89.38.96.55 Threat Intelligence and Host Information

Dec 02, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 89.38.96.55 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: cisco, conpot, cowrie, dionaea, email, heralding, honeytrap, LAMP, mailoney, malicious, sentrypeer, sftp, sip, ssh, tanner

  • View other sources: Spamhaus VirusTotal

  • Country: Netherlands
  • Network:
  • Noticed: 7 times
  • Protocols Attacked: Anonymous Proxy

Open Ports Detected

11000 11027 11075 11112 11180 11210 11211 11288 11300 11371 11434 11443 11680 11688 11920 12000 12001 12056 12082 12088 12103 12108 12112 12114 12116 12118 12124 12128 12130 12135 12139 12140 12144 12146 12147 12149 12150 12151 12152 12154 12157 12158 12162 12164 12165 12166 12168 12174 12175 12178 12180 12185 12194 12195 12199 12200 12201 12205 12208 12209 12214 12215 12217 12219 12220 12224 12225 12227 12233 12234 12235 12237 12241 12244 12246 12248 12249 12253 12254 12257 12258 12259 12260 12264 12265 12273 12274 12276 12278 12281 12283 12284 12287 12288 12292 12296 12297 12299 12300 12301 12302 12303 12304 12305 12307 12311 12313 12315 12324 12329 12333 12334 12335 12337 12339 12341 12344 12345 12349 12350 12352 12354 12355 12361 12362 12364 12372 12375 12376 12377 12383 12384 12385 12391 12392 12393 12394 12402 12412 12413 12414 12419 12429 12433 12434 12435 12436 12441 12443 12446 12447 12449 12450 12451 12457 12460 12461 12462 12465 12468 12469 12470 12472 12474 12475 12477 12479 12487 12491 12492 12496 12498 12504 12506 12510 12514 12516 12518 12521 12522 12524 12525 12526 12530 12531 12532 12534 12540 12542 12552 12556 12559 12560 12563 12567 12572 12574 12577 12587 12588 12589 12601 12902 13084 13128 13380 13579 14147 14265 161 2111 2122 22 4150 80 8100 8101

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-44487 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-23419 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

  • inetnum: 89.38.96.0 - 89.38.96.255
  • netname: WORLDSTREAM
  • country: NL
  • admin-c: WS1670-RIPE
  • tech-c: WS1670-RIPE
  • status: ASSIGNED PA
  • mnt-by: MNT-WORLDSTREAM
  • mnt-domains: MNT-WORLDSTREAM
  • mnt-routes: MNT-WORLDSTREAM
  • created: 2018-12-18T10:24:18Z
  • last-modified: 2018-12-18T10:24:18Z
  • role: WORLDSTREAM DBM
  • address: Industriestraat 24
  • address: 2671CT NAALDWIJK
  • address: The Netherlands
  • phone: +31174712117
  • abuse-mailbox: abuse@worldstream.nl
  • admin-c: DV1495-RIPE
  • tech-c: DV1495-RIPE
  • nic-hdl: WS1670-RIPE
  • mnt-by: MNT-WORLDSTREAM
  • created: 2008-05-15T09:52:38Z
  • last-modified: 2013-08-20T11:17:59Z
  • route: 89.38.96.0/24
  • origin: AS49981
  • mnt-by: MNT-WORLDSTREAM
  • created: 2022-11-18T15:12:39Z
  • last-modified: 2022-11-18T15:12:39Z

Links to attack logs

anonymous-proxy-ip-list-2025-12-01

Share on: