IP address

Search at other sites:

.94945.91.64.6

Shodan(more info)

Passive DNS

IP blacklists

DataPlane VNC RFB

45.91.64.6 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-26 19:10:01.068000
Was present on blacklist at: 2025-12-18 19:10, 2025-12-19 03:10, 2025-12-19 07:10, 2025-12-19 15:10, 2025-12-19 19:10, 2025-12-20 03:10, 2025-12-20 07:10, 2025-12-20 15:10, 2025-12-20 19:10, 2025-12-21 03:10, 2025-12-21 07:10, 2025-12-21 15:10, 2025-12-21 19:10, 2025-12-22 03:10, 2025-12-22 07:10, 2025-12-22 15:10, 2025-12-22 19:10, 2025-12-23 03:10, 2025-12-23 07:10, 2025-12-23 15:10, 2025-12-23 19:10, 2025-12-24 03:10, 2025-12-24 07:10, 2025-12-24 15:10, 2025-12-24 19:10, 2025-12-25 03:10, 2025-12-25 07:10, 2025-12-25 15:10, 2025-12-25 19:10, 2025-12-26 03:10, 2025-12-26 07:10, 2025-12-26 15:10, 2025-12-26 19:10, 2025-12-27 03:10, 2025-12-27 07:10, 2025-12-27 15:10, 2025-12-27 19:10, 2025-12-28 03:10, 2025-12-28 07:10, 2025-12-28 15:10, 2025-12-28 19:10, 2025-12-29 03:10, 2025-12-29 07:10, 2025-12-29 15:10, 2025-12-29 19:10, 2025-12-30 03:10, 2025-12-30 07:10, 2025-12-30 15:10, 2025-12-30 19:10, 2025-12-31 03:10, 2025-12-31 07:10, 2025-12-31 15:10, 2025-12-31 19:10, 2026-01-01 03:10, 2026-01-01 07:10, 2026-01-01 15:10, 2026-01-01 19:10, 2026-01-02 03:10, 2026-01-02 07:10, 2026-01-02 15:10, 2026-01-02 19:10, 2026-01-03 03:10, 2026-01-03 07:10, 2026-01-03 15:10, 2026-01-03 19:10, 2026-01-04 03:10, 2026-01-04 07:10, 2026-01-04 15:10, 2026-01-04 19:10, 2026-01-05 03:10, 2026-01-05 07:10, 2026-01-05 15:10, 2026-01-06 03:10, 2026-01-06 11:10, 2026-01-06 15:10, 2026-01-06 19:10, 2026-01-06 23:10, 2026-01-07 03:10, 2026-01-07 07:10, 2026-01-07 11:10, 2026-01-07 15:10, 2026-01-07 19:10, 2026-01-07 23:10, 2026-01-08 03:10, 2026-01-08 07:10, 2026-01-08 11:10, 2026-01-08 15:10, 2026-01-08 19:10, 2026-01-08 23:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 11:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-09 23:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 11:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-10 23:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 11:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-11 23:10, 2026-01-12 03:10, 2026-01-12 07:10, 2026-01-12 11:10, 2026-01-12 15:10, 2026-01-12 19:10, 2026-01-12 23:10, 2026-01-13 03:10, 2026-01-13 07:10, 2026-01-13 11:10, 2026-01-13 15:10, 2026-01-13 19:10, 2026-01-13 23:10, 2026-01-14 03:10, 2026-01-14 07:10, 2026-01-14 11:10, 2026-01-14 15:10, 2026-01-14 19:10, 2026-01-14 23:10, 2026-01-15 03:10, 2026-01-15 07:10, 2026-01-15 11:10, 2026-01-15 15:10, 2026-01-15 19:10, 2026-01-15 23:10, 2026-01-16 03:10, 2026-01-16 07:10, 2026-01-16 11:10, 2026-01-16 15:10, 2026-01-16 19:10, 2026-01-16 23:10, 2026-01-17 03:10, 2026-01-17 07:10, 2026-01-17 11:10, 2026-01-17 15:10, 2026-01-17 19:10, 2026-01-17 23:10, 2026-01-18 03:10, 2026-01-18 07:10, 2026-01-18 11:10, 2026-01-18 15:10, 2026-01-18 19:10, 2026-01-18 23:10, 2026-01-19 03:10, 2026-01-19 07:10, 2026-01-19 11:10, 2026-01-19 15:10, 2026-01-19 19:10, 2026-01-19 23:10, 2026-01-20 03:10, 2026-01-20 07:10, 2026-01-20 11:10, 2026-01-20 15:10, 2026-01-20 19:10, 2026-01-20 23:10, 2026-01-21 03:10, 2026-01-21 07:10, 2026-01-21 11:10, 2026-01-21 15:10, 2026-01-21 19:10, 2026-01-21 23:10, 2026-01-22 03:10, 2026-01-22 07:10, 2026-01-22 11:10, 2026-01-22 15:10, 2026-01-22 19:10, 2026-01-22 23:10, 2026-01-23 03:10, 2026-01-23 07:10, 2026-01-23 11:10, 2026-01-23 15:10, 2026-01-23 19:10, 2026-01-23 23:10, 2026-01-24 03:10, 2026-01-24 07:10, 2026-01-24 11:10, 2026-01-24 15:10, 2026-01-24 19:10, 2026-01-24 23:10, 2026-01-25 03:10, 2026-01-25 07:10, 2026-01-25 11:10, 2026-01-25 15:10, 2026-01-25 19:10, 2026-01-25 23:10, 2026-01-26 03:10, 2026-01-26 07:10, 2026-01-26 11:10, 2026-01-26 15:10, 2026-01-26 19:10

CI Army

45.91.64.6 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-01-26 03:50:01.088000
Was present on blacklist at: 2025-12-19 03:50, 2025-12-20 03:50, 2025-12-21 03:50, 2025-12-22 03:50, 2025-12-23 03:50, 2025-12-24 03:50, 2025-12-25 03:50, 2025-12-26 03:50, 2025-12-27 03:50, 2025-12-29 03:50, 2025-12-30 03:50, 2025-12-31 03:50, 2026-01-01 03:50, 2026-01-02 03:50, 2026-01-03 03:50, 2026-01-04 03:50, 2026-01-05 03:50, 2026-01-06 03:50, 2026-01-07 03:50, 2026-01-08 03:50, 2026-01-09 03:50, 2026-01-10 03:50, 2026-01-11 03:50, 2026-01-12 03:50, 2026-01-13 03:50, 2026-01-14 03:50, 2026-01-15 03:50, 2026-01-16 03:50, 2026-01-17 03:50, 2026-01-18 03:50, 2026-01-19 03:50, 2026-01-20 03:50, 2026-01-21 03:50, 2026-01-22 03:50, 2026-01-23 03:50, 2026-01-24 03:50, 2026-01-25 03:50, 2026-01-26 03:50

AbuseIPDB

45.91.64.6 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-01-26 05:00:00.823000
Was present on blacklist at: 2025-12-19 05:00, 2025-12-20 05:00, 2025-12-24 05:00, 2025-12-25 05:00, 2025-12-26 05:00, 2025-12-27 05:00, 2025-12-28 05:00, 2025-12-29 05:00, 2025-12-30 05:00, 2025-12-31 05:00, 2026-01-01 05:00, 2026-01-02 05:00, 2026-01-03 05:00, 2026-01-04 05:00, 2026-01-05 05:00, 2026-01-06 05:00, 2026-01-07 05:00, 2026-01-08 05:00, 2026-01-09 05:00, 2026-01-10 05:00, 2026-01-11 05:00, 2026-01-12 05:00, 2026-01-13 05:00, 2026-01-14 05:00, 2026-01-15 05:00, 2026-01-16 05:00, 2026-01-17 05:00, 2026-01-18 05:00, 2026-01-19 05:00, 2026-01-20 05:00, 2026-01-21 05:00, 2026-01-22 05:00, 2026-01-23 05:00, 2026-01-24 05:00, 2026-01-25 05:00, 2026-01-26 05:00

DataPlane TELNET login

45.91.64.6 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-26 19:10:03.339000
Was present on blacklist at: 2025-12-19 07:10, 2025-12-19 11:10, 2025-12-19 15:10, 2025-12-19 19:10, 2025-12-19 23:10, 2025-12-20 03:10, 2025-12-20 07:10, 2025-12-20 11:10, 2025-12-20 15:10, 2025-12-20 19:10, 2025-12-20 23:10, 2025-12-21 03:10, 2025-12-21 07:10, 2025-12-21 11:10, 2025-12-21 15:10, 2025-12-21 19:10, 2025-12-21 23:10, 2025-12-22 03:10, 2025-12-22 07:10, 2025-12-22 11:10, 2025-12-22 15:10, 2025-12-22 19:10, 2025-12-22 23:10, 2025-12-23 03:10, 2025-12-23 07:10, 2025-12-23 11:10, 2025-12-23 15:10, 2025-12-23 19:10, 2025-12-23 23:10, 2025-12-24 03:10, 2025-12-24 07:10, 2025-12-24 11:10, 2025-12-24 15:10, 2025-12-24 19:10, 2025-12-24 23:10, 2025-12-25 03:10, 2025-12-25 07:10, 2025-12-25 11:10, 2025-12-25 15:10, 2025-12-25 19:10, 2025-12-25 23:10, 2026-01-01 15:10, 2026-01-01 19:10, 2026-01-01 23:10, 2026-01-02 03:10, 2026-01-02 07:10, 2026-01-02 11:10, 2026-01-02 15:10, 2026-01-02 19:10, 2026-01-02 23:10, 2026-01-03 03:10, 2026-01-03 07:10, 2026-01-03 11:10, 2026-01-03 15:10, 2026-01-03 19:10, 2026-01-03 23:10, 2026-01-04 03:10, 2026-01-04 07:10, 2026-01-04 11:10, 2026-01-04 15:10, 2026-01-04 19:10, 2026-01-04 23:10, 2026-01-05 03:10, 2026-01-05 07:10, 2026-01-05 11:10, 2026-01-05 15:10, 2026-01-05 19:10, 2026-01-05 23:10, 2026-01-06 03:10, 2026-01-06 11:10, 2026-01-06 15:10, 2026-01-06 19:10, 2026-01-06 23:10, 2026-01-07 03:10, 2026-01-07 07:10, 2026-01-07 11:10, 2026-01-07 15:10, 2026-01-07 19:10, 2026-01-07 23:10, 2026-01-08 03:10, 2026-01-08 07:10, 2026-01-08 15:10, 2026-01-08 19:10, 2026-01-08 23:10, 2026-01-09 03:10, 2026-01-09 07:10, 2026-01-09 11:10, 2026-01-09 15:10, 2026-01-09 19:10, 2026-01-09 23:10, 2026-01-10 03:10, 2026-01-10 07:10, 2026-01-10 11:10, 2026-01-10 15:10, 2026-01-10 19:10, 2026-01-10 23:10, 2026-01-11 03:10, 2026-01-11 07:10, 2026-01-11 11:10, 2026-01-11 15:10, 2026-01-11 19:10, 2026-01-11 23:10, 2026-01-12 03:10, 2026-01-20 23:10, 2026-01-21 03:10, 2026-01-21 07:10, 2026-01-21 11:10, 2026-01-21 15:10, 2026-01-21 19:10, 2026-01-21 23:10, 2026-01-22 03:10, 2026-01-22 07:10, 2026-01-22 11:10, 2026-01-22 15:10, 2026-01-22 19:10, 2026-01-22 23:10, 2026-01-23 03:10, 2026-01-23 07:10, 2026-01-23 11:10, 2026-01-23 15:10, 2026-01-23 19:10, 2026-01-23 23:10, 2026-01-24 03:10, 2026-01-24 07:10, 2026-01-24 11:10, 2026-01-24 15:10, 2026-01-24 19:10, 2026-01-24 23:10, 2026-01-25 03:10, 2026-01-25 07:10, 2026-01-25 11:10, 2026-01-25 15:10, 2026-01-25 19:10, 2026-01-25 23:10, 2026-01-26 03:10, 2026-01-26 07:10, 2026-01-26 11:10, 2026-01-26 15:10, 2026-01-26 19:10

UCEPROTECT L1

45.91.64.6 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-26 16:45:00.462000
Was present on blacklist at: 2025-12-19 16:45, 2025-12-20 00:45, 2025-12-20 08:45, 2025-12-20 16:45, 2025-12-21 00:45, 2025-12-21 08:45, 2025-12-21 16:45, 2025-12-22 00:45, 2025-12-22 08:45, 2025-12-22 16:45, 2025-12-23 00:45, 2025-12-23 08:45, 2025-12-23 16:45, 2025-12-24 00:45, 2025-12-24 08:45, 2025-12-24 16:45, 2025-12-25 00:45, 2025-12-25 08:45, 2025-12-25 16:45, 2025-12-26 00:45, 2025-12-26 08:45, 2025-12-26 16:45, 2025-12-27 00:45, 2025-12-27 08:45, 2025-12-27 16:45, 2025-12-28 00:45, 2025-12-28 08:45, 2025-12-28 16:45, 2025-12-29 00:45, 2025-12-29 08:45, 2025-12-29 16:45, 2025-12-30 00:45, 2025-12-30 08:45, 2025-12-30 16:45, 2025-12-31 00:45, 2025-12-31 08:45, 2025-12-31 16:45, 2026-01-01 00:45, 2026-01-01 08:45, 2026-01-01 16:45, 2026-01-02 00:45, 2026-01-02 08:45, 2026-01-02 16:45, 2026-01-03 00:45, 2026-01-03 08:45, 2026-01-03 16:45, 2026-01-04 00:45, 2026-01-04 08:45, 2026-01-04 16:45, 2026-01-05 00:45, 2026-01-05 08:45, 2026-01-05 16:45, 2026-01-06 00:45, 2026-01-06 08:45, 2026-01-06 16:45, 2026-01-07 00:45, 2026-01-07 08:45, 2026-01-07 16:45, 2026-01-08 00:45, 2026-01-08 08:45, 2026-01-08 16:45, 2026-01-09 00:45, 2026-01-09 08:45, 2026-01-09 16:45, 2026-01-10 00:45, 2026-01-10 08:45, 2026-01-10 16:45, 2026-01-11 00:45, 2026-01-11 08:45, 2026-01-11 16:45, 2026-01-12 00:45, 2026-01-12 08:45, 2026-01-12 16:45, 2026-01-13 00:45, 2026-01-13 08:45, 2026-01-13 16:45, 2026-01-14 00:45, 2026-01-14 08:45, 2026-01-14 16:45, 2026-01-15 00:45, 2026-01-15 08:45, 2026-01-15 16:45, 2026-01-16 00:45, 2026-01-16 08:45, 2026-01-16 16:45, 2026-01-17 00:45, 2026-01-17 08:45, 2026-01-17 16:45, 2026-01-18 00:45, 2026-01-18 08:45, 2026-01-18 16:45, 2026-01-19 00:45, 2026-01-19 08:45, 2026-01-19 16:45, 2026-01-20 00:45, 2026-01-20 08:45, 2026-01-20 16:45, 2026-01-21 00:45, 2026-01-21 16:45, 2026-01-22 00:45, 2026-01-22 08:45, 2026-01-23 00:45, 2026-01-23 08:45, 2026-01-23 16:45, 2026-01-24 00:45, 2026-01-24 08:45, 2026-01-25 00:45, 2026-01-25 16:45, 2026-01-26 00:45, 2026-01-26 08:45, 2026-01-26 16:45

Turris greylist

45.91.64.6 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-26 22:15:00.147000
Was present on blacklist at: 2025-12-19 22:15, 2025-12-20 22:15, 2025-12-24 22:15, 2025-12-25 22:15, 2025-12-26 22:15, 2025-12-27 22:15, 2025-12-28 22:15, 2025-12-29 22:15, 2025-12-30 22:15, 2025-12-31 22:15, 2026-01-01 22:15, 2026-01-02 22:15, 2026-01-03 22:15, 2026-01-04 22:15, 2026-01-05 22:15, 2026-01-06 22:15, 2026-01-07 22:15, 2026-01-08 22:15, 2026-01-09 22:15, 2026-01-10 22:15, 2026-01-11 22:15, 2026-01-12 22:15, 2026-01-14 22:15, 2026-01-15 22:15, 2026-01-16 22:15, 2026-01-17 22:15, 2026-01-18 22:15, 2026-01-19 22:15, 2026-01-20 22:15, 2026-01-21 22:15, 2026-01-22 22:15, 2026-01-23 22:15, 2026-01-24 22:15, 2026-01-25 22:15, 2026-01-26 22:15

Spamhaus SBL CSS

45.91.64.6 is listed on the Spamhaus SBL CSS blacklist.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-22 12:59:30.444000
Was present on blacklist at: 2025-12-25 12:59, 2026-01-01 12:59, 2026-01-08 12:59, 2026-01-15 12:59, 2026-01-22 12:59

Spamhaus XBL CBL

45.91.64.6 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-22 12:59:30.444000
Was present on blacklist at: 2025-12-25 12:59, 2026-01-01 12:59, 2026-01-08 12:59, 2026-01-15 12:59, 2026-01-22 12:59

blocklist.de Apache

45.91.64.6 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-22 23:05:00.617000
Was present on blacklist at: 2025-12-28 23:05, 2025-12-29 05:05, 2025-12-29 11:05, 2025-12-29 17:05, 2025-12-29 23:05, 2025-12-30 05:05, 2025-12-30 11:05, 2025-12-30 17:05, 2025-12-30 23:05, 2025-12-31 05:05, 2025-12-31 11:05, 2025-12-31 17:05, 2025-12-31 23:05, 2026-01-01 05:05, 2026-01-01 11:05, 2026-01-01 17:05, 2026-01-01 23:05, 2026-01-02 05:05, 2026-01-02 11:05, 2026-01-02 17:05, 2026-01-02 23:05, 2026-01-03 05:05, 2026-01-03 11:05, 2026-01-03 17:05, 2026-01-03 23:05, 2026-01-04 05:05, 2026-01-04 11:05, 2026-01-04 17:05, 2026-01-04 23:05, 2026-01-05 05:05, 2026-01-05 11:05, 2026-01-05 17:05, 2026-01-05 23:05, 2026-01-06 11:05, 2026-01-06 17:05, 2026-01-06 23:05, 2026-01-07 05:05, 2026-01-07 11:05, 2026-01-07 17:05, 2026-01-10 11:05, 2026-01-10 17:05, 2026-01-10 23:05, 2026-01-11 05:05, 2026-01-11 11:05, 2026-01-11 17:05, 2026-01-11 23:05, 2026-01-12 05:05, 2026-01-12 11:05, 2026-01-12 17:05, 2026-01-12 23:05, 2026-01-13 05:05, 2026-01-13 11:05, 2026-01-13 17:05, 2026-01-13 23:05, 2026-01-18 11:05, 2026-01-18 17:05, 2026-01-18 23:05, 2026-01-19 05:05, 2026-01-19 11:05, 2026-01-19 17:05, 2026-01-19 23:05, 2026-01-20 05:05, 2026-01-20 11:05, 2026-01-20 17:05, 2026-01-20 23:05, 2026-01-21 05:05, 2026-01-21 23:05, 2026-01-22 05:05, 2026-01-22 11:05, 2026-01-22 17:05, 2026-01-22 23:05

Blocklist.net.ua

45.91.64.6 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks,<br>send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-30 03:15:01.231000
Was present on blacklist at: 2025-12-29 07:15, 2025-12-29 11:15, 2025-12-29 15:15, 2025-12-29 19:15, 2025-12-29 23:15, 2025-12-30 03:15

DataPlane SMTP greeting

45.91.64.6 is listed on the DataPlane SMTP greeting blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs that are<br>identified as SMTP clients issuing unsolicited HELO or EHLO commands.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-08 07:10:01.129000
Was present on blacklist at: 2026-01-06 11:10, 2026-01-06 15:10, 2026-01-06 19:10, 2026-01-06 23:10, 2026-01-07 03:10, 2026-01-07 07:10, 2026-01-07 11:10, 2026-01-07 15:10, 2026-01-07 19:10, 2026-01-07 23:10, 2026-01-08 03:10, 2026-01-08 07:10

blocklist.de bots

45.91.64.6 is listed on the blocklist.de bots blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the RFI-Attacks,<br>REG-Bots, IRC-Bots or BadBots.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-18 05:05:00.279000
Was present on blacklist at: 2026-01-15 11:05, 2026-01-15 17:05, 2026-01-15 23:05, 2026-01-16 05:05, 2026-01-16 11:05, 2026-01-16 17:05, 2026-01-16 23:05, 2026-01-17 05:05, 2026-01-17 11:05, 2026-01-17 17:05, 2026-01-17 23:05, 2026-01-18 05:05

blocklist.de SSH

45.91.64.6 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-26 17:05:00.551000
Was present on blacklist at: 2026-01-23 05:05, 2026-01-23 11:05, 2026-01-23 17:05, 2026-01-23 23:05, 2026-01-24 05:05, 2026-01-24 11:05, 2026-01-24 17:05, 2026-01-24 23:05, 2026-01-25 11:05, 2026-01-25 17:05, 2026-01-25 23:05, 2026-01-26 05:05, 2026-01-26 11:05, 2026-01-26 17:05

Warden events (15099)

2026-01-26

ReconScanning (node.4dc198): 273

ReconScanning (node.368407): 164

ReconScanning (node.9c1411): 76

2026-01-25

ReconScanning (node.4dc198): 287

ReconScanning (node.9c1411): 86

ReconScanning (node.368407): 175

2026-01-24

ReconScanning (node.4dc198): 285

ReconScanning (node.9c1411): 83

ReconScanning (node.368407): 221

AttemptLogin (node.28c168): 1

AttemptLogin (node.d2ecc6): 1

2026-01-23

ReconScanning (node.4dc198): 288

ReconScanning (node.368407): 219

ReconScanning (node.9c1411): 82

AttemptLogin (node.28c168): 1

AttemptLogin (node.eef996): 1

2026-01-22

ReconScanning (node.368407): 164

ReconScanning (node.4dc198): 288

ReconScanning (node.9c1411): 84

AttemptLogin (node.00aee5): 1

AttemptLogin (node.b17ef8): 1

2026-01-21

ReconScanning (node.4dc198): 287

ReconScanning (node.9c1411): 84

ReconScanning (node.368407): 128

IntrusionUserCompromise (node.cfb4f7): 42

IntrusionUserCompromise+AttemptExploit (node.90bbae): 23

IntrusionUserCompromise+AttemptExploit (node.ad75dd): 11

2026-01-20

ReconScanning (node.4dc198): 288

ReconScanning (node.9c1411): 87

ReconScanning (node.368407): 141

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

IntrusionUserCompromise (node.cfb4f7): 5

ReconScanning (node.90bbae): 1

2026-01-19

ReconScanning (node.4dc198): 285

ReconScanning (node.9c1411): 86

ReconScanning (node.368407): 100

IntrusionUserCompromise (node.cfb4f7): 29

IntrusionUserCompromise+AttemptExploit (node.ad75dd): 11

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 22

AttemptLogin (node.70e749): 2

AttemptLogin (node.eef996): 1

2026-01-18

ReconScanning (node.4dc198): 287

ReconScanning (node.9c1411): 88

IntrusionUserCompromise (node.cfb4f7): 11

ReconScanning (node.368407): 75

2026-01-17

ReconScanning (node.4dc198): 288

ReconScanning (node.9c1411): 85

ReconScanning (node.368407): 96

IntrusionUserCompromise (node.cfb4f7): 19

IntrusionUserCompromise+AttemptExploit (node.ad75dd): 33

AnomalyTraffic (node.86dac8): 2

2026-01-16

ReconScanning (node.368407): 193

ReconScanning (node.9c1411): 87

IntrusionUserCompromise (node.cfb4f7): 47

ReconScanning (node.4dc198): 130

ReconScanning (node.90bbae): 1

IntrusionUserCompromise+AttemptExploit (node.90bbae): 1

IntrusionUserCompromise+AttemptExploit (node.c26a5f): 11

2026-01-15

ReconScanning (node.368407): 276

ReconScanning (node.9c1411): 82

IntrusionUserCompromise (node.cfb4f7): 58

IntrusionUserCompromise+AttemptExploit (node.0b69da): 11

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

2026-01-14

ReconScanning (node.368407): 257

ReconScanning (node.86eb21): 5

ReconScanning (node.9c1411): 83

IntrusionUserCompromise (node.cfb4f7): 78

IntrusionUserCompromise+AttemptExploit (node.0b69da): 11

IntrusionUserCompromise+AttemptExploit (node.3931a4): 11

AttemptLogin (node.c26a5f): 1

IntrusionUserCompromise+AttemptExploit (node.c26a5f): 11

ReconScanning (node.4dc198): 23

IntrusionUserCompromise+AttemptExploit (node.90bbae): 1

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

2026-01-13

ReconScanning (node.4dc198): 120

ReconScanning (node.368407): 248

ReconScanning (node.9c1411): 85

IntrusionUserCompromise (node.cfb4f7): 79

IntrusionUserCompromise+AttemptExploit (node.c26a5f): 22

IntrusionUserCompromise+AttemptExploit (node.0b69da): 22

2026-01-12

ReconScanning (node.368407): 248

ReconScanning (node.9c1411): 89

ReconScanning (node.86eb21): 11

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

IntrusionUserCompromise (node.cfb4f7): 107

IntrusionUserCompromise+AttemptExploit (node.c26a5f): 11

ReconScanning (node.4dc198): 49

2026-01-11

ReconScanning (node.368407): 269

ReconScanning (node.9c1411): 85

IntrusionUserCompromise (node.cfb4f7): 32

IntrusionUserCompromise+AttemptExploit (node.3931a4): 11

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

2026-01-10

ReconScanning (node.368407): 234

IntrusionUserCompromise (node.cfb4f7): 116

ReconScanning (node.86eb21): 3

ReconScanning (node.9c1411): 85

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

IntrusionUserCompromise+AttemptExploit (node.90bbae): 11

IntrusionUserCompromise+AttemptExploit (node.c26a5f): 11

AttemptLogin (node.c26a5f): 1

2026-01-09

ReconScanning (node.368407): 252

ReconScanning (node.9c1411): 85

IntrusionUserCompromise (node.cfb4f7): 56

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 22

IntrusionUserCompromise+AttemptExploit (node.90bbae): 22

IntrusionUserCompromise+AttemptExploit (node.0b69da): 11

ReconScanning (node.86eb21): 4

2026-01-08

ReconScanning (node.368407): 284

ReconScanning (node.9c1411): 83

2026-01-07

ReconScanning (node.368407): 268

ReconScanning (node.9c1411): 87

IntrusionUserCompromise (node.cfb4f7): 26

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

ReconScanning (node.86eb21): 9

2026-01-06

ReconScanning (node.368407): 196

ReconScanning (node.9c1411): 75

IntrusionUserCompromise (node.cfb4f7): 75

ReconScanning (node.4dc198): 1

IntrusionUserCompromise+AttemptExploit (node.0b69da): 11

2026-01-05

ReconScanning (node.368407): 260

ReconScanning (node.9c1411): 43

IntrusionUserCompromise+AttemptExploit (node.90bbae): 11

IntrusionUserCompromise (node.cfb4f7): 20

ReconScanning (node.86eb21): 3

2026-01-04

ReconScanning (node.368407): 243

IntrusionUserCompromise (node.cfb4f7): 47

IntrusionUserCompromise+AttemptExploit (node.90bbae): 11

2026-01-03

ReconScanning (node.368407): 247

IntrusionUserCompromise (node.cfb4f7): 55

IntrusionUserCompromise+AttemptExploit (node.0b69da): 22

IntrusionUserCompromise+AttemptExploit (node.90bbae): 11

IntrusionUserCompromise+AttemptExploit (node.3931a4): 11

ReconScanning (node.4dc198): 1

ReconScanning (node.86eb21): 3

2026-01-02

ReconScanning (node.368407): 269

IntrusionUserCompromise (node.cfb4f7): 41

2026-01-01

ReconScanning (node.368407): 260

ReconScanning (node.86eb21): 9

IntrusionUserCompromise (node.cfb4f7): 34

IntrusionUserCompromise+AttemptExploit (node.90bbae): 1

2025-12-31

ReconScanning (node.368407): 274

IntrusionUserCompromise (node.cfb4f7): 15

IntrusionUserCompromise+AttemptExploit (node.5bdc26): 11

ReconScanning (node.4dc198): 9

2025-12-30

IntrusionUserCompromise (node.cfb4f7): 51

ReconScanning (node.368407): 261

IntrusionUserCompromise+AttemptExploit (node.90bbae): 11

2025-12-29

ReconScanning (node.368407): 268

IntrusionUserCompromise (node.cfb4f7): 46

IntrusionUserCompromise+AttemptExploit (node.90bbae): 11

ReconScanning (node.86eb21): 3

2025-12-28

ReconScanning (node.368407): 268

ReconScanning (node.4dc198): 3

IntrusionUserCompromise (node.cfb4f7): 47

IntrusionUserCompromise+AttemptExploit (node.90bbae): 11

2025-12-27

ReconScanning (node.368407): 287

ReconScanning (node.86eb21): 3

2025-12-26

ReconScanning (node.368407): 288

2025-12-25

ReconScanning (node.368407): 283

IntrusionUserCompromise (node.cfb4f7): 35

2025-12-24

ReconScanning (node.368407): 287

ReconScanning (node.4dc198): 3

2025-12-23

ReconScanning (node.368407): 137

ReconScanning (node.4dc198): 21

2025-12-19

IntrusionUserCompromise (node.cfb4f7): 7

ReconScanning (node.368407): 122

ReconScanning (node.4dc198): 123

2025-12-18

ReconScanning (node.368407): 125

ReconScanning (node.4dc198): 113

IntrusionUserCompromise (node.cfb4f7): 5

DShield reports (IP summary, reports)

2025-12-19

Number of reports: 560

Distinct targets: 376

2025-12-23

Number of reports: 959

Distinct targets: 742

2025-12-24

Number of reports: 959

Distinct targets: 742

2025-12-25

Number of reports: 2125

Distinct targets: 1429

2025-12-26

Number of reports: 2125

Distinct targets: 1429

2025-12-27

Number of reports: 2003

Distinct targets: 1323

2025-12-28

Number of reports: 1948

Distinct targets: 1320

2025-12-29

Number of reports: 1729

Distinct targets: 1135

2025-12-30

Number of reports: 1428

Distinct targets: 1009

2025-12-31

Number of reports: 1574

Distinct targets: 1067

2026-01-01

Number of reports: 1547

Distinct targets: 1041

2026-01-02

Number of reports: 1547

Distinct targets: 1041

2026-01-03

Number of reports: 1522

Distinct targets: 1077

2026-01-04

Number of reports: 1504

Distinct targets: 1117

2026-01-05

Number of reports: 1539

Distinct targets: 1072

2026-01-06

Number of reports: 1663

Distinct targets: 1120

2026-01-08

Number of reports: 1417

Distinct targets: 1008

2026-01-09

Number of reports: 1384

Distinct targets: 1004

2026-01-10

Number of reports: 1462

Distinct targets: 1032

2026-01-11

Number of reports: 1462

Distinct targets: 1032

2026-01-12

Number of reports: 1475

Distinct targets: 1034

2026-01-13

Number of reports: 1604

Distinct targets: 1105

2026-01-14

Number of reports: 1604

Distinct targets: 1105

2026-01-15

Number of reports: 1476

Distinct targets: 1038

2026-01-16

Number of reports: 1205

Distinct targets: 951

2026-01-17

Number of reports: 1205

Distinct targets: 951

2026-01-18

Number of reports: 429

Distinct targets: 425

2026-01-19

Number of reports: 506

Distinct targets: 486

2026-01-20

Number of reports: 506

Distinct targets: 486

2026-01-21

Number of reports: 469

Distinct targets: 454

2026-01-22

Number of reports: 393

Distinct targets: 377

2026-01-23

Number of reports: 1249

Distinct targets: 889

2026-01-24

Number of reports: 1249

Distinct targets: 889

2026-01-25

Number of reports: 1111

Distinct targets: 770

OTX pulses

[69528137e2e456f7cfa32ba7] 2025-12-29 13:25:11.042000 | Redis honeypot logs for 2025-12-29

Author name:	jnazario
Pulse modified:	2025-12-29 13:25:11.042000
Indicator created:	2025-12-29 13:25:11
Indicator role:	None
Indicator title:
Indicator expiration:	2026-01-28 13:00:00

[6961017e5f59243e56c2b72f] 2026-01-09 13:24:14.258000 | Redis honeypot logs for 2026-01-09

Author name:	jnazario
Pulse modified:	2026-01-09 13:24:14.258000
Indicator created:	2026-01-09 13:24:15
Indicator role:	None
Indicator title:
Indicator expiration:	2026-02-08 13:00:00

[6964f5f29fae81cdffcf1a50] 2026-01-12 13:24:02.830000 | Redis honeypot logs for 2026-01-12

Author name:	jnazario
Pulse modified:	2026-01-12 13:24:02.830000
Indicator created:	2026-01-12 13:24:03
Indicator role:	None
Indicator title:
Indicator expiration:	2026-02-11 13:00:00

[69664794adf30d9328c7e29d] 2026-01-13 13:24:36.421000 | RDP honeypot logs for 2026/01/13

Author name:	jnazario
Pulse modified:	2026-01-13 13:24:36.421000
Indicator created:	2026-01-13 13:24:37
Indicator role:	None
Indicator title:
Indicator expiration:	2026-02-12 13:00:00

[602bc528f447d628d41494f2] 2021-02-16 13:14:16.945000 | Ka's Honeypot visitors

Author name:	Kapppppa
Pulse modified:	2026-01-26 19:49:21.151000
Indicator created:	2026-01-14 10:17:33
Indicator role:	bruteforce
Indicator title:	Telnet Login attempt
Indicator expiration:	2026-02-13 10:00:00

Origin AS

AS214664 - Buduschee

BGP Prefix

45.91.64.0/24

geo

Russia

🕑 Europe/Moscow

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

45.91.64.0 - 45.91.64.255

last_activity

2026-01-26 22:47:39

last_warden_event

2026-01-26 22:47:39

rep

0.9492745535714284

reserved_range

0

ts_added

2025-12-18 12:59:28.229000

ts_last_update

2026-01-26 22:47:43.304000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses