IP address

Passive DNS

Tags: Scanner

IP blacklists

UCEPROTECT L1

45.116.79.13 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-08 15:45:01.193000
Was present on blacklist at: 2025-04-26 23:45, 2025-04-27 07:45, 2025-04-27 15:45, 2025-04-27 23:45, 2025-04-28 07:45, 2025-04-28 15:45, 2025-04-28 23:45, 2025-04-29 07:45, 2025-04-29 15:45, 2025-04-29 23:45, 2025-04-30 07:45, 2025-04-30 15:45, 2025-04-30 23:45, 2025-05-01 07:45, 2025-05-01 15:45, 2025-05-01 23:45, 2025-05-02 07:45, 2025-05-02 15:45, 2025-05-02 23:45, 2025-05-03 07:45, 2025-05-03 15:45, 2025-05-03 23:45, 2025-05-04 07:45, 2025-05-04 15:45, 2025-05-04 23:45, 2025-05-05 07:45, 2025-05-05 15:45, 2025-05-05 23:45, 2025-05-06 07:45, 2025-05-06 15:45, 2025-05-06 23:45, 2025-05-07 07:45, 2025-05-07 15:45, 2025-05-07 23:45, 2025-05-08 07:45, 2025-05-08 15:45

CI Army

45.116.79.13 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-08 02:50:01.016000
Was present on blacklist at: 2025-04-27 02:50, 2025-04-28 02:50, 2025-04-29 02:50, 2025-04-30 02:50, 2025-05-01 02:50, 2025-05-02 02:50, 2025-05-03 02:50, 2025-05-04 02:50, 2025-05-05 02:50, 2025-05-06 02:50, 2025-05-07 02:50, 2025-05-08 02:50

AbuseIPDB

45.116.79.13 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-08 04:00:00.624000
Was present on blacklist at: 2025-04-28 04:00, 2025-04-29 04:00, 2025-04-30 04:00, 2025-05-01 04:00, 2025-05-03 04:00, 2025-05-05 04:00, 2025-05-06 04:00, 2025-05-07 04:00, 2025-05-08 04:00

Turris greylist

45.116.79.13 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-07 21:15:00.189000
Was present on blacklist at: 2025-05-03 21:15, 2025-05-05 21:15, 2025-05-07 21:15

Warden events (120)

2025-05-08: IntrusionUserCompromise (node.cfb4f7): 3
2025-04-29: ReconScanning (node.4dc198): 4
2025-04-28: ReconScanning (node.4dc198): 60
2025-04-27: ReconScanning (node.4dc198): 53

DShield reports (IP summary, reports)

2025-04-26: Number of reports: 195; Distinct targets: 166
2025-04-27: Number of reports: 261; Distinct targets: 194
2025-04-28: Number of reports: 302; Distinct targets: 198
2025-04-29: Number of reports: 189; Distinct targets: 170
2025-04-30: Number of reports: 244; Distinct targets: 166
2025-05-01: Number of reports: 151; Distinct targets: 94
2025-05-02: Number of reports: 144; Distinct targets: 85
2025-05-03: Number of reports: 83; Distinct targets: 65
2025-05-04: Number of reports: 71; Distinct targets: 61
2025-05-05: Number of reports: 115; Distinct targets: 69
2025-05-06: Number of reports: 131; Distinct targets: 78
2025-05-07: Number of reports: 154; Distinct targets: 90

Origin AS: AS55933 - CLOUDIE-AS-AP
BGP Prefix: 45.116.76.0/22
geo: Hong Kong; 🕑 Asia/Hong_Kong
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 45.116.76.0 - 45.116.79.255
last_activity: 2025-05-08 18:57:12
last_warden_event: 2025-05-08 18:57:12
rep: 0.09583333333333331
reserved_range: 0
Shodan's InternetDB: Open ports: 22, 3000; Tags: –; CPEs: cpe:/a:openbsd:openssh:8.2p1, cpe:/a:rubyonrails:rails, cpe:/o:canonical:ubuntu_linux, cpe:/a:ruby-lang:ruby
ts_added: 2025-04-27 00:00:04.467000
ts_last_update: 2025-05-09 00:00:14.253000

Warden event timeline

DShield event timeline

Presence on blacklists