IP address


.45589.248.168.227no-reverse-dns-configured.com
Shodan(more info)
Passive DNS
Tags:
IP blacklists
AbuseIPDB
89.248.168.227 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-06-28 04:00:00.636000
Was present on blacklist at: 2026-04-05 04:00, 2026-04-12 04:00, 2026-04-19 04:00, 2026-04-22 04:00, 2026-04-23 04:00, 2026-04-26 04:00, 2026-05-03 04:00, 2026-05-06 04:00, 2026-05-17 04:00, 2026-06-04 04:00, 2026-06-05 04:00, 2026-06-06 04:00, 2026-06-07 04:00, 2026-06-14 04:00, 2026-06-28 04:00
Spamhaus XBL CBL
89.248.168.227 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-29 22:08:10.323000
Was present on blacklist at: 2026-04-06 22:08, 2026-04-13 22:08, 2026-05-04 22:08, 2026-05-11 22:08, 2026-05-18 22:08, 2026-05-25 22:08, 2026-06-01 22:08, 2026-06-08 22:08, 2026-06-15 22:08, 2026-06-22 22:08, 2026-06-29 22:08
blocklist.de bots
89.248.168.227 is listed on the blocklist.de bots blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the RFI-Attacks,<br>REG-Bots, IRC-Bots or BadBots.
Type of feed: primary (feed detail page)

Last checked at: 2026-06-13 16:05:00.193000
Was present on blacklist at: 2026-05-06 04:05, 2026-05-06 10:05, 2026-05-06 16:05, 2026-05-06 22:05, 2026-05-07 04:05, 2026-05-07 10:05, 2026-05-07 16:05, 2026-05-07 22:05, 2026-05-08 04:05, 2026-05-08 10:05, 2026-05-12 16:05, 2026-05-12 22:05, 2026-05-13 04:05, 2026-05-13 10:05, 2026-05-13 16:05, 2026-05-13 22:05, 2026-05-14 04:05, 2026-05-14 10:05, 2026-06-11 22:05, 2026-06-12 04:05, 2026-06-12 10:05, 2026-06-12 16:05, 2026-06-12 22:05, 2026-06-13 04:05, 2026-06-13 10:05, 2026-06-13 16:05
Echelon SSH bruteforce
89.248.168.227 is listed on the Echelon SSH bruteforce blacklist.

Description: Multiple SSH authentication attempts detected
Type of feed: primary (feed detail page)

Last checked at: 2026-06-07 09:35:00.325000
Was present on blacklist at: 2026-04-23 09:35, 2026-05-01 09:35, 2026-05-03 09:35, 2026-05-04 09:35, 2026-05-05 09:35, 2026-05-07 09:35, 2026-05-08 09:35, 2026-05-09 09:35, 2026-05-10 09:35, 2026-05-11 09:35, 2026-05-12 09:35, 2026-05-18 09:35, 2026-05-19 09:35, 2026-05-20 09:35, 2026-05-21 09:35, 2026-05-31 09:35, 2026-06-01 09:35, 2026-06-02 09:35, 2026-06-03 09:35, 2026-06-04 09:35, 2026-06-05 09:35, 2026-06-06 09:35, 2026-06-07 09:35
blocklist.de SSH
89.248.168.227 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-05-02 22:05:05.114000
Was present on blacklist at: 2026-04-05 04:05, 2026-04-05 10:05, 2026-04-05 16:05, 2026-04-05 22:05, 2026-04-06 04:05, 2026-04-06 10:05, 2026-04-06 16:05, 2026-04-06 22:05, 2026-05-01 04:05, 2026-05-01 10:05, 2026-05-01 16:05, 2026-05-01 22:05, 2026-05-02 04:05, 2026-05-02 10:05, 2026-05-02 16:05, 2026-05-02 22:05
CI Army
89.248.168.227 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-06-28 02:50:00.860000
Was present on blacklist at: 2026-04-12 02:50, 2026-05-03 02:50, 2026-05-06 02:50, 2026-05-10 02:50, 2026-05-31 02:50, 2026-06-07 02:50, 2026-06-28 02:50
Echelon SSH connection attempt
89.248.168.227 is listed on the Echelon SSH connection attempt blacklist.

Description: SSH connection attempt detected on port 22 or 2222
Type of feed: primary (feed detail page)

Last checked at: 2026-07-03 09:35:00.451000
Was present on blacklist at: 2026-05-01 09:35, 2026-05-03 09:35, 2026-05-04 09:35, 2026-05-05 09:35, 2026-05-07 09:35, 2026-06-26 09:35, 2026-06-27 09:35, 2026-06-28 09:35, 2026-06-29 09:35, 2026-06-30 09:35, 2026-07-01 09:35, 2026-07-02 09:35, 2026-07-03 09:35
Echelon TLS/SSL crawler
89.248.168.227 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-07-03 09:40:00.284000
Was present on blacklist at: 2026-05-01 09:40, 2026-05-04 09:40, 2026-05-05 09:40, 2026-05-07 09:40, 2026-05-08 09:40, 2026-05-09 09:40, 2026-05-10 09:40, 2026-05-11 09:40, 2026-05-12 09:40, 2026-05-13 09:40, 2026-05-19 09:40, 2026-07-01 09:40, 2026-07-02 09:40, 2026-07-03 09:40
Echelon web crawler
89.248.168.227 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-05-07 09:50:01.466000
Was present on blacklist at: 2026-05-01 09:50, 2026-05-03 09:50, 2026-05-04 09:50, 2026-05-05 09:50, 2026-05-07 09:50
Echelon telnet bruteforce
89.248.168.227 is listed on the Echelon telnet bruteforce blacklist.

Description: Multiple telnet authentication attempts detected
Type of feed: primary (feed detail page)

Last checked at: 2026-07-03 09:45:00.280000
Was present on blacklist at: 2026-05-05 09:45, 2026-05-07 09:45, 2026-05-08 09:45, 2026-05-09 09:45, 2026-05-10 09:45, 2026-05-11 09:45, 2026-05-12 09:45, 2026-06-05 09:45, 2026-06-06 09:45, 2026-06-07 09:45, 2026-06-08 09:45, 2026-06-09 09:45, 2026-06-10 09:45, 2026-07-03 09:45
UCEPROTECT L1
89.248.168.227 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-06-30 15:45:00.597000
Was present on blacklist at: 2026-05-06 07:45, 2026-05-06 15:45, 2026-05-06 23:45, 2026-05-07 07:45, 2026-05-07 15:45, 2026-05-07 23:45, 2026-05-08 07:45, 2026-05-08 15:45, 2026-05-08 23:45, 2026-05-09 07:45, 2026-05-09 15:45, 2026-05-09 23:45, 2026-05-10 07:45, 2026-05-10 15:45, 2026-05-10 23:45, 2026-05-11 07:45, 2026-05-11 15:45, 2026-05-11 23:45, 2026-05-12 07:45, 2026-05-12 15:45, 2026-05-12 23:45, 2026-05-13 07:45, 2026-05-13 15:45, 2026-05-13 23:45, 2026-05-14 07:45, 2026-05-14 15:45, 2026-05-14 23:45, 2026-05-15 07:45, 2026-05-15 15:45, 2026-05-15 23:45, 2026-05-16 07:45, 2026-05-16 15:45, 2026-05-16 23:45, 2026-05-17 07:45, 2026-05-17 15:45, 2026-05-17 23:45, 2026-05-18 07:45, 2026-05-18 15:45, 2026-05-18 23:45, 2026-05-19 07:45, 2026-05-19 15:45, 2026-05-19 23:45, 2026-05-20 07:45, 2026-05-20 15:45, 2026-05-20 23:45, 2026-05-21 07:45, 2026-05-21 15:45, 2026-05-21 23:45, 2026-06-02 15:45, 2026-06-02 23:45, 2026-06-03 07:45, 2026-06-03 15:45, 2026-06-03 23:45, 2026-06-04 07:45, 2026-06-04 15:45, 2026-06-04 23:45, 2026-06-05 07:45, 2026-06-05 15:45, 2026-06-05 23:45, 2026-06-06 07:45, 2026-06-06 15:45, 2026-06-06 23:45, 2026-06-07 07:45, 2026-06-07 15:45, 2026-06-07 23:45, 2026-06-08 07:45, 2026-06-08 15:45, 2026-06-08 23:45, 2026-06-09 07:45, 2026-06-09 15:45, 2026-06-09 23:45, 2026-06-10 07:45, 2026-06-10 15:45, 2026-06-10 23:45, 2026-06-11 07:45, 2026-06-11 15:45, 2026-06-11 23:45, 2026-06-12 07:45, 2026-06-12 15:45, 2026-06-12 23:45, 2026-06-13 07:45, 2026-06-13 15:45, 2026-06-13 23:45, 2026-06-14 07:45, 2026-06-14 15:45, 2026-06-14 23:45, 2026-06-15 07:45, 2026-06-15 15:45, 2026-06-15 23:45, 2026-06-16 07:45, 2026-06-16 15:45, 2026-06-16 23:45, 2026-06-17 07:45, 2026-06-17 15:45, 2026-06-17 23:45, 2026-06-18 15:45, 2026-06-18 23:45, 2026-06-19 07:45, 2026-06-19 15:45, 2026-06-19 23:45, 2026-06-20 07:45, 2026-06-20 15:45, 2026-06-20 23:45, 2026-06-21 07:45, 2026-06-21 15:45, 2026-06-21 23:45, 2026-06-22 07:45, 2026-06-22 15:45, 2026-06-22 23:45, 2026-06-23 07:45, 2026-06-23 15:45, 2026-06-23 23:45, 2026-06-24 07:45, 2026-06-24 15:45, 2026-06-24 23:45, 2026-06-25 07:45, 2026-06-25 15:45, 2026-06-25 23:45, 2026-06-26 07:45, 2026-06-26 15:45, 2026-06-26 23:45, 2026-06-27 07:45, 2026-06-27 15:45, 2026-06-27 23:45, 2026-06-28 07:45, 2026-06-28 15:45, 2026-06-28 23:45, 2026-06-29 07:45, 2026-06-29 15:45, 2026-06-29 23:45, 2026-06-30 07:45, 2026-06-30 15:45

Threat categories

TLRoleCategoryDetails
44 src scan
43 src
40 src login protocol: ssh, telnet
port: 22, 23, 2222

Warden events (415)
2026-06-30
IntrusionUserCompromise (node.cfb4f7): 36
2026-06-28
IntrusionUserCompromise (node.cfb4f7): 12
2026-06-25
IntrusionUserCompromise (node.cfb4f7): 6
AttemptLogin (node.b17ef8): 1
2026-06-23
IntrusionUserCompromise (node.cfb4f7): 15
2026-06-21
IntrusionUserCompromise (node.cfb4f7): 12
2026-06-18
IntrusionUserCompromise (node.cfb4f7): 12
2026-06-16
IntrusionUserCompromise (node.cfb4f7): 15
2026-06-14
AttemptLogin (node.b17ef8): 1
IntrusionUserCompromise (node.cfb4f7): 12
2026-06-11
IntrusionUserCompromise (node.cfb4f7): 6
2026-06-09
IntrusionUserCompromise (node.cfb4f7): 9
2026-06-07
IntrusionUserCompromise (node.cfb4f7): 6
2026-06-04
IntrusionUserCompromise (node.cfb4f7): 12
AttemptLogin (node.b17ef8): 1
2026-06-02
IntrusionUserCompromise (node.cfb4f7): 15
2026-05-31
IntrusionUserCompromise (node.cfb4f7): 6
2026-05-29
IntrusionUserCompromise (node.cfb4f7): 3
2026-05-28
IntrusionUserCompromise (node.cfb4f7): 6
2026-05-26
IntrusionUserCompromise (node.cfb4f7): 3
2026-05-24
IntrusionUserCompromise (node.cfb4f7): 6
2026-05-21
IntrusionUserCompromise (node.cfb4f7): 9
2026-05-19
IntrusionUserCompromise (node.cfb4f7): 12
2026-05-17
IntrusionUserCompromise (node.cfb4f7): 6
2026-05-14
IntrusionUserCompromise (node.cfb4f7): 6
AttemptLogin (node.b17ef8): 1
2026-05-12
IntrusionUserCompromise (node.cfb4f7): 6
AttemptLogin (node.b17ef8): 1
2026-05-10
AttemptLogin (node.b17ef8): 1
2026-05-06
IntrusionUserCompromise (node.cfb4f7): 18
AttemptLogin (node.b17ef8): 1
2026-05-03
IntrusionUserCompromise (node.cfb4f7): 11
2026-04-30
IntrusionUserCompromise (node.cfb4f7): 6
2026-04-28
IntrusionUserCompromise (node.cfb4f7): 3
AttemptLogin (node.b17ef8): 1
2026-04-26
IntrusionUserCompromise (node.cfb4f7): 9
2026-04-22
IntrusionUserCompromise (node.cfb4f7): 12
2026-04-21
IntrusionUserCompromise (node.cfb4f7): 9
2026-04-19
IntrusionUserCompromise (node.cfb4f7): 21
2026-04-16
IntrusionUserCompromise (node.cfb4f7): 9
2026-04-14
IntrusionUserCompromise (node.cfb4f7): 18
2026-04-12
IntrusionUserCompromise (node.cfb4f7): 24
AttemptLogin (node.b17ef8): 1
2026-04-09
IntrusionUserCompromise (node.cfb4f7): 12
AttemptLogin (node.b17ef8): 1
2026-04-07
IntrusionUserCompromise (node.cfb4f7): 12
2026-04-05
AttemptLogin (node.b17ef8): 1
IntrusionUserCompromise (node.cfb4f7): 9
DShield reports (IP summary, reports)
2026-04-05
Number of reports: 586
Distinct targets: 422
2026-04-07
Number of reports: 497
Distinct targets: 373
2026-04-09
Number of reports: 526
Distinct targets: 411
2026-04-12
Number of reports: 545
Distinct targets: 416
2026-04-14
Number of reports: 547
Distinct targets: 401
2026-04-15
Number of reports: 547
Distinct targets: 401
2026-04-16
Number of reports: 457
Distinct targets: 376
2026-04-20
Number of reports: 497
Distinct targets: 377
2026-04-21
Number of reports: 539
Distinct targets: 431
2026-04-22
Number of reports: 548
Distinct targets: 442
2026-04-26
Number of reports: 557
Distinct targets: 421
2026-04-27
Number of reports: 557
Distinct targets: 421
2026-05-01
Number of reports: 590
Distinct targets: 443
2026-05-04
Number of reports: 536
Distinct targets: 429
2026-05-05
Number of reports: 551
Distinct targets: 444
2026-05-06
Number of reports: 1342
Distinct targets: 756
2026-05-07
Number of reports: 584
Distinct targets: 419
2026-05-08
Number of reports: 584
Distinct targets: 419
2026-05-11
Number of reports: 263
Distinct targets: 262
2026-05-13
Number of reports: 606
Distinct targets: 466
2026-05-20
Number of reports: 520
Distinct targets: 403
2026-05-25
Number of reports: 512
Distinct targets: 387
2026-05-26
Number of reports: 212
Distinct targets: 212
2026-05-27
Number of reports: 212
Distinct targets: 212
2026-05-29
Number of reports: 1116
Distinct targets: 704
2026-06-01
Number of reports: 251
Distinct targets: 247
2026-06-02
Number of reports: 614
Distinct targets: 478
2026-06-03
Number of reports: 614
Distinct targets: 478
2026-06-05
Number of reports: 619
Distinct targets: 458
2026-06-08
Number of reports: 616
Distinct targets: 441
2026-06-09
Number of reports: 632
Distinct targets: 476
2026-06-10
Number of reports: 632
Distinct targets: 476
2026-06-16
Number of reports: 541
Distinct targets: 437
2026-06-18
Number of reports: 596
Distinct targets: 463
2026-06-21
Number of reports: 484
Distinct targets: 407
2026-06-23
Number of reports: 488
Distinct targets: 404
2026-06-28
Number of reports: 499
Distinct targets: 398
2026-07-02
Number of reports: 602
Distinct targets: 451
Origin AS
AS202425 - INT-NETWORK
BGP Prefix
89.248.168.0/24
geo
Netherlands, Amsterdam
🕑 Europe/Amsterdam
hostname
no-reverse-dns-configured.com
Address block ('inetnum' or 'NetRange' in whois database)
89.248.160.0 - 89.248.175.255
last_activity
2026-06-30 13:48:37
last_warden_event
2026-06-30 13:48:37
otx_pulses
[]
rep
0.45533396680080596
reserved_range
0
ts_added
2024-08-19 22:08:09.389000
ts_last_update
2026-07-03 22:08:10.908000

Warden event timeline

DShield event timeline

Presence on blacklists