IP address

Search at other sites:
.00864.89.160.96
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
Spamhaus SBL
64.89.160.96 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-02-14 15:49:20.065000
Was present on blacklist at: 2026-01-31 15:49, 2026-02-07 15:49, 2026-02-14 15:49
Spamhaus DROP
64.89.160.96 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-02-14 15:49:20.065000
Was present on blacklist at: 2026-01-31 15:49, 2026-02-07 15:49, 2026-02-14 15:49
AbuseIPDB
64.89.160.96 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-02-03 05:00:00.625000
Was present on blacklist at: 2026-02-02 05:00, 2026-02-03 05:00
Turris greylist
64.89.160.96 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-02-04 22:15:00.171000
Was present on blacklist at: 2026-02-02 22:15, 2026-02-03 22:15, 2026-02-04 22:15
Spamhaus XBL CBL
64.89.160.96 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-02-14 15:49:20.065000
Was present on blacklist at: 2026-02-07 15:49

Threat categories

TLRoleCategoryDetails
No threat category tags assigned
Warden events (708)
2026-02-02
ReconScanning (node.4dc198): 112
ReconScanning (node.368407): 61
AnomalyTraffic (node.ffe95c): 1
2026-02-01
ReconScanning (node.368407): 155
ReconScanning (node.4dc198): 177
AnomalyTraffic (node.ffe95c): 1
2026-01-31
ReconScanning (node.4dc198): 99
ReconScanning (node.368407): 98
AnomalyTraffic (node.ffe95c): 4
Origin AS
AS205759 - GHOSTYNETWORKS
BGP Prefix
64.89.160.0/24
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
64.89.160.0 - 64.89.163.255
last_activity
2026-02-02 13:26:29
last_warden_event
2026-02-02 13:26:29
rep
0.008333333333333333
reserved_range
0
Shodan's InternetDB
Open ports: 3389
Tags: self-signed
CPEs:
ts_added
2026-01-31 15:49:12.950000
ts_last_update
2026-02-15 15:49:20.851000

Warden event timeline

DShield event timeline

Presence on blacklists