IP address

Search at other sites:
--185.252.144.35vm3987819.firstbyte.club
Shodan(more info)
Passive DNS
Tags:
IP blacklists
DataPlane VNC RFB
185.252.144.35 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-26 15:10:00.668000
Was present on blacklist at: 2026-02-11 23:10, 2026-02-12 03:10, 2026-02-12 07:10, 2026-02-12 11:10, 2026-02-12 15:10, 2026-02-12 19:10, 2026-02-12 23:10, 2026-02-13 03:10, 2026-02-13 07:10, 2026-02-13 11:10, 2026-02-13 15:10, 2026-02-13 19:10, 2026-02-13 23:10, 2026-02-14 03:10, 2026-02-14 07:10, 2026-02-14 11:10, 2026-02-14 15:10, 2026-02-14 19:10, 2026-02-14 23:10, 2026-02-15 03:10, 2026-02-15 07:10, 2026-02-15 11:10, 2026-02-15 15:10, 2026-02-15 19:10, 2026-02-15 23:10, 2026-02-16 03:10, 2026-02-16 07:10, 2026-02-16 11:10, 2026-02-16 15:10, 2026-02-16 19:10, 2026-02-16 23:10, 2026-02-17 03:10, 2026-02-17 07:10, 2026-02-17 11:10, 2026-02-17 15:10, 2026-02-17 19:10, 2026-02-17 23:10, 2026-02-18 03:10, 2026-02-18 07:10, 2026-02-18 11:10, 2026-02-18 15:10, 2026-02-18 19:10, 2026-02-18 23:10, 2026-02-19 03:10, 2026-02-19 07:10, 2026-02-19 11:10, 2026-02-19 15:10, 2026-02-19 19:10, 2026-02-19 23:10, 2026-02-20 03:10, 2026-02-20 07:10, 2026-02-20 11:10, 2026-02-20 15:10, 2026-02-20 19:10, 2026-02-20 23:10, 2026-02-21 03:10, 2026-02-21 07:10, 2026-02-21 11:10, 2026-02-21 15:10, 2026-02-21 19:10, 2026-02-21 23:10, 2026-02-22 03:10, 2026-02-22 07:10, 2026-02-22 11:10, 2026-02-22 15:10, 2026-02-22 19:10, 2026-02-22 23:10, 2026-02-23 03:10, 2026-02-23 07:10, 2026-02-23 11:10, 2026-02-23 15:10, 2026-02-23 19:10, 2026-02-23 23:10, 2026-02-24 03:10, 2026-02-24 07:10, 2026-02-24 11:10, 2026-02-24 15:10, 2026-02-24 19:10, 2026-02-24 23:10, 2026-02-25 03:10, 2026-02-25 07:10, 2026-02-25 11:10, 2026-02-25 15:10, 2026-02-25 19:10, 2026-02-25 23:10, 2026-02-26 03:10, 2026-02-26 07:10, 2026-02-26 11:10, 2026-02-26 15:10

Threat categories

TLRoleCategoryDetails
No threat category tags assigned
OTX pulses
[698dd39a9030587f24b3e194] 2026-02-12 13:20:23.765000 | VNC honeypot logs for 2026/02/12
Author name:jnazario
Pulse modified:2026-02-12 13:20:23.765000
Indicator created:2026-02-12 13:20:27
Indicator role:None
Indicator title:
Indicator expiration:2026-03-14 13:00:00
[698f251a841af7b08446f608] 2026-02-13 13:20:26.500000 | VNC honeypot logs for 2026/02/13
Author name:jnazario
Pulse modified:2026-02-13 13:20:26.500000
Indicator created:2026-02-13 13:20:27
Indicator role:None
Indicator title:
Indicator expiration:2026-03-15 13:00:00
[69907897ff785c8e0f1a4c03] 2026-02-14 13:28:55.209000 | VNC honeypot logs for 2026/02/14
Author name:jnazario
Pulse modified:2026-02-14 13:28:55.209000
Indicator created:2026-02-14 13:28:56
Indicator role:None
Indicator title:
Indicator expiration:2026-03-16 13:00:00
[69931a666448b1cf5c48e0d1] 2026-02-16 13:23:50.426000 | VNC honeypot logs for 2026/02/16
Author name:jnazario
Pulse modified:2026-02-16 13:23:50.426000
Indicator created:2026-02-16 13:23:51
Indicator role:None
Indicator title:
Indicator expiration:2026-03-18 13:00:00
[69946d83d7c9dffdcb3d5354] 2026-02-17 13:30:43.105000 | VNC honeypot logs for 2026/02/17
Author name:jnazario
Pulse modified:2026-02-17 13:30:43.105000
Indicator created:2026-02-17 13:30:44
Indicator role:None
Indicator title:
Indicator expiration:2026-03-19 13:00:00
Origin AS
AS200740 - FIRST-SERVER-EU-AS
AS204339 - FIRSTBYTE-FL-AS
BGP Prefix
185.252.144.0/24
geo
Finland, Helsinki
🕑 Europe/Helsinki
hostname
vm3987819.firstbyte.club
Address block ('inetnum' or 'NetRange' in whois database)
185.252.144.0 - 185.252.147.255
last_activity
2026-02-17 16:41:37.772000
reserved_range
0
Shodan's InternetDB
Open ports: 22
Tags:
CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.9p1
ts_added
2026-02-11 23:11:20.142000
ts_last_update
2026-04-05 23:11:31.455000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses