IP address

Search at other sites:

.07689.248.163.108

Shodan(more info)

Passive DNS

IP blacklists

DShield Block

89.248.163.108 was recently listed on the DShield Block blacklist, but currently it is not.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2025-07-06 04:50:00
Was present on blacklist at: 2025-05-17 04:50, 2025-05-18 04:50, 2025-05-19 04:50, 2025-05-20 04:50

CI Army

89.248.163.108 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-07-06 02:50:00.891000
Was present on blacklist at: 2025-05-22 02:50, 2025-05-24 02:50, 2025-05-25 02:50, 2025-05-26 02:50, 2025-05-27 02:50, 2025-05-28 02:50, 2025-05-29 02:50, 2025-05-30 02:50, 2025-05-31 02:50, 2025-06-01 02:50, 2025-06-03 02:50, 2025-06-04 02:50, 2025-06-06 02:50, 2025-06-07 02:50, 2025-06-08 02:50, 2025-06-09 02:50, 2025-06-10 02:50, 2025-06-11 02:50, 2025-06-13 02:50, 2025-06-14 02:50, 2025-06-16 02:50, 2025-06-17 02:50, 2025-06-18 02:50, 2025-06-19 02:50, 2025-06-20 02:50, 2025-06-21 02:50, 2025-06-23 02:50, 2025-06-24 02:50, 2025-06-25 02:50, 2025-06-26 02:50, 2025-06-27 02:50, 2025-06-28 02:50, 2025-06-29 02:50, 2025-06-30 02:50, 2025-07-01 02:50, 2025-07-03 02:50, 2025-07-04 02:50, 2025-07-05 02:50, 2025-07-06 02:50

Spamhaus XBL CBL

89.248.163.108 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-07-05 05:17:35.937000
Was present on blacklist at: 2025-05-24 05:18, 2025-06-14 05:15

Turris greylist

89.248.163.108 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-07-05 21:15:00.193000
Was present on blacklist at: 2025-05-25 21:15, 2025-05-29 21:15, 2025-05-31 21:15, 2025-06-01 21:15, 2025-06-03 21:15, 2025-06-04 21:15, 2025-06-06 21:15, 2025-06-07 21:15, 2025-06-10 21:15, 2025-06-15 21:15, 2025-06-16 21:15, 2025-06-19 21:15, 2025-06-21 21:15, 2025-06-22 21:15, 2025-06-24 21:15, 2025-06-26 21:15, 2025-06-28 21:15, 2025-06-30 21:15, 2025-07-02 21:15, 2025-07-05 21:15

DataPlane TELNET login

89.248.163.108 is listed on the DataPlane TELNET login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs trying<br>an unsolicited login via TELNET password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-07-06 06:10:04.168000
Was present on blacklist at: 2025-06-30 02:10, 2025-06-30 06:10, 2025-06-30 14:10, 2025-06-30 18:10, 2025-07-01 02:10, 2025-07-01 06:10, 2025-07-01 14:10, 2025-07-01 18:10, 2025-07-02 02:10, 2025-07-02 06:10, 2025-07-02 14:10, 2025-07-02 18:10, 2025-07-03 02:10, 2025-07-03 06:10, 2025-07-03 14:10, 2025-07-03 18:10, 2025-07-04 02:10, 2025-07-04 06:10, 2025-07-04 14:10, 2025-07-04 18:10, 2025-07-05 02:10, 2025-07-05 06:10, 2025-07-05 14:10, 2025-07-05 18:10, 2025-07-06 02:10, 2025-07-06 06:10

AbuseIPDB

89.248.163.108 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-07-05 04:00:00.727000
Was present on blacklist at: 2025-07-03 04:00, 2025-07-05 04:00

Warden events (54)

2025-07-05

ReconScanning (node.f90c6b): 17

2025-06-25

ReconScanning (node.f90c6b): 18

2025-06-15

ReconScanning (node.f90c6b): 16

2025-05-23

ReconScanning (node.f90c6b): 3

DShield reports (IP summary, reports)

2025-05-16

Number of reports: 4006

Distinct targets: 2000

2025-05-18

Number of reports: 999

Distinct targets: 999

2025-05-19

Number of reports: 537

Distinct targets: 43

2025-05-20

Number of reports: 11

Distinct targets: 6

2025-05-21

Number of reports: 65

Distinct targets: 34

2025-05-23

Number of reports: 2609

Distinct targets: 1126

2025-05-24

Number of reports: 5385

Distinct targets: 3709

2025-05-25

Number of reports: 3001

Distinct targets: 2802

2025-05-26

Number of reports: 14676

Distinct targets: 10817

2025-05-28

Number of reports: 6185

Distinct targets: 4602

2025-05-29

Number of reports: 5480

Distinct targets: 5363

2025-05-30

Number of reports: 5246

Distinct targets: 4727

2025-05-31

Number of reports: 2893

Distinct targets: 2564

2025-06-01

Number of reports: 3041

Distinct targets: 3041

2025-06-02

Number of reports: 9774

Distinct targets: 8370

2025-06-03

Number of reports: 6508

Distinct targets: 5352

2025-06-04

Number of reports: 8153

Distinct targets: 5626

2025-06-05

Number of reports: 4765

Distinct targets: 2777

2025-06-06

Number of reports: 10570

Distinct targets: 6640

2025-06-07

Number of reports: 8118

Distinct targets: 2988

2025-06-08

Number of reports: 1273

Distinct targets: 1169

2025-06-09

Number of reports: 5343

Distinct targets: 3917

2025-06-10

Number of reports: 3438

Distinct targets: 2439

2025-06-11

Number of reports: 4816

Distinct targets: 2528

2025-06-12

Number of reports: 1203

Distinct targets: 1119

2025-06-13

Number of reports: 638

Distinct targets: 638

2025-06-14

Number of reports: 2000

Distinct targets: 2000

2025-06-15

Number of reports: 3795

Distinct targets: 3795

2025-06-17

Number of reports: 1316

Distinct targets: 1316

2025-06-18

Number of reports: 4262

Distinct targets: 3999

2025-06-19

Number of reports: 5081

Distinct targets: 3760

2025-06-20

Number of reports: 6361

Distinct targets: 3233

2025-06-21

Number of reports: 11175

Distinct targets: 7521

2025-06-22

Number of reports: 6425

Distinct targets: 3932

2025-06-23

Number of reports: 1968

Distinct targets: 1965

2025-06-24

Number of reports: 6238

Distinct targets: 6238

2025-06-25

Number of reports: 797

Distinct targets: 599

2025-06-26

Number of reports: 915

Distinct targets: 915

2025-06-27

Number of reports: 4614

Distinct targets: 2914

2025-06-28

Number of reports: 3929

Distinct targets: 3929

2025-06-29

Number of reports: 3788

Distinct targets: 1757

2025-06-30

Number of reports: 2459

Distinct targets: 2408

2025-07-01

Number of reports: 7054

Distinct targets: 4262

2025-07-02

Number of reports: 6236

Distinct targets: 3670

2025-07-03

Number of reports: 6744

Distinct targets: 4179

2025-07-04

Number of reports: 5460

Distinct targets: 3676

2025-07-05

Number of reports: 5870

Distinct targets: 5348

OTX pulses

[6839a4236bdb4980de5c3ca2] 2025-05-30 12:27:15.927000 | RDP honeypot logs for 2025/05/30

Author name:	jnazario
Pulse modified:	2025-05-30 12:27:15.927000
Indicator created:	2025-05-30 12:27:16
Indicator role:	None
Indicator title:
Indicator expiration:	2025-06-29 12:00:00

Origin AS

AS202425 - INT-NETWORK

AS35539 - INFOLINK-T-AS

BGP Prefix

89.248.163.0/24

geo

Netherlands

🕑 Europe/Amsterdam

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

89.248.160.0 - 89.248.175.255

last_activity

2025-07-05 07:14:03

last_warden_event

2025-07-05 07:14:03

rep

0.07618994939894905

reserved_range

0

ts_added

2025-05-17 05:08:58.265000

ts_last_update

2025-07-06 07:02:42.427000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses