IP address

Search at other sites:

.101112.185.130.37

Shodan(more info)

Passive DNS

IP blacklists

CI Army

112.185.130.37 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-12-20 03:50:00.995000
Was present on blacklist at: 2025-11-27 03:50, 2025-11-29 03:50, 2025-11-30 03:50, 2025-12-01 03:50, 2025-12-03 03:50, 2025-12-04 03:50, 2025-12-05 03:50, 2025-12-06 03:50, 2025-12-09 03:50, 2025-12-11 03:50, 2025-12-20 03:50

Warden events (7)

2025-12-15

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 1

2025-12-14

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 1

2025-12-10

ReconScanning (node.368407): 1

2025-11-26

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.4dc198): 1

Origin AS

AS4766 - KIXS-AS-KR KIXS-AS-KR-KR

BGP Prefix

112.176.0.0/12

geo

South Korea, Geochang-gun

🕑 Asia/Seoul

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

112.160.0.0 - 112.191.255.255

last_activity

2025-12-15 15:52:01

last_warden_event

2025-12-15 15:52:01

rep

0.1005952380952381

reserved_range

0

Shodan's InternetDB

Open ports: 21, 80, 5357

Tags: –

CPEs: cpe:/a:microsoft:internet_information_services:10.0, cpe:/o:microsoft:windows

ts_added

2025-11-26 09:55:43.736000

ts_last_update

2025-12-20 09:55:50.032000

Warden event timeline

DShield event timeline

Presence on blacklists