IP address

Search at other sites:

.4763.134.148.59scan.cypex.ai

Shodan(more info)

Passive DNS

IP blacklists

UCEPROTECT L1

3.134.148.59 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-21 07:45:00.716000
Was present on blacklist at: 2025-06-05 23:45, 2025-06-06 07:45, 2025-06-06 15:45, 2025-06-06 23:45, 2025-06-07 07:45, 2025-06-07 15:45, 2025-06-07 23:45, 2025-06-08 07:45, 2025-06-08 15:45, 2025-06-08 23:45, 2025-06-09 07:45, 2025-06-09 15:45, 2025-06-09 23:45, 2025-06-10 07:45, 2025-06-10 15:45, 2025-06-10 23:45, 2025-06-11 07:45, 2025-06-11 15:45, 2025-06-11 23:45, 2025-06-12 07:45, 2025-06-12 15:45, 2025-06-12 23:45, 2025-06-13 07:45, 2025-06-13 15:45, 2025-06-13 23:45, 2025-06-14 07:45, 2025-06-14 15:45, 2025-06-14 23:45, 2025-06-15 07:45, 2025-06-15 15:45, 2025-06-15 23:45, 2025-06-16 07:45, 2025-06-16 15:45, 2025-06-16 23:45, 2025-06-17 07:45, 2025-06-17 15:45, 2025-06-17 23:45, 2025-06-18 07:45, 2025-06-18 15:45, 2025-06-18 23:45, 2025-06-19 07:45, 2025-06-19 15:45, 2025-06-19 23:45, 2025-06-20 07:45, 2025-06-20 15:45, 2025-06-20 23:45, 2025-06-21 07:45

blocklist.de SSH

3.134.148.59 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-19 22:05:00.540000
Was present on blacklist at: 2025-06-06 10:05, 2025-06-06 16:05, 2025-06-06 22:05, 2025-06-07 04:05, 2025-06-07 10:05, 2025-06-07 16:05, 2025-06-07 22:05, 2025-06-08 04:05, 2025-06-12 10:05, 2025-06-12 16:05, 2025-06-12 22:05, 2025-06-13 04:05, 2025-06-13 10:05, 2025-06-13 16:05, 2025-06-13 22:05, 2025-06-14 04:05, 2025-06-14 16:05, 2025-06-14 22:05, 2025-06-15 04:05, 2025-06-15 10:05, 2025-06-15 16:05, 2025-06-15 22:05, 2025-06-16 04:05, 2025-06-16 10:05, 2025-06-16 16:05, 2025-06-16 22:05, 2025-06-17 04:05, 2025-06-17 10:05, 2025-06-17 16:05, 2025-06-17 22:05, 2025-06-18 04:05, 2025-06-18 10:05, 2025-06-18 16:05, 2025-06-18 22:05, 2025-06-19 04:05, 2025-06-19 10:05, 2025-06-19 16:05, 2025-06-19 22:05

Turris greylist

3.134.148.59 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-20 21:15:00.194000
Was present on blacklist at: 2025-06-06 21:15, 2025-06-07 21:15, 2025-06-08 21:15, 2025-06-10 21:15, 2025-06-11 21:15, 2025-06-12 21:15, 2025-06-13 21:15, 2025-06-14 21:15, 2025-06-15 21:15, 2025-06-16 21:15, 2025-06-17 21:15, 2025-06-18 21:15, 2025-06-19 21:15, 2025-06-20 21:15

DataPlane TELNET login

3.134.148.59 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-21 06:10:03.073000
Was present on blacklist at: 2025-06-07 02:10, 2025-06-07 06:10, 2025-06-07 14:10, 2025-06-07 18:10, 2025-06-08 02:10, 2025-06-08 06:10, 2025-06-08 14:10, 2025-06-08 18:10, 2025-06-09 02:10, 2025-06-09 06:10, 2025-06-09 14:10, 2025-06-09 18:10, 2025-06-10 02:10, 2025-06-10 06:10, 2025-06-10 14:10, 2025-06-10 18:10, 2025-06-11 02:10, 2025-06-11 06:10, 2025-06-11 14:10, 2025-06-11 18:10, 2025-06-12 02:10, 2025-06-12 06:10, 2025-06-12 14:10, 2025-06-12 18:10, 2025-06-13 02:10, 2025-06-13 06:10, 2025-06-13 14:10, 2025-06-13 18:10, 2025-06-14 02:10, 2025-06-14 06:10, 2025-06-14 14:10, 2025-06-14 18:10, 2025-06-15 02:10, 2025-06-15 06:10, 2025-06-15 14:10, 2025-06-15 18:10, 2025-06-16 02:10, 2025-06-16 06:10, 2025-06-16 18:10, 2025-06-17 02:10, 2025-06-17 06:10, 2025-06-17 14:10, 2025-06-17 18:10, 2025-06-18 02:10, 2025-06-18 06:10, 2025-06-18 14:10, 2025-06-18 18:10, 2025-06-19 02:10, 2025-06-19 06:10, 2025-06-19 14:10, 2025-06-19 18:10, 2025-06-20 02:10, 2025-06-20 06:10, 2025-06-20 14:10, 2025-06-20 18:10, 2025-06-21 02:10, 2025-06-21 06:10

AbuseIPDB

3.134.148.59 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-06-18 04:00:00.764000
Was present on blacklist at: 2025-06-08 04:00, 2025-06-09 04:00, 2025-06-10 04:00, 2025-06-15 04:00, 2025-06-16 04:00, 2025-06-18 04:00

Spamhaus XBL CBL

3.134.148.59 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-06-19 23:57:32.121000
Was present on blacklist at: 2025-06-12 23:57, 2025-06-19 23:57

CI Army

3.134.148.59 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-06-18 02:50:00.898000
Was present on blacklist at: 2025-06-13 02:50, 2025-06-15 02:50, 2025-06-16 02:50, 2025-06-17 02:50, 2025-06-18 02:50

Warden events (1396)

2025-06-19

IntrusionUserCompromise (node.cfb4f7): 234

2025-06-18

IntrusionUserCompromise (node.cfb4f7): 132

AttemptLogin (node.03e7a9): 2

2025-06-16

IntrusionUserCompromise (node.cfb4f7): 308

AttemptLogin (node.b17ef8): 2

AttemptLogin (node.9c160c): 2

2025-06-15

IntrusionUserCompromise (node.cfb4f7): 207

AttemptLogin (node.03e7a9): 2

AttemptLogin (node.b17ef8): 2

AttemptLogin (node.7c0a3c): 2

AttemptLogin (node.9c160c): 2

2025-06-14

AttemptLogin (node.9c160c): 2

AttemptLogin (node.b17ef8): 2

AttemptLogin (node.03e7a9): 1

2025-06-12

AttemptLogin (node.9c160c): 2

AttemptLogin (node.03e7a9): 2

2025-06-11

IntrusionUserCompromise (node.cfb4f7): 22

2025-06-10

IntrusionUserCompromise (node.cfb4f7): 75

2025-06-09

IntrusionUserCompromise (node.cfb4f7): 347

2025-06-06

IntrusionUserCompromise (node.cfb4f7): 48

DShield reports (IP summary, reports)

2025-06-05

Number of reports: 181

Distinct targets: 13

2025-06-06

Number of reports: 2265

Distinct targets: 215

2025-06-07

Number of reports: 572

Distinct targets: 76

2025-06-08

Number of reports: 793

Distinct targets: 80

2025-06-09

Number of reports: 2862

Distinct targets: 255

2025-06-10

Number of reports: 2689

Distinct targets: 203

2025-06-11

Number of reports: 554

Distinct targets: 56

2025-06-12

Number of reports: 969

Distinct targets: 115

2025-06-13

Number of reports: 118

Distinct targets: 17

2025-06-14

Number of reports: 1462

Distinct targets: 189

2025-06-15

Number of reports: 2275

Distinct targets: 344

2025-06-16

Number of reports: 1275

Distinct targets: 186

2025-06-17

Number of reports: 62

Distinct targets: 10

2025-06-18

Number of reports: 2701

Distinct targets: 292

2025-06-19

Number of reports: 684

Distinct targets: 96

2025-06-20

Number of reports: 1449

Distinct targets: 214

OTX pulses

[68500e40b81e61d2d7a34e38] 2025-06-16 12:29:52.398000 | Redis honeypot logs for 2025-06-16

Author name:	jnazario
Pulse modified:	2025-06-16 12:29:52.398000
Indicator created:	2025-06-16 12:29:53
Indicator role:	None
Indicator title:
Indicator expiration:	2025-07-16 12:00:00

[68515fe0fa95b753a1d92446] 2025-06-17 12:30:24.737000 | RDP honeypot logs for 2025/06/17

Author name:	jnazario
Pulse modified:	2025-06-17 12:30:24.737000
Indicator created:	2025-06-17 12:30:25
Indicator role:	None
Indicator title:
Indicator expiration:	2025-07-17 12:00:00

Origin AS

AS16509 - AMAZON-02

BGP Prefix

3.132.0.0/14

geo

United States

🕑 America/Chicago

hostname

scan.cypex.ai

Address block ('inetnum' or 'NetRange' in whois database)

3.128.0.0 - 3.255.255.255

last_activity

2025-06-19 06:03:37

last_warden_event

2025-06-19 06:03:37

rep

0.4758928571428571

reserved_range

0

ts_added

2025-06-05 23:57:29.359000

ts_last_update

2025-06-21 07:58:58.202000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses