IP address

Search at other sites:
.21480.64.19.217
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
UCEPROTECT L1
80.64.19.217 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-09-15 15:45:00.568000
Was present on blacklist at: 2025-09-05 15:45, 2025-09-05 23:45, 2025-09-06 07:45, 2025-09-06 15:45, 2025-09-06 23:45, 2025-09-07 07:45, 2025-09-07 15:45, 2025-09-07 23:45, 2025-09-08 07:45, 2025-09-08 15:45, 2025-09-08 23:45, 2025-09-09 07:45, 2025-09-09 15:45, 2025-09-09 23:45, 2025-09-10 07:45, 2025-09-10 15:45, 2025-09-10 23:45, 2025-09-11 07:45, 2025-09-11 15:45, 2025-09-11 23:45, 2025-09-12 07:45, 2025-09-12 15:45, 2025-09-12 23:45, 2025-09-13 07:45, 2025-09-13 15:45, 2025-09-13 23:45, 2025-09-14 07:45, 2025-09-14 15:45, 2025-09-14 23:45, 2025-09-15 07:45, 2025-09-15 15:45
Spamhaus SBL
80.64.19.217 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-09-12 16:01:02.118000
Was present on blacklist at: 2025-09-05 16:00, 2025-09-12 16:01
Spamhaus DROP
80.64.19.217 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-09-12 16:01:02.118000
Was present on blacklist at: 2025-09-05 16:00, 2025-09-12 16:01
Warden events (88)
2025-09-12
ReconScanning (node.9c1411): 14
2025-09-11
ReconScanning (node.9c1411): 16
2025-09-10
ReconScanning (node.9c1411): 30
2025-09-09
ReconScanning (node.9c1411): 12
2025-09-08
ReconScanning (node.9c1411): 16
OTX pulses
[68bad70c24d017161f126923] 2025-09-05 12:26:52.210000 | RDP honeypot logs for 2025/09/05
Author name:jnazario
Pulse modified:2025-09-05 12:26:52.210000
Indicator created:2025-09-05 12:26:53
Indicator role:None
Indicator title:
Indicator expiration:2025-10-05 12:00:00
[68bd7a4336941ca149f222f9] 2025-09-07 12:27:47.721000 | RDP honeypot logs for 2025/09/07
Author name:jnazario
Pulse modified:2025-09-07 12:27:47.721000
Indicator created:2025-09-07 12:27:49
Indicator role:None
Indicator title:
Indicator expiration:2025-10-07 12:00:00
[68becb5d3c84541f2624382c] 2025-09-08 12:26:05.240000 | RDP honeypot logs for 2025/09/08
Author name:jnazario
Pulse modified:2025-09-08 12:26:05.240000
Indicator created:2025-09-08 12:26:06
Indicator role:None
Indicator title:
Indicator expiration:2025-10-08 12:00:00
Origin AS
AS213021 - PRIME-AS
AS216341 - OPTIMA-AS
BGP Prefix
80.64.19.0/24
geo
United Arab Emirates
🕑 Asia/Dubai
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
80.64.16.0 - 80.64.19.255
last_activity
2025-09-12 17:39:00
last_warden_event
2025-09-12 17:39:00
rep
0.21427198137555806
reserved_range
0
ts_added
2025-09-05 16:00:51.511000
ts_last_update
2025-09-15 16:01:01.203000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses