IP address

Search at other sites:
.37045.91.64.8scan.f6.security
Shodan(more info)
Passive DNS
Tags:
IP blacklists
CI Army
45.91.64.8 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-04-09 02:50:00.959000
Was present on blacklist at: 2026-02-14 03:50, 2026-02-15 03:50, 2026-02-16 03:50, 2026-02-17 03:50, 2026-02-18 03:50, 2026-02-19 03:50, 2026-02-20 03:50, 2026-02-21 03:50, 2026-03-20 03:50, 2026-03-22 03:50, 2026-03-23 03:50, 2026-03-24 03:50, 2026-03-25 03:50, 2026-04-06 02:50, 2026-04-07 02:50, 2026-04-08 02:50, 2026-04-09 02:50
DataPlane VNC RFB
45.91.64.8 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-22 15:10:00.797000
Was present on blacklist at: 2026-02-13 15:10, 2026-02-13 19:10, 2026-02-13 23:10, 2026-02-14 03:10, 2026-02-14 07:10, 2026-02-14 11:10, 2026-02-14 15:10, 2026-02-14 19:10, 2026-02-14 23:10, 2026-02-15 03:10, 2026-02-15 07:10, 2026-02-15 11:10, 2026-02-15 15:10, 2026-02-15 19:10, 2026-02-15 23:10, 2026-02-16 03:10, 2026-02-16 07:10, 2026-02-16 11:10, 2026-02-16 15:10, 2026-02-16 19:10, 2026-02-16 23:10, 2026-02-17 03:10, 2026-02-17 07:10, 2026-02-17 11:10, 2026-02-17 15:10, 2026-02-17 19:10, 2026-02-17 23:10, 2026-02-18 03:10, 2026-02-18 07:10, 2026-02-18 11:10, 2026-02-18 15:10, 2026-02-18 19:10, 2026-02-18 23:10, 2026-02-19 03:10, 2026-02-19 07:10, 2026-02-19 11:10, 2026-02-19 15:10, 2026-02-19 19:10, 2026-02-19 23:10, 2026-02-20 03:10, 2026-02-20 07:10, 2026-02-20 11:10, 2026-02-20 15:10, 2026-02-20 19:10, 2026-02-20 23:10, 2026-02-21 03:10, 2026-02-21 07:10, 2026-02-21 11:10, 2026-02-21 15:10, 2026-02-21 19:10, 2026-02-21 23:10, 2026-02-22 03:10, 2026-02-22 07:10, 2026-02-22 11:10, 2026-02-22 15:10
AbuseIPDB
45.91.64.8 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-26 04:00:00.609000
Was present on blacklist at: 2026-02-14 05:00, 2026-02-17 05:00, 2026-02-28 05:00, 2026-03-19 05:00, 2026-03-26 05:00, 2026-03-29 04:00, 2026-04-01 04:00, 2026-04-04 04:00, 2026-04-05 04:00, 2026-04-06 04:00, 2026-04-07 04:00, 2026-04-08 04:00, 2026-04-11 04:00, 2026-04-12 04:00, 2026-04-13 04:00, 2026-04-14 04:00, 2026-04-15 04:00, 2026-04-16 04:00, 2026-04-20 04:00, 2026-04-21 04:00, 2026-04-26 04:00
UCEPROTECT L1
45.91.64.8 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-04-12 07:45:01.133000
Was present on blacklist at: 2026-02-14 16:45, 2026-02-15 00:45, 2026-02-15 08:45, 2026-02-16 00:45, 2026-02-16 16:45, 2026-02-17 00:45, 2026-02-18 00:45, 2026-03-19 16:45, 2026-03-20 00:45, 2026-03-20 08:45, 2026-03-20 16:45, 2026-03-21 00:45, 2026-03-21 08:45, 2026-03-21 16:45, 2026-03-22 00:45, 2026-03-22 08:45, 2026-03-22 16:45, 2026-03-23 00:45, 2026-03-23 08:45, 2026-03-23 16:45, 2026-03-24 00:45, 2026-03-24 08:45, 2026-03-24 16:45, 2026-03-25 00:45, 2026-03-25 08:45, 2026-03-25 16:45, 2026-03-26 00:45, 2026-03-26 08:45, 2026-03-26 16:45, 2026-04-04 07:45, 2026-04-04 15:45, 2026-04-04 23:45, 2026-04-05 07:45, 2026-04-05 15:45, 2026-04-05 23:45, 2026-04-06 07:45, 2026-04-06 15:45, 2026-04-06 23:45, 2026-04-07 07:45, 2026-04-07 15:45, 2026-04-07 23:45, 2026-04-08 07:45, 2026-04-08 15:45, 2026-04-08 23:45, 2026-04-09 07:45, 2026-04-09 15:45, 2026-04-09 23:45, 2026-04-10 07:45, 2026-04-10 15:45, 2026-04-10 23:45, 2026-04-11 07:45, 2026-04-11 15:45, 2026-04-11 23:45, 2026-04-12 07:45
Turris greylist
45.91.64.8 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-18 22:15:00.144000
Was present on blacklist at: 2026-02-13 22:15, 2026-02-14 22:15, 2026-02-15 22:15, 2026-02-16 22:15, 2026-02-17 22:15, 2026-02-18 22:15
Spamhaus SBL CSS
45.91.64.8 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-05-14 13:04:30.507000
Was present on blacklist at: 2026-02-19 13:04
Spamhaus XBL CBL
45.91.64.8 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-05-14 13:04:30.507000
Was present on blacklist at: 2026-02-19 13:04, 2026-02-26 13:04, 2026-03-05 13:04, 2026-03-12 13:04, 2026-03-19 13:04, 2026-03-26 13:04, 2026-04-02 13:04, 2026-04-09 13:04, 2026-04-16 13:04, 2026-04-23 13:04, 2026-04-30 13:04, 2026-05-07 13:04, 2026-05-14 13:04
blocklist.de SSH
45.91.64.8 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-04-05 16:05:00.396000
Was present on blacklist at: 2026-02-14 05:05, 2026-02-14 11:05, 2026-02-14 17:05, 2026-02-14 23:05, 2026-02-15 05:05, 2026-02-15 11:05, 2026-02-15 17:05, 2026-02-15 23:05, 2026-04-03 22:05, 2026-04-04 04:05, 2026-04-04 10:05, 2026-04-04 16:05, 2026-04-04 22:05, 2026-04-05 04:05, 2026-04-05 10:05, 2026-04-05 16:05
DataPlane SMTP greeting
45.91.64.8 is listed on the DataPlane SMTP greeting blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs that are<br>identified as SMTP clients issuing unsolicited HELO or EHLO commands.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-23 23:10:00.954000
Was present on blacklist at: 2026-02-13 15:10, 2026-02-13 19:10, 2026-02-13 23:10, 2026-02-14 03:10, 2026-02-14 07:10, 2026-02-14 11:10, 2026-02-14 15:10, 2026-02-14 19:10, 2026-02-14 23:10, 2026-02-15 03:10, 2026-02-15 07:10, 2026-02-15 11:10, 2026-02-15 15:10, 2026-02-15 19:10, 2026-02-15 23:10, 2026-02-16 03:10, 2026-02-16 07:10, 2026-02-16 11:10, 2026-02-16 15:10, 2026-02-16 19:10, 2026-02-16 23:10, 2026-02-17 03:10, 2026-02-17 07:10, 2026-02-17 11:10, 2026-02-17 15:10, 2026-02-17 19:10, 2026-02-17 23:10, 2026-02-18 03:10, 2026-02-18 07:10, 2026-02-18 11:10, 2026-02-18 15:10, 2026-02-18 19:10, 2026-02-18 23:10, 2026-02-19 03:10, 2026-02-19 07:10, 2026-02-19 11:10, 2026-02-19 15:10, 2026-02-19 19:10, 2026-02-19 23:10, 2026-02-20 03:10, 2026-02-20 07:10, 2026-02-20 11:10, 2026-02-20 15:10, 2026-02-20 19:10, 2026-02-20 23:10, 2026-02-21 03:10, 2026-02-21 07:10, 2026-02-21 11:10, 2026-02-21 15:10, 2026-02-21 19:10, 2026-02-21 23:10, 2026-02-22 03:10, 2026-02-22 07:10, 2026-02-22 11:10, 2026-02-22 15:10, 2026-02-22 19:10, 2026-02-22 23:10, 2026-02-23 03:10, 2026-02-23 07:10, 2026-02-23 11:10, 2026-02-23 15:10, 2026-02-23 19:10, 2026-02-23 23:10
blocklist.de Apache
45.91.64.8 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-05-13 22:05:00.359000
Was present on blacklist at: 2026-02-26 23:05, 2026-02-27 05:05, 2026-02-27 11:05, 2026-02-27 17:05, 2026-02-27 23:05, 2026-02-28 05:05, 2026-02-28 11:05, 2026-02-28 17:05, 2026-03-09 11:05, 2026-03-09 17:05, 2026-03-09 23:05, 2026-03-10 05:05, 2026-03-10 11:05, 2026-03-10 17:05, 2026-03-10 23:05, 2026-03-17 23:05, 2026-03-18 05:05, 2026-03-18 11:05, 2026-03-18 17:05, 2026-03-18 23:05, 2026-03-19 05:05, 2026-03-19 11:05, 2026-03-19 17:05, 2026-03-20 05:05, 2026-03-20 11:05, 2026-03-20 17:05, 2026-03-20 23:05, 2026-03-21 05:05, 2026-03-21 11:05, 2026-03-21 17:05, 2026-03-21 23:05, 2026-04-24 04:05, 2026-04-24 16:05, 2026-04-24 22:05, 2026-04-25 22:05, 2026-04-28 22:05, 2026-04-29 04:05, 2026-04-29 10:05, 2026-04-29 16:05, 2026-04-29 22:05, 2026-04-30 04:05, 2026-04-30 10:05, 2026-04-30 16:05, 2026-05-04 04:05, 2026-05-04 10:05, 2026-05-04 16:05, 2026-05-04 22:05, 2026-05-05 04:05, 2026-05-05 10:05, 2026-05-05 16:05, 2026-05-09 22:05, 2026-05-10 04:05, 2026-05-10 10:05, 2026-05-10 16:05, 2026-05-10 22:05, 2026-05-11 04:05, 2026-05-11 10:05, 2026-05-11 16:05, 2026-05-12 04:05, 2026-05-12 10:05, 2026-05-12 16:05, 2026-05-12 22:05, 2026-05-13 04:05, 2026-05-13 10:05, 2026-05-13 16:05, 2026-05-13 22:05
Echelon TLS/SSL crawler
45.91.64.8 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-05-13 09:40:04.156000
Was present on blacklist at: 2026-03-05 10:40, 2026-03-06 10:40, 2026-03-14 10:40, 2026-03-15 10:40, 2026-03-16 10:40, 2026-03-17 10:40, 2026-03-18 10:40, 2026-03-19 10:40, 2026-03-20 10:40, 2026-03-25 10:40, 2026-03-26 10:40, 2026-03-27 10:40, 2026-03-28 10:40, 2026-03-29 09:40, 2026-03-30 09:40, 2026-03-31 09:40, 2026-04-01 09:40, 2026-04-02 09:40, 2026-04-04 09:40, 2026-04-05 09:40, 2026-04-06 09:40, 2026-04-07 09:40, 2026-04-08 09:40, 2026-04-09 09:40, 2026-04-10 09:40, 2026-04-12 09:40, 2026-04-14 09:40, 2026-04-15 09:40, 2026-04-16 09:40, 2026-04-17 09:40, 2026-04-19 09:40, 2026-04-20 09:40, 2026-04-21 09:40, 2026-04-22 09:40, 2026-04-23 09:40, 2026-05-07 09:40, 2026-05-08 09:40, 2026-05-09 09:40, 2026-05-10 09:40, 2026-05-11 09:40, 2026-05-12 09:40, 2026-05-13 09:40
Echelon web crawler
45.91.64.8 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-05-12 09:50:02.739000
Was present on blacklist at: 2026-03-05 10:50, 2026-03-06 10:50, 2026-03-20 10:50, 2026-03-21 10:50, 2026-03-22 10:50, 2026-03-23 10:50, 2026-03-24 10:50, 2026-03-25 10:50, 2026-03-26 10:50, 2026-03-27 10:50, 2026-03-28 10:50, 2026-03-29 09:50, 2026-03-30 09:50, 2026-03-31 09:50, 2026-04-01 09:50, 2026-04-02 09:50, 2026-04-03 09:50, 2026-04-04 09:50, 2026-04-05 09:50, 2026-04-06 09:50, 2026-04-07 09:50, 2026-04-08 09:50, 2026-04-09 09:50, 2026-04-10 09:50, 2026-04-11 09:50, 2026-04-12 09:50, 2026-04-14 09:50, 2026-04-15 09:50, 2026-04-16 09:50, 2026-04-17 09:50, 2026-04-19 09:50, 2026-04-20 09:50, 2026-04-21 09:50, 2026-04-22 09:50, 2026-04-23 09:50, 2026-04-29 09:50, 2026-04-30 09:50, 2026-05-01 09:50, 2026-05-03 09:50, 2026-05-07 09:50, 2026-05-08 09:50, 2026-05-09 09:50, 2026-05-10 09:50, 2026-05-11 09:50, 2026-05-12 09:50
Echelon CMS enumeration
45.91.64.8 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-04-16 09:05:01.490000
Was present on blacklist at: 2026-04-09 09:05, 2026-04-10 09:05, 2026-04-11 09:05, 2026-04-12 09:05, 2026-04-13 09:05, 2026-04-14 09:05, 2026-04-15 09:05, 2026-04-16 09:05
Echelon WordPress enumeration
45.91.64.8 is listed on the Echelon WordPress enumeration blacklist.

Description: WordPress user and plugin enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-04-16 09:55:00.678000
Was present on blacklist at: 2026-04-09 09:55, 2026-04-10 09:55, 2026-04-11 09:55, 2026-04-12 09:55, 2026-04-14 09:55, 2026-04-15 09:55, 2026-04-16 09:55

Threat categories

TLRoleCategoryDetails
43 src
35 src scan
Warden events (59)
2026-04-06
AnomalyTraffic (node.6a1878): 1
ReconScanning (node.4dc198): 1
2026-04-04
ReconScanning (node.368407): 2
AnomalyTraffic (node.6a1878): 1
2026-04-03
ReconScanning (node.368407): 1
2026-03-22
AttemptLogin (node.b17ef8): 1
2026-03-21
AnomalyTraffic (node.6a1878): 3
ReconScanning (node.4dc198): 2
AttemptLogin (node.28c168): 1
2026-03-20
AnomalyTraffic (node.6a1878): 2
ReconScanning (node.4dc198): 1
ReconScanning (node.368407): 1
2026-03-19
ReconScanning (node.368407): 1
AttemptLogin (node.03e7a9): 1
2026-03-18
AttemptLogin (node.03e7a9): 1
ReconScanning (node.368407): 1
2026-02-18
AnomalyTraffic (node.ffe95c): 3
AnomalyTraffic (node.86dac8): 3
ReconScanning (node.4dc198): 8
2026-02-17
AnomalyTraffic (node.86dac8): 3
ReconScanning (node.4dc198): 5
AnomalyTraffic (node.ffe95c): 3
2026-02-15
AnomalyTraffic (node.ffe95c): 1
ReconScanning (node.4dc198): 1
2026-02-14
AnomalyTraffic (node.ffe95c): 1
ReconScanning (node.4dc198): 1
ReconScanning (node.368407): 2
2026-02-13
AttemptLogin (node.03e7a9): 1
ReconScanning (node.368407): 1
AnomalyTraffic (node.ffe95c): 3
ReconScanning (node.4dc198): 2
DShield reports (IP summary, reports)
2026-03-04
Number of reports: 20
Distinct targets: 4
2026-03-05
Number of reports: 20
Distinct targets: 4
2026-03-16
Number of reports: 13
Distinct targets: 3
2026-03-17
Number of reports: 10
Distinct targets: 4
2026-03-18
Number of reports: 173
Distinct targets: 60
2026-03-19
Number of reports: 456
Distinct targets: 138
2026-03-20
Number of reports: 300
Distinct targets: 113
2026-03-21
Number of reports: 327
Distinct targets: 112
2026-03-22
Number of reports: 215
Distinct targets: 77
2026-03-23
Number of reports: 59
Distinct targets: 16
2026-03-24
Number of reports: 59
Distinct targets: 16
2026-03-25
Number of reports: 68
Distinct targets: 9
2026-03-26
Number of reports: 68
Distinct targets: 9
2026-03-27
Number of reports: 42
Distinct targets: 9
2026-03-28
Number of reports: 100
Distinct targets: 16
2026-03-29
Number of reports: 100
Distinct targets: 16
2026-03-30
Number of reports: 112
Distinct targets: 17
2026-03-31
Number of reports: 112
Distinct targets: 17
2026-04-01
Number of reports: 129
Distinct targets: 26
2026-04-02
Number of reports: 48
Distinct targets: 8
2026-04-03
Number of reports: 1040
Distinct targets: 383
2026-04-04
Number of reports: 987
Distinct targets: 286
2026-04-05
Number of reports: 450
Distinct targets: 151
2026-04-06
Number of reports: 335
Distinct targets: 60
2026-04-07
Number of reports: 140
Distinct targets: 34
2026-04-08
Number of reports: 116
Distinct targets: 20
2026-04-09
Number of reports: 58
Distinct targets: 12
2026-04-10
Number of reports: 38
Distinct targets: 10
2026-04-11
Number of reports: 84
Distinct targets: 13
2026-04-12
Number of reports: 110
Distinct targets: 16
2026-04-13
Number of reports: 52
Distinct targets: 9
2026-04-14
Number of reports: 71
Distinct targets: 13
2026-04-15
Number of reports: 71
Distinct targets: 13
2026-04-16
Number of reports: 50
Distinct targets: 9
2026-04-17
Number of reports: 85
Distinct targets: 15
2026-04-18
Number of reports: 85
Distinct targets: 15
2026-04-19
Number of reports: 74
Distinct targets: 12
2026-04-20
Number of reports: 36
Distinct targets: 7
2026-04-21
Number of reports: 45
Distinct targets: 13
2026-04-22
Number of reports: 78
Distinct targets: 12
2026-04-23
Number of reports: 89
Distinct targets: 11
2026-04-24
Number of reports: 53
Distinct targets: 10
2026-04-25
Number of reports: 90
Distinct targets: 12
2026-04-26
Number of reports: 46
Distinct targets: 9
2026-04-27
Number of reports: 46
Distinct targets: 9
2026-04-28
Number of reports: 54
Distinct targets: 13
2026-05-04
Number of reports: 14
Distinct targets: 3
OTX pulses
[602bc528f447d628d41494f2] 2021-02-16 13:14:16.945000 | Ka's Honeypot visitors
Author name:Kapppppa
Pulse modified:2026-03-11 11:01:26.044000
Indicator created:2026-02-13 00:45:43
Indicator role:bruteforce
Indicator title:Telnet Login attempt
Indicator expiration:2026-03-15 00:00:00
Origin AS
AS214664 - Buduschee
BGP Prefix
45.91.64.0/24
geo
Russia
🕑 Europe/Moscow
hostname
scan.f6.security
Address block ('inetnum' or 'NetRange' in whois database)
45.91.64.0 - 45.91.64.255
last_activity
2026-04-06 11:13:57
last_warden_event
2026-04-06 11:13:57
rep
0.3700406703154794
reserved_range
0
ts_added
2025-12-18 13:04:27.073000
ts_last_update
2026-05-14 13:04:30.600000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses