IP address

Passive DNS

Tags:

IP blacklists

AbuseIPDB

81.161.239.19 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-03-18 05:00:00.760000
Was present on blacklist at: 2026-02-14 05:00, 2026-02-20 05:00, 2026-02-24 05:00, 2026-03-02 05:00, 2026-03-07 05:00, 2026-03-18 05:00

UCEPROTECT L1

81.161.239.19 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-22 00:45:00.736000
Was present on blacklist at: 2026-02-14 16:45, 2026-02-15 00:45, 2026-02-15 08:45, 2026-02-16 00:45, 2026-02-16 16:45, 2026-02-17 00:45, 2026-02-18 00:45, 2026-02-18 16:45, 2026-02-19 00:45, 2026-02-19 08:45, 2026-02-19 16:45, 2026-02-20 00:45, 2026-02-20 08:45, 2026-02-21 08:45, 2026-02-22 08:45, 2026-02-22 16:45, 2026-02-24 00:45, 2026-02-24 08:45, 2026-02-24 16:45, 2026-02-25 00:45, 2026-02-25 08:45, 2026-02-26 00:45, 2026-02-27 08:45, 2026-02-27 16:45, 2026-02-28 08:45, 2026-03-01 16:45, 2026-03-02 08:45, 2026-03-02 16:45, 2026-03-03 00:45, 2026-03-03 08:45, 2026-03-03 16:45, 2026-03-04 00:45, 2026-03-04 08:45, 2026-03-04 16:45, 2026-03-05 00:45, 2026-03-05 08:45, 2026-03-05 16:45, 2026-03-06 00:45, 2026-03-06 08:45, 2026-03-09 08:45, 2026-03-09 16:45, 2026-03-10 00:45, 2026-03-10 08:45, 2026-03-10 16:45, 2026-03-11 00:45, 2026-03-11 08:45, 2026-03-11 16:45, 2026-03-12 00:45, 2026-03-12 08:45, 2026-03-12 16:45, 2026-03-13 00:45, 2026-03-13 08:45, 2026-03-13 16:45, 2026-03-14 00:45, 2026-03-14 08:45, 2026-03-14 16:45, 2026-03-15 00:45, 2026-03-15 08:45, 2026-03-18 00:45, 2026-03-18 08:45, 2026-03-18 16:45, 2026-03-19 00:45, 2026-03-19 08:45, 2026-03-19 16:45, 2026-03-20 00:45, 2026-03-20 08:45, 2026-03-20 16:45, 2026-03-21 00:45, 2026-03-21 08:45, 2026-03-21 16:45, 2026-03-22 00:45

CI Army

81.161.239.19 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-03-03 03:50:01.123000
Was present on blacklist at: 2026-02-20 03:50, 2026-02-21 03:50, 2026-02-25 03:50, 2026-02-26 03:50, 2026-03-02 03:50, 2026-03-03 03:50

Threat categories

TL	Role	Category	Details
50	src	scan
41	src	—

DShield reports (IP summary, reports)

2026-02-24: Number of reports: 283; Distinct targets: 194
2026-02-25: Number of reports: 283; Distinct targets: 194
2026-03-17: Number of reports: 263; Distinct targets: 197

OTX pulses

[69970e37e69fb5d88853ad26] 2026-02-19 13:20:55.139000 | RDP honeypot logs for 2026/02/19

Author name:	jnazario
Pulse modified:	2026-02-19 13:20:55.139000
Indicator created:	2026-02-19 13:20:56
Indicator role:	None
Indicator title:
Indicator expiration:	2026-03-21 13:00:00

[699dac91ee57c6e3c672ab66] 2026-02-24 13:50:09.849000 | RDP honeypot logs for 2026/02/24

Author name:	jnazario
Pulse modified:	2026-02-24 13:50:09.849000
Indicator created:	2026-02-24 13:50:10
Indicator role:	None
Indicator title:
Indicator expiration:	2026-03-26 13:00:00

[69a43d4d923eea074068c28a] 2026-03-01 13:21:17.380000 | RDP honeypot logs for 2026/03/01

Author name:	jnazario
Pulse modified:	2026-03-01 13:21:17.380000
Indicator created:	2026-03-01 13:21:18
Indicator role:	None
Indicator title:
Indicator expiration:	2026-03-31 13:00:00

Origin AS: AS215292 - Gravhosting
BGP Prefix: 81.161.239.0/24
geo: United States, Kansas City; 🕑 America/Chicago
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 81.161.236.0 - 81.161.239.255
last_activity: 2026-03-01 16:39:58.510000
reserved_range: 0
Shodan's InternetDB: Open ports: 3389; Tags: self-signed; CPEs: –
ts_added: 2026-02-14 05:01:10.687000
ts_last_update: 2026-03-22 01:05:31.223000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses