IP address


.02189.248.163.119no-reverse-dns-configured.com
Shodan(more info)
Passive DNS
Tags:
IP blacklists
DShield Block
89.248.163.119 was recently listed on the DShield Block blacklist, but currently it is not.

Description: Recommended Block List by DShield.org. It summarizes the top 20 attacking<br>class C (/24) subnets over the last three days.
Type of feed: secondary (feed detail page)

Last checked at: 2023-09-22 04:50:00
Was present on blacklist at: 2023-06-25 04:50, 2023-07-03 04:50, 2023-07-06 04:50, 2023-07-09 04:50, 2023-07-12 04:50, 2023-07-18 04:50, 2023-07-20 04:50, 2023-08-03 04:50, 2023-08-22 04:50, 2023-08-23 04:50, 2023-08-24 04:50, 2023-08-25 04:50, 2023-08-27 04:50, 2023-08-30 04:50, 2023-08-31 04:50, 2023-09-01 04:50, 2023-09-02 04:50, 2023-09-03 04:50, 2023-09-07 04:50, 2023-09-09 04:50, 2023-09-12 04:50, 2023-09-13 04:50, 2023-09-15 04:50, 2023-09-17 04:50, 2023-09-18 04:50, 2023-09-20 04:50, 2023-09-21 04:50
Turris greylist
89.248.163.119 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2023-06-26 21:15:00.182000
Was present on blacklist at: 2023-06-26 21:15
Blacklists.co RDP
89.248.163.119 is listed on the Blacklists.co RDP blacklist.

Description: Blacklists.co blocklist contains RDP Malicious Addresses.
Type of feed: primary (feed detail page)

Last checked at: 2023-09-22 05:05:00.697000
Was present on blacklist at: 2023-06-25 05:05, 2023-06-26 05:05, 2023-06-27 05:05, 2023-06-28 05:05, 2023-06-29 05:05, 2023-06-30 05:05, 2023-07-01 05:05, 2023-07-02 05:05, 2023-07-03 05:05, 2023-07-04 05:05, 2023-07-05 05:05, 2023-07-06 05:05, 2023-07-07 05:05, 2023-07-08 05:05, 2023-07-09 05:05, 2023-07-10 05:05, 2023-07-11 05:05, 2023-07-12 05:05, 2023-07-13 05:05, 2023-07-14 05:05, 2023-07-15 05:05, 2023-07-16 05:05, 2023-07-17 05:05, 2023-07-18 05:05, 2023-07-19 05:05, 2023-07-20 05:05, 2023-09-22 05:05
Blacklists.co WWW
89.248.163.119 is listed on the Blacklists.co WWW blacklist.

Description: Blacklists.co blocklist contains WWW Malicious Addresses.
Type of feed: primary (feed detail page)

Last checked at: 2023-09-22 05:05:00.808000
Was present on blacklist at: 2023-06-25 05:05, 2023-06-26 05:05, 2023-06-27 05:05, 2023-06-28 05:05, 2023-06-29 05:05, 2023-06-30 05:05, 2023-07-01 05:05, 2023-07-02 05:05, 2023-07-03 05:05, 2023-07-04 05:05, 2023-07-05 05:05, 2023-07-06 05:05, 2023-07-07 05:05, 2023-07-08 05:05, 2023-07-09 05:05, 2023-07-10 05:05, 2023-07-11 05:05, 2023-07-12 05:05, 2023-07-13 05:05, 2023-09-22 05:05
Blacklists.co MSSQL
89.248.163.119 is listed on the Blacklists.co MSSQL blacklist.

Description: Blacklists.co blocklist contains MSSQL Malicious Addresses.
Type of feed: primary (feed detail page)

Last checked at: 2023-09-22 05:05:00.680000
Was present on blacklist at: 2023-09-22 05:05
Warden events (34)
2023-09-17
ReconScanning (node.1e6360): 1
2023-08-16
ReconScanning (node.bd32ad): 1
ReconScanning (node.1e6360): 1
2023-06-26
ReconScanning (node.8cbf96): 5
2023-06-25
ReconScanning (node.8cbf96): 20
2023-06-24
ReconScanning (node.8cbf96): 6
DShield reports (IP summary, reports)
2023-06-24
Number of reports: 4969
Distinct targets: 4813
2023-06-25
Number of reports: 6366
Distinct targets: 6051
2023-06-26
Number of reports: 2514
Distinct targets: 2381
2023-06-29
Number of reports: 10
Distinct targets: 10
2023-07-08
Number of reports: 1678
Distinct targets: 1674
2023-07-10
Number of reports: 937
Distinct targets: 932
2023-07-16
Number of reports: 403
Distinct targets: 403
2023-07-17
Number of reports: 529
Distinct targets: 529
2023-07-19
Number of reports: 1126
Distinct targets: 1125
2023-07-28
Number of reports: 1674
Distinct targets: 1674
2023-07-30
Number of reports: 2040
Distinct targets: 2033
2023-08-01
Number of reports: 973
Distinct targets: 972
2023-08-06
Number of reports: 565
Distinct targets: 564
2023-08-15
Number of reports: 2150
Distinct targets: 2150
2023-08-22
Number of reports: 1744
Distinct targets: 867
2023-08-31
Number of reports: 2153
Distinct targets: 2152
2023-09-03
Number of reports: 6455
Distinct targets: 4301
2023-09-04
Number of reports: 1412
Distinct targets: 705
2023-09-08
Number of reports: 2049
Distinct targets: 2049
2023-09-11
Number of reports: 929
Distinct targets: 929
2023-09-14
Number of reports: 1130
Distinct targets: 564
2023-09-19
Number of reports: 706
Distinct targets: 705
OTX pulses
[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot
Author name:georgengelmann
Pulse modified:2023-06-25 11:02:12.007000
Indicator created:2023-05-26 14:00:02
Indicator role:trojan
Indicator title:Blaster, Trojan from no-reverse-dns-configured.com port 47018
Indicator expiration:2023-06-25 14:00:00
Origin AS
AS202425 - INT-NETWORK
AS35539 - INFOLINK-T-AS
BGP Prefix
89.248.163.0/24
fmp
{'general': 0.40745219588279724}
geo
Netherlands, Amsterdam
🕑 Europe/Amsterdam
hostname
no-reverse-dns-configured.com
Address block ('inetnum' or 'NetRange' in whois database)
89.248.160.0 - 89.248.175.255
last_activity
2023-09-17 17:48:11
last_warden_event
2023-09-17 17:48:11
rep
0.02142857142857143
reserved_range
0
ts_added
2023-05-13 05:06:42.613000
ts_last_update
2023-09-22 05:17:24.445000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses