IP address

Passive DNS

Tags:

IP blacklists

UCEPROTECT L1

194.180.48.85 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-04 07:45:00.512000
Was present on blacklist at: 2025-04-22 15:45, 2025-04-22 23:45, 2025-04-23 07:45, 2025-04-23 15:45, 2025-04-23 23:45, 2025-04-24 07:45, 2025-04-24 15:45, 2025-04-24 23:45, 2025-04-25 07:45, 2025-04-25 15:45, 2025-04-25 23:45, 2025-04-26 07:45, 2025-04-26 15:45, 2025-04-26 23:45, 2025-04-27 07:45, 2025-04-27 15:45, 2025-04-27 23:45, 2025-04-28 07:45, 2025-04-28 15:45, 2025-04-28 23:45, 2025-04-29 07:45, 2025-04-29 15:45, 2025-04-29 23:45, 2025-04-30 07:45, 2025-04-30 15:45, 2025-04-30 23:45, 2025-05-01 07:45, 2025-05-01 15:45, 2025-05-01 23:45, 2025-05-02 07:45, 2025-05-02 15:45, 2025-05-02 23:45, 2025-05-03 07:45, 2025-05-03 15:45, 2025-05-03 23:45, 2025-05-04 07:45, 2025-05-04 15:45, 2025-05-04 23:45, 2025-05-05 07:45, 2025-05-05 15:45, 2025-05-05 23:45, 2025-05-06 07:45, 2025-05-06 15:45, 2025-05-06 23:45, 2025-05-07 07:45, 2025-05-07 15:45, 2025-05-07 23:45, 2025-05-08 07:45, 2025-05-08 15:45, 2025-05-08 23:45, 2025-05-09 07:45, 2025-05-09 15:45, 2025-05-09 23:45, 2025-05-10 07:45, 2025-05-10 15:45, 2025-05-10 23:45, 2025-05-11 07:45, 2025-05-11 15:45, 2025-05-11 23:45, 2025-05-12 07:45, 2025-05-12 15:45, 2025-05-12 23:45, 2025-05-13 07:45, 2025-05-13 15:45, 2025-05-13 23:45, 2025-05-14 07:45, 2025-05-14 15:45, 2025-05-14 23:45, 2025-05-15 07:45, 2025-05-15 15:45, 2025-05-15 23:45, 2025-05-16 07:45, 2025-05-16 15:45, 2025-05-16 23:45, 2025-05-17 07:45, 2025-05-17 15:45, 2025-05-17 23:45, 2025-05-18 07:45, 2025-05-18 15:45, 2025-05-18 23:45, 2025-05-19 07:45, 2025-05-19 15:45, 2025-05-19 23:45, 2025-05-20 07:45, 2025-05-20 15:45, 2025-05-20 23:45, 2025-05-21 07:45, 2025-05-21 15:45, 2025-05-21 23:45, 2025-05-22 07:45, 2025-05-22 15:45, 2025-05-22 23:45, 2025-05-23 07:45, 2025-05-23 15:45, 2025-05-23 23:45, 2025-05-24 07:45, 2025-05-24 15:45, 2025-05-24 23:45, 2025-05-25 07:45, 2025-05-25 15:45, 2025-05-25 23:45, 2025-05-26 07:45, 2025-05-26 15:45, 2025-05-26 23:45, 2025-05-27 07:45, 2025-05-27 15:45, 2025-05-27 23:45, 2025-05-28 07:45, 2025-05-28 15:45, 2025-05-28 23:45, 2025-05-29 07:45, 2025-05-29 15:45, 2025-05-29 23:45, 2025-05-30 07:45, 2025-05-30 15:45, 2025-05-30 23:45, 2025-05-31 07:45, 2025-05-31 15:45, 2025-05-31 23:45, 2025-06-01 07:45, 2025-06-01 15:45, 2025-06-01 23:45, 2025-06-02 07:45, 2025-06-02 15:45, 2025-06-02 23:45, 2025-06-03 07:45, 2025-06-03 15:45, 2025-06-03 23:45, 2025-06-04 07:45

DShield Block

194.180.48.85 was recently listed on the DShield Block blacklist, but currently it is not.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2025-07-11 04:50:00
Was present on blacklist at: 2025-04-13 04:50, 2025-04-14 04:50, 2025-04-15 04:50, 2025-04-17 04:50, 2025-04-18 04:50, 2025-04-19 04:50, 2025-04-20 04:50, 2025-04-21 04:50, 2025-04-22 04:50, 2025-04-23 04:50, 2025-04-24 04:50, 2025-04-25 04:50, 2025-04-26 04:50, 2025-04-27 04:50, 2025-04-28 04:50, 2025-04-29 04:50, 2025-04-30 04:50, 2025-05-01 04:50

DShield reports (IP summary, reports)

2025-04-12: Number of reports: 54; Distinct targets: 21
2025-04-22: Number of reports: 16; Distinct targets: 16
2025-05-07: Number of reports: 34; Distinct targets: 23
2025-05-10: Number of reports: 12; Distinct targets: 6

OTX pulses

[682b238c0f0191f6982d0eef] 2025-05-19 12:26:52.734000 | RDP honeypot logs for 2025/05/19

Author name:	jnazario
Pulse modified:	2025-05-19 12:26:52.734000
Indicator created:	2025-05-19 12:26:53
Indicator role:	None
Indicator title:
Indicator expiration:	2025-06-18 12:00:00

[6831bb41a28f3acc182994dc] 2025-05-24 12:27:45.354000 | RDP honeypot logs for 2025/05/24

Author name:	jnazario
Pulse modified:	2025-05-24 12:27:45.354000
Indicator created:	2025-05-24 12:27:46
Indicator role:	None
Indicator title:
Indicator expiration:	2025-06-23 12:00:00

Origin AS: AS201814 - PL-SKYTECH-AS; AS15440 - Baltneta
BGP Prefix: 194.180.48.0/24
events: []
geo: Bulgaria; 🕑 Europe/Sofia
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 194.180.48.0 - 194.180.49.255
last_activity: 2025-05-24 16:32:27.123000
last_warden_event: 2025-04-07 11:30:53
rep: 0.0
reserved_range: 0
Shodan's InternetDB: Open ports: 135, 139, 445, 3389; Tags: self-signed; CPEs: –
ts_added: 2025-03-14 09:41:11.215000
ts_last_update: 2025-07-11 09:41:20.291000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses