IP address


.00389.218.58.42
Shodan(more info)
Passive DNS
Tags:
IP blacklists
Spamhaus SBL CSS
89.218.58.42 is listed on the Spamhaus SBL CSS blacklist.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-24 11:42:40.248000
Was present on blacklist at: 2026-04-01 11:42, 2026-04-29 11:42, 2026-05-20 11:42, 2026-06-03 11:42, 2026-06-10 11:42, 2026-06-24 11:42
Spamhaus XBL CBL
89.218.58.42 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-24 11:42:40.248000
Was present on blacklist at: 2026-04-01 11:42, 2026-04-15 11:42, 2026-04-22 11:42, 2026-04-29 11:42, 2026-06-03 11:42, 2026-06-10 11:42, 2026-06-17 11:42, 2026-06-24 11:42
UCEPROTECT L1
89.218.58.42 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 07:45:00.510000
Was present on blacklist at: 2026-04-17 07:45, 2026-04-17 15:45, 2026-04-17 23:45, 2026-04-18 07:45, 2026-04-18 15:45, 2026-04-18 23:45, 2026-04-19 07:45, 2026-04-19 15:45, 2026-04-19 23:45, 2026-04-20 07:45, 2026-04-20 15:45, 2026-04-20 23:45, 2026-04-21 07:45, 2026-04-21 15:45, 2026-04-21 23:45, 2026-04-22 07:45, 2026-04-22 15:45, 2026-04-22 23:45, 2026-04-23 07:45, 2026-04-23 15:45, 2026-04-23 23:45, 2026-04-26 07:45, 2026-04-30 07:45

Threat categories

TLRoleCategoryDetails
28 src scan port: 445

Warden events (24)
2026-06-26
ReconScanning (node.9c1411): 1
2026-06-18
ReconScanning (node.9c1411): 3
2026-06-17
ReconScanning (node.9c1411): 1
2026-06-14
ReconScanning (node.9c1411): 2
2026-05-27
ReconScanning (node.9c1411): 1
2026-05-15
ReconScanning (node.9c1411): 1
2026-04-26
ReconScanning (node.9c1411): 3
2026-04-21
ReconScanning (node.9c1411): 1
2026-04-20
ReconScanning (node.9c1411): 1
2026-04-10
ReconScanning (node.9c1411): 6
2026-04-09
ReconScanning (node.9c1411): 4
DShield reports (IP summary, reports)
2026-05-10
Number of reports: 29
Distinct targets: 5
2026-05-11
Number of reports: 10
Distinct targets: 5
Origin AS
AS9198 - KAZTELECOM-AS
BGP Prefix
89.218.0.0/16
geo
Kazakhstan, Almaty
🕑 Asia/Almaty
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
89.218.0.0 - 89.218.255.255
last_activity
2026-06-26 11:43:51
last_warden_event
2026-06-26 11:43:51
rep
0.0031022477067188525
reserved_range
0
Shodan's InternetDB
Open ports: 8080
Tags:
CPEs: cpe:/a:microsoft:internet_information_services:10.0, cpe:/o:microsoft:windows
ts_added
2025-10-29 11:42:36.209000
ts_last_update
2026-06-30 11:42:40.079000

Warden event timeline

DShield event timeline

Presence on blacklists