IP address

Search at other sites:

.000170.64.175.157

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus SBL CSS

170.64.175.157 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-14 11:12:40.870000
Was present on blacklist at: 2025-11-30 11:12

Spamhaus XBL CBL

170.64.175.157 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-12-14 11:12:40.870000
Was present on blacklist at: 2025-11-30 11:12, 2025-12-07 11:12

FireHOL anonymizers

170.64.175.157 is listed on the FireHOL anonymizers blacklist.

Description: List of anonymizing IPs, aggregated from multiple lists by FireHOL.
Type of feed: secondary (feed detail page)

Last checked at: 2025-12-15 12:05:09
Was present on blacklist at: 2025-11-30 12:05, 2025-12-01 12:05, 2025-12-02 12:05, 2025-12-03 12:05, 2025-12-04 12:05, 2025-12-05 12:05, 2025-12-06 12:05, 2025-12-07 12:05, 2025-12-08 12:05, 2025-12-09 12:05, 2025-12-10 12:05, 2025-12-11 12:05, 2025-12-12 12:05, 2025-12-13 12:05, 2025-12-14 12:05, 2025-12-15 12:05

Turris greylist

170.64.175.157 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-11-30 22:15:00.157000
Was present on blacklist at: 2025-11-30 22:15

CI Army

170.64.175.157 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-12-04 03:50:00.961000
Was present on blacklist at: 2025-12-01 03:50, 2025-12-02 03:50, 2025-12-03 03:50, 2025-12-04 03:50

AbuseIPDB

170.64.175.157 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-12-01 05:00:00.647000
Was present on blacklist at: 2025-12-01 05:00

Warden events (11)

2025-11-30

ReconScanning (node.4dc198): 11

DShield reports (IP summary, reports)

2025-11-30

Number of reports: 272

Distinct targets: 71

2025-12-01

Number of reports: 72

Distinct targets: 27

2025-12-02

Number of reports: 72

Distinct targets: 27

Origin AS

AS14061 - DIGITALOCEAN-ASN

BGP Prefix

170.64.128.0/18

geo

Australia, Sydney

🕑 Australia/Sydney

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

170.64.128.0 - 170.64.255.255

last_activity

2025-11-30 21:57:30

last_warden_event

2025-11-30 21:57:30

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 443, 2222

Tags: cloud, self-signed

CPEs: cpe:/o:linux:linux_kernel, cpe:/a:openbsd:openssh:9.2p1, cpe:/a:apache:http_server:2.4.58, cpe:/o:debian:debian_linux, cpe:/o:canonical:ubuntu_linux

ts_added

2025-11-30 11:12:32.374000

ts_last_update

2025-12-15 11:12:41.252000

Warden event timeline

DShield event timeline

Presence on blacklists