IP address

Search at other sites:
.039185.245.40.2
Shodan(more info)
Passive DNS
Tags:
IP blacklists
Spamhaus SBL
185.245.40.2 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-03-19 19:37:20.072000
Was present on blacklist at: 2026-03-05 19:37, 2026-03-12 19:37, 2026-03-19 19:37
blocklist.de SSH
185.245.40.2 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-12 23:05:00.453000
Was present on blacklist at: 2026-03-05 23:05, 2026-03-06 05:05, 2026-03-06 11:05, 2026-03-11 05:05, 2026-03-11 11:05, 2026-03-11 17:05, 2026-03-11 23:05, 2026-03-12 05:05, 2026-03-12 11:05, 2026-03-12 17:05, 2026-03-12 23:05
blocklist.de web-login
185.245.40.2 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-10 23:05:00.202000
Was present on blacklist at: 2026-03-09 23:05, 2026-03-10 05:05, 2026-03-10 11:05, 2026-03-10 17:05, 2026-03-10 23:05
blocklist.de Apache
185.245.40.2 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-10 23:05:00.316000
Was present on blacklist at: 2026-03-09 23:05, 2026-03-10 05:05, 2026-03-10 11:05, 2026-03-10 17:05, 2026-03-10 23:05
Spamhaus XBL CBL
185.245.40.2 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-03-19 19:37:20.072000
Was present on blacklist at: 2026-03-12 19:37

Threat categories

TLRoleCategoryDetails
70 src login protocol: ssh, telnet
port: 23
61 src scan port: 23, 80, 443, 2375
47 src
Warden events (30111)
2026-03-12
ReconScanning (node.9c1411): 1
IntrusionUserCompromise (node.cfb4f7): 2242
2026-03-11
IntrusionUserCompromise (node.cfb4f7): 10283
ReconScanning (node.9c1411): 2
2026-03-10
ReconScanning (node.9c1411): 2
2026-03-09
ReconScanning (node.9c1411): 2
2026-03-08
ReconScanning (node.9c1411): 1
2026-03-07
ReconScanning (node.9c1411): 2
2026-03-06
IntrusionUserCompromise (node.cfb4f7): 6561
ReconScanning (node.9c1411): 2
2026-03-05
ReconScanning (node.9c1411): 1
IntrusionUserCompromise (node.cfb4f7): 11012
DShield reports (IP summary, reports)
2026-03-09
Number of reports: 10
Distinct targets: 4
2026-03-11
Number of reports: 32
Distinct targets: 8
2026-03-12
Number of reports: 56
Distinct targets: 4
2026-03-13
Number of reports: 56
Distinct targets: 4
Origin AS
AS215305 - retzor-as
BGP Prefix
185.245.40.0/24
geo
France
🕑 Europe/Paris
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
185.245.40.0 - 185.245.43.255
last_activity
2026-03-12 18:58:26
last_warden_event
2026-03-12 18:58:26
rep
0.039285714285714285
reserved_range
0
ts_added
2026-03-05 19:37:18.499000
ts_last_update
2026-03-23 19:37:20.279000

Warden event timeline

DShield event timeline

Presence on blacklists