IP address

Search at other sites:

.190104.224.53.147147.53.224.104.us.kuroit.com

Shodan(more info)

Passive DNS

IP blacklists

CI Army

104.224.53.147 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-09 02:50:00.993000
Was present on blacklist at: 2025-02-15 03:50, 2025-02-16 03:50, 2025-02-17 03:50, 2025-02-18 03:50, 2025-02-19 03:50, 2025-02-20 03:50, 2025-02-21 03:50, 2025-02-24 03:50, 2025-02-25 03:50, 2025-02-26 03:50, 2025-03-03 03:50, 2025-03-04 03:50, 2025-03-05 03:50, 2025-03-06 03:50, 2025-03-08 03:50, 2025-03-09 03:50, 2025-03-10 03:50, 2025-03-12 03:50, 2025-03-16 03:50, 2025-03-17 03:50, 2025-03-18 03:50, 2025-03-19 03:50, 2025-03-20 03:50, 2025-03-24 03:50, 2025-03-25 03:50, 2025-03-26 03:50, 2025-03-27 03:50, 2025-03-28 03:50, 2025-04-07 02:50, 2025-04-08 02:50, 2025-04-09 02:50, 2025-04-20 02:50, 2025-04-21 02:50, 2025-04-22 02:50, 2025-05-04 02:50, 2025-05-05 02:50, 2025-05-06 02:50, 2025-05-07 02:50, 2025-05-08 02:50, 2025-05-09 02:50

AbuseIPDB

104.224.53.147 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-09 04:00:00.604000
Was present on blacklist at: 2025-03-11 05:00, 2025-03-12 05:00, 2025-03-24 05:00, 2025-04-05 04:00, 2025-04-06 04:00, 2025-04-07 04:00, 2025-04-27 04:00, 2025-05-02 04:00, 2025-05-03 04:00, 2025-05-09 04:00

UCEPROTECT L1

104.224.53.147 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-09 07:45:00.813000
Was present on blacklist at: 2025-03-11 16:45, 2025-03-12 00:45, 2025-03-12 08:45, 2025-03-12 16:45, 2025-03-13 00:45, 2025-03-13 08:45, 2025-03-13 16:45, 2025-03-14 00:45, 2025-03-14 08:45, 2025-03-14 16:45, 2025-03-15 00:45, 2025-03-15 08:45, 2025-03-15 16:45, 2025-03-16 00:45, 2025-03-16 08:45, 2025-03-16 16:45, 2025-03-17 00:45, 2025-03-17 08:45, 2025-03-17 16:45, 2025-03-18 00:45, 2025-03-18 08:45, 2025-04-05 15:45, 2025-04-05 23:45, 2025-04-06 07:45, 2025-04-06 15:45, 2025-04-06 23:45, 2025-04-07 07:45, 2025-04-07 15:45, 2025-04-07 23:45, 2025-04-08 07:45, 2025-04-08 15:45, 2025-04-08 23:45, 2025-04-09 07:45, 2025-04-09 15:45, 2025-04-09 23:45, 2025-04-10 07:45, 2025-04-10 15:45, 2025-04-10 23:45, 2025-04-11 07:45, 2025-04-11 15:45, 2025-04-11 23:45, 2025-04-12 07:45, 2025-05-02 23:45, 2025-05-03 07:45, 2025-05-03 15:45, 2025-05-03 23:45, 2025-05-04 07:45, 2025-05-04 15:45, 2025-05-04 23:45, 2025-05-05 07:45, 2025-05-05 15:45, 2025-05-05 23:45, 2025-05-06 07:45, 2025-05-06 15:45, 2025-05-06 23:45, 2025-05-07 07:45, 2025-05-07 15:45, 2025-05-07 23:45, 2025-05-08 07:45, 2025-05-08 15:45, 2025-05-08 23:45, 2025-05-09 07:45

Warden events (673)

2025-05-09

ReconScanning (node.4dc198): 118

2025-05-08

ReconScanning (node.4dc198): 53

2025-05-02

ReconScanning (node.4dc198): 92

2025-05-01

ReconScanning (node.4dc198): 22

2025-04-05

ReconScanning (node.4dc198): 19

ReconScanning (node.9c1411): 43

2025-04-04

ReconScanning (node.4dc198): 75

ReconScanning (node.9c1411): 15

2025-04-03

ReconScanning (node.4dc198): 13

ReconScanning (node.9c1411): 3

2025-03-11

ReconScanning (node.4dc198): 37

ReconScanning (node.9c1411): 18

2025-03-10

ReconScanning (node.4dc198): 148

ReconScanning (node.9c1411): 17

DShield reports (IP summary, reports)

2025-02-14

Number of reports: 27

Distinct targets: 22

2025-02-15

Number of reports: 96

Distinct targets: 68

2025-02-16

Number of reports: 42

Distinct targets: 21

2025-02-24

Number of reports: 86

Distinct targets: 61

2025-02-25

Number of reports: 49

Distinct targets: 29

2025-03-03

Number of reports: 85

Distinct targets: 62

2025-03-04

Number of reports: 61

Distinct targets: 43

2025-03-07

Number of reports: 29

Distinct targets: 21

2025-03-08

Number of reports: 87

Distinct targets: 63

2025-03-10

Number of reports: 43

Distinct targets: 28

2025-03-11

Number of reports: 15

Distinct targets: 11

2025-03-16

Number of reports: 104

Distinct targets: 75

2025-03-17

Number of reports: 51

Distinct targets: 38

2025-03-23

Number of reports: 29

Distinct targets: 26

2025-03-24

Number of reports: 121

Distinct targets: 90

2025-03-25

Number of reports: 39

Distinct targets: 26

2025-04-04

Number of reports: 46

Distinct targets: 33

2025-04-05

Number of reports: 16

Distinct targets: 15

2025-04-06

Number of reports: 87

Distinct targets: 65

2025-04-07

Number of reports: 101

Distinct targets: 77

2025-04-19

Number of reports: 54

Distinct targets: 52

2025-04-20

Number of reports: 81

Distinct targets: 61

2025-05-01

Number of reports: 24

Distinct targets: 20

2025-05-02

Number of reports: 53

Distinct targets: 36

2025-05-03

Number of reports: 15

Distinct targets: 15

2025-05-04

Number of reports: 75

Distinct targets: 61

2025-05-05

Number of reports: 42

Distinct targets: 26

2025-05-08

Number of reports: 17

Distinct targets: 16

OTX pulses

[67cd893565507cd9754466df] 2025-03-09 12:27:33.162000 | RDP honeypot logs for 2025/03/09

Author name:	jnazario
Pulse modified:	2025-03-09 12:27:33.162000
Indicator created:	2025-03-09 12:27:33
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-08 12:00:00

[67d965df5601350a31c0ff1b] 2025-03-18 12:23:59.480000 | RDP honeypot logs for 2025/03/18

Author name:	jnazario
Pulse modified:	2025-03-18 12:23:59.480000
Indicator created:	2025-03-18 12:24:00
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-17 12:00:00

[67e3f2cfad58182361cb2bff] 2025-03-26 12:27:59.724000 | RDP honeypot logs for 2025/03/26

Author name:	jnazario
Pulse modified:	2025-03-26 12:27:59.724000
Indicator created:	2025-03-26 12:28:00
Indicator role:	None
Indicator title:
Indicator expiration:	2025-04-25 12:00:00

[6806394bfa2eff20a3454af3] 2025-04-21 12:25:47.600000 | RDP honeypot logs for 2025/04/21

Author name:	jnazario
Pulse modified:	2025-04-21 12:25:47.600000
Indicator created:	2025-04-21 12:25:48
Indicator role:	None
Indicator title:
Indicator expiration:	2025-05-21 12:00:00

Origin AS

AS152586 - KUROIT-AS-AP

BGP Prefix

104.224.53.0/24

geo

United States, Ashburn

🕑 America/New_York

hostname

147.53.224.104.us.kuroit.com

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

104.224.52.0 - 104.224.55.255

last_activity

2025-05-09 10:30:17

last_warden_event

2025-05-09 10:30:17

rep

0.1904761904761905

reserved_range

0

Shodan's InternetDB

Open ports: 135, 445, 3306, 3389, 5263, 5276, 7443, 7777, 8080, 9090, 9091

Tags: database, eol-product, self-signed

CPEs: cpe:/a:oracle:mysql:5.5.27, cpe:/a:getbootstrap:bootstrap, cpe:/a:igniterealtime:openfire:4.9.2

ts_added

2025-01-18 03:51:07.284000

ts_last_update

2025-05-09 10:30:39.319000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses