Spamhaus PBL
116.99.50.13 is listed on the Spamhaus PBL blacklist.
Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed:
secondary (DNSBL) (
feed detail page)
Last checked at:
2026-06-29 18:23:50.782000
Was present on blacklist at:
2026-05-04 18:23,
2026-05-11 18:23,
2026-05-18 18:23,
2026-05-25 18:23,
2026-06-01 18:23,
2026-06-22 18:23,
2026-06-29 18:23
blocklist.de SSH
116.99.50.13 is listed on the blocklist.de SSH blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-16 22:05:05.094000
Was present on blacklist at:
2026-05-05 04:05,
2026-05-05 10:05,
2026-05-05 16:05,
2026-05-06 04:05,
2026-05-06 10:05,
2026-05-06 16:05,
2026-05-06 22:05,
2026-05-13 16:05,
2026-05-13 22:05,
2026-05-14 04:05,
2026-05-14 10:05,
2026-05-14 16:05,
2026-05-14 22:05,
2026-05-15 04:05,
2026-05-15 10:05,
2026-05-15 16:05,
2026-05-15 22:05,
2026-05-16 04:05,
2026-05-16 10:05,
2026-05-16 16:05,
2026-05-16 22:05
AbuseIPDB
116.99.50.13 is listed on the AbuseIPDB blacklist.
Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-31 04:00:00.611000
Was present on blacklist at:
2026-05-06 04:00,
2026-05-08 04:00,
2026-05-10 04:00,
2026-05-13 04:00,
2026-05-14 04:00,
2026-05-15 04:00,
2026-05-16 04:00,
2026-05-17 04:00,
2026-05-18 04:00,
2026-05-19 04:00,
2026-05-20 04:00,
2026-05-21 04:00,
2026-05-22 04:00,
2026-05-24 04:00,
2026-05-25 04:00,
2026-05-26 04:00,
2026-05-27 04:00,
2026-05-28 04:00,
2026-05-29 04:00,
2026-05-30 04:00,
2026-05-31 04:00
blocklist.de web-login
116.99.50.13 is listed on the blocklist.de web-login blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-18 22:05:00.109000
Was present on blacklist at:
2026-05-07 04:05,
2026-05-07 10:05,
2026-05-07 16:05,
2026-05-07 22:05,
2026-05-08 04:05,
2026-05-17 04:05,
2026-05-17 10:05,
2026-05-17 16:05,
2026-05-17 22:05,
2026-05-18 04:05,
2026-05-18 10:05,
2026-05-18 16:05,
2026-05-18 22:05
blocklist.de Apache
116.99.50.13 is listed on the blocklist.de Apache blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-18 22:05:00.340000
Was present on blacklist at:
2026-05-07 04:05,
2026-05-07 10:05,
2026-05-07 16:05,
2026-05-07 22:05,
2026-05-08 04:05,
2026-05-17 04:05,
2026-05-17 10:05,
2026-05-17 16:05,
2026-05-17 22:05,
2026-05-18 04:05,
2026-05-18 10:05,
2026-05-18 16:05,
2026-05-18 22:05
Echelon SSH bruteforce
116.99.50.13 is listed on the Echelon SSH bruteforce blacklist.
Description: Multiple SSH authentication attempts detected
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-20 09:35:00.475000
Was present on blacklist at:
2026-05-07 09:35,
2026-05-08 09:35,
2026-05-09 09:35,
2026-05-10 09:35,
2026-05-11 09:35,
2026-05-12 09:35,
2026-05-18 09:35,
2026-05-19 09:35,
2026-05-20 09:35
CI Army
116.99.50.13 is listed on the CI Army blacklist.
Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-16 02:50:00.792000
Was present on blacklist at:
2026-05-08 02:50,
2026-05-09 02:50,
2026-05-10 02:50,
2026-05-11 02:50,
2026-05-12 02:50,
2026-05-13 02:50,
2026-05-14 02:50,
2026-05-15 02:50,
2026-05-16 02:50
Echelon admin panel hunt
116.99.50.13 is listed on the Echelon admin panel hunt blacklist.
Description: Scanning for administrative interfaces
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-13 09:05:07.820000
Was present on blacklist at:
2026-05-08 09:05,
2026-05-09 09:05,
2026-05-10 09:05,
2026-05-11 09:05,
2026-05-12 09:05,
2026-05-13 09:05
Echelon CMS enumeration
116.99.50.13 is listed on the Echelon CMS enumeration blacklist.
Description: Content management system discovery and enumeration
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-13 09:05:08.607000
Was present on blacklist at:
2026-05-08 09:05,
2026-05-09 09:05,
2026-05-10 09:05,
2026-05-11 09:05,
2026-05-12 09:05,
2026-05-13 09:05
Echelon database admin hunt
116.99.50.13 is listed on the Echelon database admin hunt blacklist.
Description: Scanning for database admin interfaces (phpMyAdmin, etc.)
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-13 09:10:03.170000
Was present on blacklist at:
2026-05-08 09:10,
2026-05-09 09:10,
2026-05-10 09:10,
2026-05-11 09:10,
2026-05-12 09:10,
2026-05-13 09:10
Echelon directory traversal
116.99.50.13 is listed on the Echelon directory traversal blacklist.
Description: Path traversal attack attempting to access restricted files
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-13 09:15:03.216000
Was present on blacklist at:
2026-05-08 09:15,
2026-05-09 09:15,
2026-05-10 09:15,
2026-05-11 09:15,
2026-05-12 09:15,
2026-05-13 09:15
Echelon web crawler
116.99.50.13 is listed on the Echelon web crawler blacklist.
Description: HTTP web crawling activity detected on web honeypots
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-12 09:50:02.739000
Was present on blacklist at:
2026-05-08 09:50,
2026-05-09 09:50,
2026-05-10 09:50,
2026-05-11 09:50,
2026-05-12 09:50
blocklist.de bots
116.99.50.13 is listed on the blocklist.de bots blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the RFI-Attacks,<br>REG-Bots, IRC-Bots or BadBots.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-06-02 22:05:00.108000
Was present on blacklist at:
2026-05-08 10:05,
2026-05-08 16:05,
2026-05-08 22:05,
2026-05-09 04:05,
2026-05-09 10:05,
2026-05-09 16:05,
2026-05-09 22:05,
2026-05-10 04:05,
2026-05-12 10:05,
2026-05-12 16:05,
2026-05-12 22:05,
2026-05-13 04:05,
2026-05-13 10:05,
2026-05-19 16:05,
2026-05-19 22:05,
2026-05-20 04:05,
2026-05-20 10:05,
2026-05-20 16:05,
2026-05-20 22:05,
2026-05-21 04:05,
2026-05-21 10:05,
2026-05-21 16:05,
2026-05-21 22:05,
2026-05-22 04:05,
2026-05-22 10:05,
2026-06-01 04:05,
2026-06-01 10:05,
2026-06-01 16:05,
2026-06-01 22:05,
2026-06-02 04:05,
2026-06-02 10:05,
2026-06-02 16:05,
2026-06-02 22:05
Spamhaus XBL CBL
116.99.50.13 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.
Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed:
secondary (DNSBL) (
feed detail page)
Last checked at:
2026-06-29 18:23:50.782000
Was present on blacklist at:
2026-05-11 18:23,
2026-05-18 18:23,
2026-05-25 18:23
Echelon TLS/SSL crawler
116.99.50.13 is listed on the Echelon TLS/SSL crawler blacklist.
Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-20 09:40:00.282000
Was present on blacklist at:
2026-05-13 09:40,
2026-05-19 09:40,
2026-05-20 09:40
Echelon SSH connection attempt
116.99.50.13 is listed on the Echelon SSH connection attempt blacklist.
Description: SSH connection attempt detected on port 22 or 2222
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-20 09:35:00.311000
Was present on blacklist at:
2026-05-18 09:35,
2026-05-19 09:35,
2026-05-20 09:35
Echelon telnet bruteforce
116.99.50.13 is listed on the Echelon telnet bruteforce blacklist.
Description: Multiple telnet authentication attempts detected
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-20 09:45:00.359000
Was present on blacklist at:
2026-05-18 09:45,
2026-05-19 09:45,
2026-05-20 09:45
UCEPROTECT L1
116.99.50.13 is listed on the UCEPROTECT L1 blacklist.
Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-27 07:45:00.589000
Was present on blacklist at:
2026-05-20 15:45,
2026-05-20 23:45,
2026-05-21 07:45,
2026-05-21 15:45,
2026-05-22 07:45,
2026-05-23 15:45,
2026-05-23 23:45,
2026-05-24 07:45,
2026-05-24 15:45,
2026-05-24 23:45,
2026-05-25 07:45,
2026-05-25 15:45,
2026-05-25 23:45,
2026-05-26 07:45,
2026-05-26 15:45,
2026-05-26 23:45,
2026-05-27 07:45