IP address

Search at other sites:
.252199.91.221.58undefined.hostname.localhost
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
CI Army
199.91.221.58 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-05-05 02:50:00.812000
Was present on blacklist at: 2026-04-30 02:50, 2026-05-01 02:50, 2026-05-02 02:50, 2026-05-03 02:50, 2026-05-04 02:50, 2026-05-05 02:50

Threat categories

TLRoleCategoryDetails
64 src scan port: 80, 4434, 4444, 5443, 12443, 30443, 50443
25 src
Warden events (183)
2026-05-02
ReconScanning (node.9c1411): 9
2026-05-01
ReconScanning (node.9c1411): 49
2026-04-30
ReconScanning (node.ce2b59): 54
ReconScanning (node.9c1411): 16
2026-04-29
ReconScanning (node.ce2b59): 11
2026-04-28
ReconScanning (node.ce2b59): 39
ReconScanning (node.4dc198): 5
DShield reports (IP summary, reports)
2026-04-29
Number of reports: 70
Distinct targets: 28
2026-04-30
Number of reports: 70
Distinct targets: 28
2026-05-01
Number of reports: 36
Distinct targets: 16
2026-05-02
Number of reports: 75
Distinct targets: 28
2026-05-03
Number of reports: 75
Distinct targets: 28
2026-05-04
Number of reports: 55
Distinct targets: 30
Origin AS
AS399629 - BLNWX
BGP Prefix
199.91.221.0/24
geo
United States
🕑 America/Chicago
hostname
undefined.hostname.localhost
Address block ('inetnum' or 'NetRange' in whois database)
199.91.216.0 - 199.91.223.255
last_activity
2026-05-02 06:01:32
last_warden_event
2026-05-02 06:01:32
rep
0.2522600446428572
reserved_range
0
Shodan's InternetDB
Open ports: 22, 443
Tags:
CPEs: cpe:/a:openbsd:openssh:9.6p1, cpe:/o:canonical:ubuntu_linux
ts_added
2026-04-29 10:54:06.628000
ts_last_update
2026-05-05 10:54:10.323000

Warden event timeline

DShield event timeline

Presence on blacklists