IP address

Search at other sites:
.46420.84.148.197
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
CI Army
20.84.148.197 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-01 02:50:01.011000
Was present on blacklist at: 2025-04-24 02:50, 2025-04-25 02:50, 2025-04-26 02:50, 2025-04-27 02:50, 2025-04-28 02:50, 2025-04-29 02:50, 2025-04-30 02:50, 2025-05-01 02:50
AbuseIPDB
20.84.148.197 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-01 04:00:00.620000
Was present on blacklist at: 2025-04-26 04:00, 2025-04-29 04:00, 2025-05-01 04:00
UCEPROTECT L1
20.84.148.197 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-01 23:45:00.539000
Was present on blacklist at: 2025-04-26 15:45, 2025-04-26 23:45, 2025-04-27 07:45, 2025-04-27 15:45, 2025-04-27 23:45, 2025-04-28 07:45, 2025-04-28 15:45, 2025-04-28 23:45, 2025-04-29 07:45, 2025-04-29 15:45, 2025-04-29 23:45, 2025-04-30 07:45, 2025-04-30 15:45, 2025-04-30 23:45, 2025-05-01 07:45, 2025-05-01 15:45, 2025-05-01 23:45
Turris greylist
20.84.148.197 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-04-29 21:15:00.179000
Was present on blacklist at: 2025-04-26 21:15, 2025-04-29 21:15
Spamhaus XBL CBL
20.84.148.197 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-05-01 01:58:20.180000
Was present on blacklist at: 2025-05-01 01:58
Warden events (29)
2025-05-01
ReconScanning (node.4dc198): 2
2025-04-30
ReconScanning (node.4dc198): 2
ReconScanning (node.368407): 2
2025-04-29
ReconScanning (node.368407): 3
ReconScanning (node.4dc198): 3
2025-04-28
ReconScanning (node.368407): 3
ReconScanning (node.4dc198): 1
2025-04-27
ReconScanning (node.368407): 3
ReconScanning (node.4dc198): 1
2025-04-25
ReconScanning (node.368407): 2
ReconScanning (node.4dc198): 2
2025-04-24
ReconScanning (node.368407): 3
ReconScanning (node.4dc198): 2
DShield reports (IP summary, reports)
2025-04-23
Number of reports: 35
Distinct targets: 23
2025-04-24
Number of reports: 92
Distinct targets: 60
2025-04-25
Number of reports: 87
Distinct targets: 64
2025-04-26
Number of reports: 61
Distinct targets: 50
2025-04-27
Number of reports: 65
Distinct targets: 47
2025-04-28
Number of reports: 54
Distinct targets: 36
2025-04-29
Number of reports: 105
Distinct targets: 82
2025-04-30
Number of reports: 88
Distinct targets: 68
OTX pulses
[680bc6d87a620e6330476a82] 2025-04-25 17:31:04.779000 | Apache honeypot logs for 25/Apr/2025
Author name:jnazario
Pulse modified:2025-04-25 17:31:04.779000
Indicator created:2025-04-25 17:31:05
Indicator role:None
Indicator title:
Indicator expiration:2025-05-25 17:00:00
Origin AS
AS8075 - MICROSOFT-CORP-MSN-AS-BLOCK
BGP Prefix
20.64.0.0/10
geo
United States, Des Moines
🕑 America/Chicago
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
20.64.0.0 - 20.127.255.255
last_activity
2025-05-01 21:16:35
last_warden_event
2025-05-01 21:16:35
rep
0.4640625
reserved_range
0
ts_added
2025-04-24 01:58:16.817000
ts_last_update
2025-05-01 23:57:31.577000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses