:05, 2024-09-04 10:05, 2024-09-04 16:05, 2024-09-04 22:05, 2024-09-05 04:05, 2024-09-05 10:05, 2024-09-05 16:05, 2024-09-05 22:05, 2024-09-06 04:05, 2024-09-06 10:05, 2024-09-06 16:05, 2024-09-06 22:05, 2024-09-07 04:05, 2024-09-07 10:05, 2024-09-07 16:05, 2024-09-07 22:05, 2024-09-08 04:05, 2024-09-08 10:05, 2024-09-08 16:05, 2024-09-08 22:05, 2024-09-09 04:05, 2024-09-09 10:05, 2024-09-12 04:05, 2024-09-12 10:05, 2024-09-12 16:05, 2024-09-12 22:05, 2024-09-13 04:05, 2024-09-13 10:05, 2024-09-13 16:05, 2024-09-13 22:05, 2024-09-14 04:05, 2024-09-14 10:05, 2024-09-14 16:05, 2024-09-14 22:05, 2024-09-15 04:05, 2024-09-15 10:05, 2024-09-15 16:05, 2024-09-16 16:05, 2024-09-16 22:05, 2024-09-17 04:05, 2024-09-17 10:05, 2024-09-17 16:05, 2024-09-17 22:05, 2024-09-18 04:05, 2024-09-18 10:05

CI Army

185.219.84.139 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2024-09-19 02:50:00.946000
Was present on blacklist at: 2024-08-31 02:50, 2024-09-01 02:50, 2024-09-02 02:50, 2024-09-03 02:50, 2024-09-04 02:50, 2024-09-05 02:50, 2024-09-06 02:50, 2024-09-07 02:50, 2024-09-08 02:50, 2024-09-09 02:50, 2024-09-10 02:50, 2024-09-11 02:50, 2024-09-12 02:50, 2024-09-13 02:50, 2024-09-14 02:50, 2024-09-15 02:50, 2024-09-16 02:50, 2024-09-17 02:50, 2024-09-18 02:50, 2024-09-19 02:50

AbuseIPDB

185.219.84.139 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-09-19 04:00:00.477000
Was present on blacklist at: 2024-08-31 04:00, 2024-09-02 04:00, 2024-09-03 04:00, 2024-09-04 04:00, 2024-09-05 04:00, 2024-09-12 04:00, 2024-09-13 04:00, 2024-09-14 04:00, 2024-09-17 04:00, 2024-09-19 04:00

Warden events (2)

2024-08-24

AnomalyTraffic (node.86dac8): 1

2024-08-23

AnomalyTraffic (node.86dac8): 1

DShield reports (IP summary, reports)

2024-08-24

Number of reports: 14

Distinct targets: 12

2024-08-30

Number of reports: 647

Distinct targets: 318

2024-09-01

Number of reports: 444

Distinct targets: 308

2024-09-02

Number of reports: 97

Distinct targets: 71

2024-09-03

Number of reports: 112

Distinct targets: 82

2024-09-04

Number of reports: 108

Distinct targets: 78

2024-09-05

Number of reports: 193

Distinct targets: 77

2024-09-06

Number of reports: 426

Distinct targets: 254

2024-09-07

Number of reports: 444

Distinct targets: 305

2024-09-11

Number of reports: 326

Distinct targets: 247

2024-09-12

Number of reports: 547

Distinct targets: 322

2024-09-13

Number of reports: 885

Distinct targets: 324

2024-09-16

Number of reports: 805

Distinct targets: 300

2024-09-18

Number of reports: 175

Distinct targets: 131

OTX pulses

[66c9eb13092c52cf83ec6359] 2024-08-24 14:15:47.228000 | RDP honeypot logs for 2024/08/24

Author name:	jnazario
Pulse modified:	2024-08-24 14:15:47.228000
Indicator created:	2024-08-24 14:15:48
Indicator role:	None
Indicator title:
Indicator expiration:	2024-09-23 14:00:00

[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot

Author name:	georgengelmann
Pulse modified:	2024-09-19 23:04:15.781000
Indicator created:	2024-08-26 21:27:17
Indicator role:	bruteforce
Indicator title:	RDP intrusion attempt from 139.84.219.185.dataforest.net port 61380
Indicator expiration:	2024-09-25 21:00:00

[66e2f7813357b69b604f6ef3] 2024-09-12 14:15:29.908000 | RDP honeypot logs for 2024/09/12

Author name:	jnazario
Pulse modified:	2024-09-12 14:15:29.908000
Indicator created:	2024-09-12 14:15:30
Indicator role:	None
Indicator title:
Indicator expiration:	2024-10-12 14:00:00

[66e83d7f4edd507c9a1e8665] 2024-09-16 14:15:27.901000 | RDP honeypot logs for 2024/09/16

Author name:	jnazario
Pulse modified:	2024-09-16 14:15:27.901000
Indicator created:	2024-09-16 14:15:28
Indicator role:	None
Indicator title:
Indicator expiration:	2024-10-16 14:00:00

Origin AS

AS58212 - DATAFOREST

BGP Prefix

185.219.84.0/24

geo

Germany

🕑 Europe/Berlin

hostname

139.84.219.185.dataforest.net

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

185.219.84.0 - 185.219.84.255

last_activity

2024-09-20 00:08:05.292000

last_warden_event

2024-08-24 00:36:30

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 3389

Tags: self-signed

CPEs: –

ts_added

2024-08-23 23:49:41.415000

ts_last_update

2024-09-20 00:08:05.301000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses