IP address

Search at other sites:

.0008.219.4.1

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus XBL CBL

8.219.4.1 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2024-11-13 00:20:13.041000
Was present on blacklist at: 2024-09-18 00:20, 2024-09-25 00:20, 2024-10-02 00:20, 2024-10-09 00:20, 2024-10-16 00:20, 2024-10-23 00:20

blocklist.de SSH

8.219.4.1 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2024-10-13 22:05:05.195000
Was present on blacklist at: 2024-09-18 04:05, 2024-09-18 10:05, 2024-09-19 04:05, 2024-09-19 16:05, 2024-09-19 22:05, 2024-09-20 04:05, 2024-09-20 10:05, 2024-09-20 22:05, 2024-09-24 16:05, 2024-09-24 22:05, 2024-09-25 04:05, 2024-09-25 10:05, 2024-09-25 16:05, 2024-09-25 22:05, 2024-09-26 04:05, 2024-09-26 10:05, 2024-09-29 04:05, 2024-09-29 10:05, 2024-09-29 16:05, 2024-09-29 22:05, 2024-09-30 04:05, 2024-09-30 10:05, 2024-09-30 16:05, 2024-10-03 10:05, 2024-10-03 16:05, 2024-10-03 22:05, 2024-10-04 04:05, 2024-10-04 10:05, 2024-10-04 16:05, 2024-10-04 22:05, 2024-10-05 04:05, 2024-10-05 10:05, 2024-10-05 16:05, 2024-10-05 22:05, 2024-10-12 04:05, 2024-10-12 10:05, 2024-10-12 16:05, 2024-10-12 22:05, 2024-10-13 04:05, 2024-10-13 10:05, 2024-10-13 16:05, 2024-10-13 22:05

DataPlane SSH login

8.219.4.1 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2024-09-22 18:10:01.295000
Was present on blacklist at: 2024-09-18 06:10, 2024-09-18 14:10, 2024-09-18 18:10, 2024-09-18 22:10, 2024-09-19 02:10, 2024-09-19 06:10, 2024-09-19 14:10, 2024-09-19 18:10, 2024-09-19 22:10, 2024-09-20 02:10, 2024-09-20 06:10, 2024-09-20 10:10, 2024-09-20 14:10, 2024-09-20 18:10, 2024-09-20 22:10, 2024-09-21 02:10, 2024-09-21 06:10, 2024-09-21 10:10, 2024-09-21 14:10, 2024-09-21 18:10, 2024-09-21 22:10, 2024-09-22 02:10, 2024-09-22 06:10, 2024-09-22 10:10, 2024-09-22 14:10, 2024-09-22 18:10

DataPlane SSH conn

8.219.4.1 is listed on the DataPlane SSH conn blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IP addresses that<br>has been seen initiating an unsolicited SSH connection to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2024-09-25 02:10:01.610000
Was present on blacklist at: 2024-09-18 06:10, 2024-09-18 10:10, 2024-09-18 14:10, 2024-09-18 18:10, 2024-09-18 22:10, 2024-09-19 02:10, 2024-09-19 06:10, 2024-09-19 14:10, 2024-09-19 18:10, 2024-09-19 22:10, 2024-09-20 02:10, 2024-09-20 06:10, 2024-09-20 10:10, 2024-09-20 14:10, 2024-09-20 18:10, 2024-09-20 22:10, 2024-09-21 02:10, 2024-09-21 06:10, 2024-09-21 10:10, 2024-09-21 14:10, 2024-09-21 18:10, 2024-09-21 22:10, 2024-09-22 02:10, 2024-09-22 06:10, 2024-09-22 10:10, 2024-09-22 14:10, 2024-09-22 18:10, 2024-09-22 22:10, 2024-09-23 02:10, 2024-09-23 06:10, 2024-09-23 10:10, 2024-09-23 14:10, 2024-09-23 18:10, 2024-09-23 22:10, 2024-09-24 02:10, 2024-09-24 06:10, 2024-09-24 10:10, 2024-09-24 14:10, 2024-09-24 18:10, 2024-09-24 22:10, 2024-09-25 02:10

blocklist.de bots

8.219.4.1 is listed on the blocklist.de bots blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the RFI-Attacks,<br>REG-Bots, IRC-Bots or BadBots.
Type of feed: primary (feed detail page)

Last checked at: 2024-09-28 22:05:01.090000
Was present on blacklist at: 2024-09-18 16:05, 2024-09-18 22:05, 2024-09-19 10:05, 2024-09-21 04:05, 2024-09-21 10:05, 2024-09-21 16:05, 2024-09-21 22:05, 2024-09-22 04:05, 2024-09-28 22:05

Turris greylist

8.219.4.1 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-10-13 21:15:00.281000
Was present on blacklist at: 2024-09-18 21:15, 2024-09-19 21:15, 2024-09-20 21:15, 2024-09-21 21:15, 2024-09-22 21:15, 2024-09-23 21:15, 2024-09-24 21:15, 2024-09-25 21:15, 2024-09-26 21:15, 2024-09-27 21:15, 2024-09-28 21:15, 2024-09-29 21:15, 2024-09-30 21:15, 2024-10-01 21:15, 2024-10-02 21:15, 2024-10-03 21:15, 2024-10-04 21:15, 2024-10-05 21:15, 2024-10-06 21:15, 2024-10-07 21:15, 2024-10-08 21:15, 2024-10-09 21:15, 2024-10-10 21:15, 2024-10-11 21:15, 2024-10-12 21:15, 2024-10-13 21:15

CI Army

8.219.4.1 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2024-10-18 02:50:00.997000
Was present on blacklist at: 2024-09-19 02:50, 2024-09-20 02:50, 2024-09-21 02:50, 2024-09-22 02:50, 2024-09-23 02:50, 2024-09-24 02:50, 2024-09-25 02:50, 2024-09-26 02:50, 2024-09-27 02:50, 2024-09-28 02:50, 2024-09-29 02:50, 2024-09-30 02:50, 2024-10-01 02:50, 2024-10-02 02:50, 2024-10-03 02:50, 2024-10-04 02:50, 2024-10-05 02:50, 2024-10-06 02:50, 2024-10-08 02:50, 2024-10-09 02:50, 2024-10-10 02:50, 2024-10-11 02:50, 2024-10-12 02:50, 2024-10-13 02:50, 2024-10-14 02:50, 2024-10-15 02:50, 2024-10-16 02:50, 2024-10-17 02:50, 2024-10-18 02:50

AbuseIPDB

8.219.4.1 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-10-15 04:00:00.339000
Was present on blacklist at: 2024-09-19 04:00, 2024-09-20 04:00, 2024-09-21 04:00, 2024-09-22 04:00, 2024-09-23 04:00, 2024-09-24 04:00, 2024-09-25 04:00, 2024-09-26 04:00, 2024-09-27 04:00, 2024-09-29 04:00, 2024-09-30 04:00, 2024-10-01 04:00, 2024-10-02 04:00, 2024-10-04 04:00, 2024-10-05 04:00, 2024-10-06 04:00, 2024-10-07 04:00, 2024-10-08 04:00, 2024-10-09 04:00, 2024-10-11 04:00, 2024-10-12 04:00, 2024-10-14 04:00, 2024-10-15 04:00

Mirai tracker

8.219.4.1 is listed on the Mirai tracker blacklist.

Description: IPs scanning the internet in a specific way known to be used by Mirai malware and its variants.
Type of feed: primary (feed detail page)

Last checked at: 2024-10-13 23:40:01.962000
Was present on blacklist at: 2024-09-19 23:40, 2024-09-20 23:40, 2024-09-21 23:40, 2024-10-04 23:40, 2024-10-05 23:40, 2024-10-11 23:40, 2024-10-12 23:40, 2024-10-13 23:40

UCEPROTECT L1

8.219.4.1 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-10-06 23:45:00.580000
Was present on blacklist at: 2024-09-21 07:45, 2024-09-21 15:45, 2024-09-21 23:45, 2024-09-22 07:45, 2024-09-22 15:45, 2024-09-22 23:45, 2024-09-23 07:45, 2024-09-23 15:45, 2024-09-24 07:45, 2024-09-24 15:45, 2024-09-24 23:45, 2024-09-25 15:45, 2024-09-25 23:45, 2024-09-26 07:45, 2024-09-26 15:45, 2024-09-26 23:45, 2024-09-27 07:45, 2024-09-27 15:45, 2024-09-27 23:45, 2024-09-28 07:45, 2024-09-28 15:45, 2024-09-28 23:45, 2024-09-29 07:45, 2024-09-29 15:45, 2024-09-29 23:45, 2024-09-30 07:45, 2024-09-30 15:45, 2024-09-30 23:45, 2024-10-01 07:45, 2024-10-01 23:45, 2024-10-02 07:45, 2024-10-02 15:45, 2024-10-02 23:45, 2024-10-03 07:45, 2024-10-03 15:45, 2024-10-03 23:45, 2024-10-04 07:45, 2024-10-04 15:45, 2024-10-04 23:45, 2024-10-05 07:45, 2024-10-05 15:45, 2024-10-05 23:45, 2024-10-06 07:45, 2024-10-06 15:45, 2024-10-06 23:45

Warden events (351721)

2024-10-12

IntrusionUserCompromise (node.cfb4f7): 5996

2024-10-11

IntrusionUserCompromise (node.cfb4f7): 7985

2024-10-10

IntrusionUserCompromise (node.cfb4f7): 8485

2024-10-09

IntrusionUserCompromise (node.cfb4f7): 20575

2024-10-08

IntrusionUserCompromise (node.cfb4f7): 18714

2024-10-07

IntrusionUserCompromise (node.cfb4f7): 19043

2024-10-06

IntrusionUserCompromise (node.cfb4f7): 18932

2024-10-05

IntrusionUserCompromise (node.cfb4f7): 11747

2024-10-04

IntrusionUserCompromise (node.cfb4f7): 21823

2024-10-03

IntrusionUserCompromise (node.cfb4f7): 10263

2024-10-02

IntrusionUserCompromise (node.cfb4f7): 15249

2024-10-01

IntrusionUserCompromise (node.cfb4f7): 27534

2024-09-30

IntrusionUserCompromise (node.cfb4f7): 34918

IntrusionUserCompromise (node.ee25b8): 1

AttemptLogin (node.ee25b8): 1

2024-09-29

IntrusionUserCompromise (node.cfb4f7): 16156

ReconScanning (node.5f02e7): 1

2024-09-28

IntrusionUserCompromise (node.cfb4f7): 35574

IntrusionUserCompromise (node.ee25b8): 1

AttemptLogin (node.ee25b8): 1

2024-09-27

IntrusionUserCompromise (node.cfb4f7): 25506

2024-09-26

IntrusionUserCompromise (node.cfb4f7): 14349

2024-09-25

IntrusionUserCompromise (node.cfb4f7): 14137

2024-09-24

IntrusionUserCompromise (node.cfb4f7): 15985

2024-09-23

IntrusionUserCompromise (node.cfb4f7): 8736

2024-09-18

ReconScanning (node.ce2b59): 9

DShield reports (IP summary, reports)

2024-09-18

Number of reports: 261

Distinct targets: 94

2024-09-19

Number of reports: 561

Distinct targets: 111

2024-09-20

Number of reports: 561

Distinct targets: 109

2024-09-21

Number of reports: 467

Distinct targets: 110

2024-09-22

Number of reports: 339

Distinct targets: 116

2024-09-23

Number of reports: 408

Distinct targets: 107

2024-09-24

Number of reports: 369

Distinct targets: 100

2024-09-25

Number of reports: 778

Distinct targets: 96

2024-09-26

Number of reports: 975

Distinct targets: 104

2024-09-27

Number of reports: 1045

Distinct targets: 115

2024-09-28

Number of reports: 883

Distinct targets: 94

2024-09-29

Number of reports: 595

Distinct targets: 115

2024-09-30

Number of reports: 1274

Distinct targets: 127

2024-10-01

Number of reports: 402

Distinct targets: 81

2024-10-02

Number of reports: 870

Distinct targets: 103

2024-10-03

Number of reports: 998

Distinct targets: 138

2024-10-04

Number of reports: 2094

Distinct targets: 103

2024-10-05

Number of reports: 1214

Distinct targets: 125

2024-10-06

Number of reports: 1010

Distinct targets: 104

2024-10-07

Number of reports: 630

Distinct targets: 80

2024-10-08

Number of reports: 698

Distinct targets: 101

2024-10-09

Number of reports: 628

Distinct targets: 97

2024-10-10

Number of reports: 1354

Distinct targets: 128

2024-10-11

Number of reports: 1768

Distinct targets: 119

2024-10-12

Number of reports: 523

Distinct targets: 85

2024-10-13

Number of reports: 164

Distinct targets: 59

2024-10-14

Number of reports: 85

Distinct targets: 56

2024-10-15

Number of reports: 143

Distinct targets: 54

2024-10-16

Number of reports: 29

Distinct targets: 19

OTX pulses

[5a7e3e70c44e7b48947593a7] 2018-02-10 00:36:00.396000 | Webscanners 2018-02-09 thru current day

Author name:	david3
Pulse modified:	2024-11-14 03:55:19.664000
Indicator created:	2024-10-15 08:00:19
Indicator role:	scanning_host
Indicator title:	404 NOT FOUND
Indicator expiration:	2025-01-13 00:00:00

[602bc528f447d628d41494f2] 2021-02-16 13:14:16.945000 | Ka's Honeypot visitors

Author name:	Kapppppa
Pulse modified:	2024-10-28 23:59:06.736000
Indicator created:	2024-09-29 00:38:19
Indicator role:	bruteforce
Indicator title:	Telnet Login attempt
Indicator expiration:	2024-10-29 00:00:00

Origin AS

AS45102 - CNNIC-ALIBABA-CN-NET-AP

BGP Prefix

8.219.0.0/17

geo

Singapore

🕑 Asia/Singapore

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

8.208.0.0 - 8.223.255.255

last_activity

2024-11-14 04:02:11.695000

last_warden_event

2024-10-12 20:39:41

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 22

Tags: cloud, scanner

CPEs: cpe:/o:linux:linux_kernel, cpe:/o:debian:debian_linux, cpe:/a:openbsd:openssh:8.4p1

ts_added

2024-09-18 00:20:08.370000

ts_last_update

2024-11-17 00:20:10.557000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses