IP address

Search at other sites:
.00080.75.212.12tube-server.com
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
CI Army
80.75.212.12 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-20 02:50:01.115000
Was present on blacklist at: 2025-05-12 02:50, 2025-05-13 02:50, 2025-05-14 02:50, 2025-05-15 02:50, 2025-05-16 02:50, 2025-05-17 02:50, 2025-05-18 02:50, 2025-05-19 02:50, 2025-05-20 02:50
AbuseIPDB
80.75.212.12 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-17 04:00:00.607000
Was present on blacklist at: 2025-05-12 04:00, 2025-05-13 04:00, 2025-05-14 04:00, 2025-05-15 04:00, 2025-05-16 04:00, 2025-05-17 04:00
DShield Block
80.75.212.12 was recently listed on the DShield Block blacklist, but currently it is not.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2025-07-02 04:50:00
Was present on blacklist at: 2025-05-14 04:50, 2025-05-15 04:50, 2025-05-16 04:50, 2025-05-17 04:50
Turris greylist
80.75.212.12 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-05-16 21:15:00.165000
Was present on blacklist at: 2025-05-15 21:15, 2025-05-16 21:15
Spamhaus XBL CBL
80.75.212.12 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-06-29 15:32:40.547000
Was present on blacklist at: 2025-05-18 15:32, 2025-05-25 15:32
Warden events (545)
2025-05-16
AnomalyTraffic (node.ffe95c): 5
ReconScanning (node.368407): 55
ReconScanning (node.4dc198): 58
ReconScanning (node.5f02e7): 5
2025-05-15
AnomalyTraffic (node.ffe95c): 3
ReconScanning (node.5f02e7): 4
ReconScanning (node.368407): 22
ReconScanning (node.4dc198): 22
2025-05-14
AnomalyTraffic (node.ffe95c): 11
ReconScanning (node.368407): 112
ReconScanning (node.4dc198): 116
AnomalyTraffic (node.86dac8): 10
ReconScanning (node.5f02e7): 8
2025-05-13
ReconScanning (node.368407): 44
ReconScanning (node.4dc198): 44
ReconScanning (node.5f02e7): 3
AnomalyTraffic (node.ffe95c): 1
2025-05-12
ReconScanning (node.368407): 7
ReconScanning (node.4dc198): 7
2025-05-11
ReconScanning (node.4dc198): 4
ReconScanning (node.368407): 4
DShield reports (IP summary, reports)
2025-05-11
Number of reports: 655
Distinct targets: 435
2025-05-12
Number of reports: 725
Distinct targets: 363
2025-05-13
Number of reports: 6631
Distinct targets: 4375
2025-05-14
Number of reports: 46739
Distinct targets: 16876
2025-05-15
Number of reports: 28782
Distinct targets: 20980
2025-05-16
Number of reports: 30543
Distinct targets: 11676
OTX pulses
[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot
Author name:georgengelmann
Pulse modified:2025-06-13 03:04:05.100000
Indicator created:2025-05-14 04:01:02
Indicator role:trojan
Indicator title:The Traitor, Trojan from tube-server.com port 56924
Indicator expiration:2025-06-13 04:00:00
Origin AS
AS49581 - FerdinandZink
BGP Prefix
80.75.212.0/24
geo
Germany, Frankfurt am Main
🕑 Europe/Berlin
hostname
tube-server.com
Address block ('inetnum' or 'NetRange' in whois database)
80.75.212.0 - 80.75.212.255
last_activity
2025-06-13 04:00:37.608000
last_warden_event
2025-05-16 15:52:06.315000
rep
0.0
reserved_range
0
Shodan's InternetDB
Open ports: 22, 3389, 5357, 5985, 9999
Tags: self-signed
CPEs: cpe:/a:openbsd:openssh:8.9p1, cpe:/o:canonical:ubuntu_linux
ts_added
2025-05-11 15:32:39.321000
ts_last_update
2025-07-02 15:32:40.365000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses