IP address

Search at other sites:
.000185.85.239.1313-164.86.185.ip.idealhosting.net.tr
Shodan(more info)
Passive DNS
Tags: IP in hostname
IP blacklists
CI Army
185.85.239.13 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2024-12-17 03:50:00.946000
Was present on blacklist at: 2024-11-30 03:50, 2024-12-01 03:50, 2024-12-02 03:50, 2024-12-03 03:50, 2024-12-04 03:50, 2024-12-08 03:50, 2024-12-09 03:50, 2024-12-10 03:50, 2024-12-11 03:50, 2024-12-12 03:50, 2024-12-13 03:50, 2024-12-14 03:50, 2024-12-15 03:50, 2024-12-16 03:50, 2024-12-17 03:50
AbuseIPDB
185.85.239.13 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-12-07 05:00:00.393000
Was present on blacklist at: 2024-11-11 05:00, 2024-11-12 05:00, 2024-11-13 05:00, 2024-11-16 05:00, 2024-11-18 05:00, 2024-11-20 05:00, 2024-11-24 05:00, 2024-11-27 05:00, 2024-11-29 05:00, 2024-11-30 05:00, 2024-12-07 05:00
blocklist.de web-login
185.85.239.13 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2024-11-25 05:05:05.166000
Was present on blacklist at: 2024-11-11 17:05, 2024-11-11 23:05, 2024-11-12 05:05, 2024-11-12 11:05, 2024-11-12 17:05, 2024-11-12 23:05, 2024-11-13 05:05, 2024-11-13 11:05, 2024-11-15 23:05, 2024-11-16 05:05, 2024-11-16 11:05, 2024-11-16 23:05, 2024-11-17 05:05, 2024-11-17 11:05, 2024-11-23 11:05, 2024-11-23 17:05, 2024-11-23 23:05, 2024-11-24 05:05, 2024-11-24 11:05, 2024-11-24 17:05, 2024-11-24 23:05, 2024-11-25 05:05
Turris greylist
185.85.239.13 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-12-09 22:15:00.186000
Was present on blacklist at: 2024-11-11 22:15, 2024-11-12 22:15, 2024-11-13 22:15, 2024-11-14 22:15, 2024-11-15 22:15, 2024-11-16 22:15, 2024-11-17 22:15, 2024-11-18 22:15, 2024-11-19 22:15, 2024-11-20 22:15, 2024-11-21 22:15, 2024-11-22 22:15, 2024-11-23 22:15, 2024-11-24 22:15, 2024-11-25 22:15, 2024-11-28 22:15, 2024-11-29 22:15, 2024-11-30 22:15, 2024-12-08 22:15, 2024-12-09 22:15
Spamhaus XBL CBL
185.85.239.13 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-02-01 02:52:30.627000
Was present on blacklist at: 2024-11-16 02:52, 2024-11-23 02:52, 2024-11-30 02:52, 2024-12-07 02:52, 2024-12-14 02:52, 2024-12-21 02:52
UCEPROTECT L1
185.85.239.13 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-12-17 00:45:00.688000
Was present on blacklist at: 2024-12-10 08:45, 2024-12-10 16:45, 2024-12-11 00:45, 2024-12-11 08:45, 2024-12-11 16:45, 2024-12-12 00:45, 2024-12-12 08:45, 2024-12-12 16:45, 2024-12-13 00:45, 2024-12-13 08:45, 2024-12-13 16:45, 2024-12-14 00:45, 2024-12-14 08:45, 2024-12-14 16:45, 2024-12-15 00:45, 2024-12-15 08:45, 2024-12-15 16:45, 2024-12-16 00:45, 2024-12-16 08:45, 2024-12-16 16:45, 2024-12-17 00:45
Warden events (356)
2024-12-13
AnomalyTraffic (node.ce2b59): 2
ReconScanning (node.ce2b59): 1
2024-11-27
ReconScanning (node.86eb21): 101
ReconScanning (node.4dc198): 3
2024-11-24
ReconScanning (node.368407): 6
2024-11-23
AnomalyTraffic (node.86dac8): 4
AnomalyTraffic (node.ffe95c): 3
ReconScanning (node.4dc198): 6
2024-11-20
ReconScanning (node.368407): 6
2024-11-19
ReconScanning (node.4dc198): 6
AnomalyTraffic (node.ffe95c): 3
AnomalyTraffic (node.86dac8): 2
2024-11-17
AnomalyTraffic (node.ffe95c): 13
AnomalyTraffic (node.86dac8): 11
ReconScanning (node.4dc198): 30
ReconScanning (node.368407): 18
2024-11-16
AnomalyTraffic (node.ffe95c): 5
AnomalyTraffic (node.86dac8): 5
ReconScanning (node.ce2b59): 2
ReconScanning (node.4dc198): 12
2024-11-15
ReconScanning (node.4dc198): 6
AnomalyTraffic (node.ffe95c): 3
ReconScanning (node.368407): 6
2024-11-13
ReconScanning (node.368407): 18
ReconScanning (node.4dc198): 12
AnomalyTraffic (node.ffe95c): 4
2024-11-12
AnomalyTraffic (node.ffe95c): 11
AnomalyTraffic (node.86dac8): 13
ReconScanning (node.4dc198): 24
ReconScanning (node.ce2b59): 2
2024-11-11
ReconScanning (node.4dc198): 6
AnomalyTraffic (node.86dac8): 3
AnomalyTraffic (node.ffe95c): 3
ReconScanning (node.368407): 6
DShield reports (IP summary, reports)
2024-11-10
Number of reports: 603
Distinct targets: 198
2024-11-11
Number of reports: 431
Distinct targets: 144
2024-11-12
Number of reports: 209
Distinct targets: 68
2024-11-13
Number of reports: 398
Distinct targets: 141
2024-11-14
Number of reports: 491
Distinct targets: 172
2024-11-15
Number of reports: 512
Distinct targets: 149
2024-11-16
Number of reports: 195
Distinct targets: 62
2024-11-17
Number of reports: 346
Distinct targets: 109
2024-11-18
Number of reports: 410
Distinct targets: 175
2024-11-19
Number of reports: 412
Distinct targets: 123
2024-11-20
Number of reports: 441
Distinct targets: 157
2024-11-21
Number of reports: 416
Distinct targets: 125
2024-11-22
Number of reports: 697
Distinct targets: 115
2024-11-23
Number of reports: 400
Distinct targets: 151
2024-11-24
Number of reports: 162
Distinct targets: 47
2024-11-26
Number of reports: 2200
Distinct targets: 1040
2024-11-27
Number of reports: 4271
Distinct targets: 3984
2024-11-28
Number of reports: 2177
Distinct targets: 812
2024-11-29
Number of reports: 1288
Distinct targets: 719
2024-11-30
Number of reports: 2010
Distinct targets: 849
2024-12-01
Number of reports: 4773
Distinct targets: 2535
2024-12-02
Number of reports: 5124
Distinct targets: 2324
2024-12-05
Number of reports: 89
Distinct targets: 89
2024-12-06
Number of reports: 842
Distinct targets: 255
2024-12-07
Number of reports: 559
Distinct targets: 303
2024-12-08
Number of reports: 2306
Distinct targets: 661
2024-12-09
Number of reports: 1325
Distinct targets: 673
2024-12-10
Number of reports: 379
Distinct targets: 269
2024-12-13
Number of reports: 270
Distinct targets: 185
OTX pulses
[5a7e3e70c44e7b48947593a7] 2018-02-10 00:36:00.396000 | Webscanners 2018-02-09 thru current day
Author name:david3
Pulse modified:2025-01-01 07:55:16.671000
Indicator created:2024-12-02 08:45:21
Indicator role:scanning_host
Indicator title:404 NOT FOUND
Indicator expiration:2025-03-02 00:00:00
Origin AS
AS29262 - IDEALHOSTING
BGP Prefix
185.85.239.0/24
geo
Turkey, Istanbul
🕑 Europe/Istanbul
hostname
13-164.86.185.ip.idealhosting.net.tr
hostname_class
['ip_in_hostname']
Address block ('inetnum' or 'NetRange' in whois database)
185.85.236.0 - 185.85.239.255
last_activity
2025-01-01 08:02:07.506000
last_warden_event
2024-12-13 15:48:36
rep
0.0
reserved_range
0
Shodan's InternetDB
Open ports: 22, 25, 80, 123, 443, 993, 995, 3306, 5353, 8088, 8089
Tags: self-signed, database, eol-product
CPEs: cpe:/a:apache:http_server:2.4.6, cpe:/a:jquery:jquery:1.11.2, cpe:/a:openssl:openssl:1.0.2k, cpe:/a:openbsd:openssh:7.4, cpe:/a:jquery:jquery_ui:1.11.4, cpe:/a:php:php:5.4.16, cpe:/a:postfix:postfix, cpe:/a:getbootstrap:bootstrap, cpe:/a:mariadb:mariadb:5.5.64-MariaDB
ts_added
2024-10-26 02:52:26.599000
ts_last_update
2025-02-07 02:52:30.242000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses