IP address

Search at other sites:

.1198.242.185.2

Shodan(more info)

Passive DNS

IP blacklists

DataPlane TELNET login

8.242.185.2 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-16 15:10:03.656000
Was present on blacklist at: 2025-12-10 07:10, 2025-12-10 11:10, 2025-12-10 15:10, 2025-12-10 19:10, 2025-12-10 23:10, 2025-12-11 03:10, 2025-12-11 07:10, 2025-12-11 11:10, 2025-12-11 15:10, 2025-12-11 19:10, 2025-12-11 23:10, 2025-12-12 03:10, 2025-12-12 07:10, 2025-12-12 11:10, 2025-12-12 15:10, 2025-12-12 19:10, 2025-12-12 23:10, 2025-12-13 03:10, 2025-12-13 07:10, 2025-12-13 11:10, 2025-12-13 15:10, 2025-12-13 19:10, 2025-12-13 23:10, 2025-12-14 03:10, 2025-12-14 07:10, 2025-12-14 11:10, 2025-12-14 15:10, 2025-12-14 19:10, 2025-12-14 23:10, 2025-12-15 03:10, 2025-12-15 07:10, 2025-12-15 11:10, 2025-12-15 15:10, 2025-12-15 19:10, 2025-12-15 23:10, 2025-12-16 03:10, 2025-12-16 07:10, 2025-12-16 11:10, 2025-12-16 15:10

Spamhaus SBL CSS

8.242.185.2 is listed on the Spamhaus SBL CSS blacklist.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-10 07:58:40.629000
Was present on blacklist at: 2025-12-10 07:58

Spamhaus XBL CBL

8.242.185.2 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-10 07:58:40.629000
Was present on blacklist at: 2025-12-10 07:58

Turris greylist

8.242.185.2 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-14 22:15:00.186000
Was present on blacklist at: 2025-12-12 22:15, 2025-12-14 22:15

AbuseIPDB

8.242.185.2 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-12-16 05:00:00.711000
Was present on blacklist at: 2025-12-14 05:00, 2025-12-16 05:00

Warden events (22)

2025-12-15

ReconScanning (node.9c1411): 11

2025-12-14

ReconScanning (node.9c1411): 11

Origin AS

AS265855 -

BGP Prefix

8.242.185.0/24

geo

Colombia, Popayán

🕑 America/Bogota

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

8.242.0.0 - 8.243.255.255

last_activity

2025-12-15 12:45:29

last_warden_event

2025-12-15 12:45:29

rep

0.11898949032738096

reserved_range

0

Shodan's InternetDB

Open ports: 22, 161, 179, 1701, 1723, 2002, 8083, 8728

Tags: vpn

CPEs: –

ts_added

2025-12-10 07:58:40.460000

ts_last_update

2025-12-16 15:57:52.120000

Warden event timeline

DShield event timeline

Presence on blacklists