IP address

Search at other sites:
.375119.28.64.76
Shodan(more info)
Passive DNS
Tags:
IP blacklists
Spamhaus PBL
119.28.64.76 is listed on the Spamhaus PBL blacklist.

Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-03-29 14:15:50.050000
Was present on blacklist at: 2026-03-22 14:15, 2026-03-29 14:15
blocklist.de SSH
119.28.64.76 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-28 17:05:00.508000
Was present on blacklist at: 2026-03-23 05:05, 2026-03-23 11:05, 2026-03-23 17:05, 2026-03-23 23:05, 2026-03-24 05:05, 2026-03-24 11:05, 2026-03-24 17:05, 2026-03-24 23:05, 2026-03-25 05:05, 2026-03-25 11:05, 2026-03-25 23:05, 2026-03-26 05:05, 2026-03-26 11:05, 2026-03-26 17:05, 2026-03-26 23:05, 2026-03-27 05:05, 2026-03-27 11:05, 2026-03-27 17:05, 2026-03-27 23:05, 2026-03-28 05:05, 2026-03-28 11:05, 2026-03-28 17:05
CI Army
119.28.64.76 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-03-31 02:50:01.083000
Was present on blacklist at: 2026-03-25 03:50, 2026-03-26 03:50, 2026-03-27 03:50, 2026-03-28 03:50, 2026-03-29 02:50, 2026-03-30 02:50, 2026-03-31 02:50
AbuseIPDB
119.28.64.76 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-03-28 05:00:00.605000
Was present on blacklist at: 2026-03-25 05:00, 2026-03-26 05:00, 2026-03-27 05:00, 2026-03-28 05:00
Echelon admin panel hunt
119.28.64.76 is listed on the Echelon admin panel hunt blacklist.

Description: Scanning for administrative interfaces
Type of feed: primary (feed detail page)

Last checked at: 2026-04-01 09:05:00.694000
Was present on blacklist at: 2026-03-27 10:05, 2026-03-28 10:05, 2026-03-29 09:05, 2026-03-30 09:05, 2026-03-31 09:05, 2026-04-01 09:05
Echelon CMS enumeration
119.28.64.76 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-04-01 09:05:00.713000
Was present on blacklist at: 2026-03-27 10:05, 2026-03-28 10:05, 2026-03-29 09:05, 2026-03-30 09:05, 2026-03-31 09:05, 2026-04-01 09:05
Echelon database admin hunt
119.28.64.76 is listed on the Echelon database admin hunt blacklist.

Description: Scanning for database admin interfaces (phpMyAdmin, etc.)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-01 09:10:00.446000
Was present on blacklist at: 2026-03-27 10:10, 2026-03-28 10:10, 2026-03-29 09:10, 2026-03-30 09:10, 2026-03-31 09:10, 2026-04-01 09:10
Echelon directory traversal
119.28.64.76 is listed on the Echelon directory traversal blacklist.

Description: Path traversal attack attempting to access restricted files
Type of feed: primary (feed detail page)

Last checked at: 2026-04-01 09:15:00.480000
Was present on blacklist at: 2026-03-27 10:15, 2026-03-28 10:15, 2026-03-29 09:15, 2026-03-30 09:15, 2026-03-31 09:15, 2026-04-01 09:15
Echelon web crawler
119.28.64.76 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-04-01 09:50:00.563000
Was present on blacklist at: 2026-03-27 10:50, 2026-03-28 10:50, 2026-03-29 09:50, 2026-03-30 09:50, 2026-03-31 09:50, 2026-04-01 09:50
Spamhaus XBL CBL
119.28.64.76 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-03-29 14:15:50.050000
Was present on blacklist at: 2026-03-29 14:15

Threat categories

TLRoleCategoryDetails
72 src login protocol: ssh, telnet
port: 23
64 src scan port: 22, 23, 80, 443, 2222, 2375
31 src
25 src exploit protocol: http
Warden events (13686)
2026-03-29
ReconScanning (node.ce2b59): 4
2026-03-28
ReconScanning (node.ce2b59): 32
AttemptLogin (node.b17ef8): 5
IntrusionUserCompromise (node.cfb4f7): 3
2026-03-27
ReconScanning (node.ce2b59): 32
IntrusionUserCompromise (node.cfb4f7): 13
2026-03-26
ReconScanning (node.ce2b59): 32
IntrusionUserCompromise (node.cfb4f7): 76
2026-03-25
ReconScanning (node.ce2b59): 17
IntrusionUserCompromise (node.cfb4f7): 1
2026-03-24
IntrusionUserCompromise (node.cfb4f7): 1027
2026-03-23
IntrusionUserCompromise (node.cfb4f7): 9030
2026-03-22
IntrusionUserCompromise (node.cfb4f7): 3414
DShield reports (IP summary, reports)
2026-03-22
Number of reports: 32
Distinct targets: 9
2026-03-23
Number of reports: 11
Distinct targets: 6
2026-03-24
Number of reports: 11
Distinct targets: 6
2026-03-25
Number of reports: 124
Distinct targets: 29
2026-03-26
Number of reports: 124
Distinct targets: 29
2026-03-27
Number of reports: 78
Distinct targets: 23
2026-03-28
Number of reports: 113
Distinct targets: 35
2026-03-29
Number of reports: 113
Distinct targets: 35
Origin AS
AS132203 - TENCENT-NET-AP-CN
BGP Prefix
119.28.64.0/23
geo
Hong Kong, Hong Kong
🕑 Asia/Hong_Kong
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
119.28.0.0 - 119.29.255.255
last_activity
2026-03-29 02:37:12
last_warden_event
2026-03-29 02:37:12
rep
0.37529742831275575
reserved_range
0
ts_added
2026-03-22 14:15:42.685000
ts_last_update
2026-04-01 14:15:50.291000

Warden event timeline

DShield event timeline

Presence on blacklists