IP address

Search at other sites:
.119152.84.98.235
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
CI Army
152.84.98.235 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-04-07 02:50:01.073000
Was present on blacklist at: 2026-04-06 02:50, 2026-04-07 02:50
Echelon VNC login
152.84.98.235 is listed on the Echelon VNC login blacklist.

Description: VNC remote desktop login attempt on port 5900/5901
Type of feed: primary (feed detail page)

Last checked at: 2026-04-06 09:45:00.558000
Was present on blacklist at: 2026-04-06 09:45

Threat categories

TLRoleCategoryDetails
75 src scan port: 5900, 5901, 5902, 5903
25 src
25 src login protocol: vnc
Warden events (135)
2026-04-06
ReconScanning (node.ce2b59): 66
2026-04-05
ReconScanning (node.ce2b59): 69
DShield reports (IP summary, reports)
2026-04-05
Number of reports: 73
Distinct targets: 52
2026-04-06
Number of reports: 70
Distinct targets: 50
Origin AS
AS2715 - LACNIC-2715
BGP Prefix
152.84.98.0/24
geo
Brazil
🕑 America/Sao_Paulo
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
152.84.0.0 - 152.84.255.255
last_activity
2026-04-06 19:44:51
last_warden_event
2026-04-06 19:44:51
rep
0.11904761904761904
reserved_range
0
Shodan's InternetDB
Open ports: 2000
Tags:
CPEs:
ts_added
2026-04-05 03:32:41.413000
ts_last_update
2026-04-07 05:00:46.565000

Warden event timeline

DShield event timeline

Presence on blacklists