IP address

Search at other sites:

.00089.248.168.239no-reverse-dns-configured.com

Shodan(more info)

Passive DNS

IP blacklists

CI Army

89.248.168.239 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-03-06 03:50:00.974000
Was present on blacklist at: 2026-01-26 03:50, 2026-01-27 03:50, 2026-01-28 03:50, 2026-01-29 03:50, 2026-01-30 03:50, 2026-01-31 03:50, 2026-02-01 03:50, 2026-02-02 03:50, 2026-02-03 03:50, 2026-02-04 03:50, 2026-02-05 03:50, 2026-02-06 03:50, 2026-02-07 03:50, 2026-02-08 03:50, 2026-02-09 03:50, 2026-02-11 03:50, 2026-02-12 03:50, 2026-02-13 03:50, 2026-02-14 03:50, 2026-02-15 03:50, 2026-02-16 03:50, 2026-02-17 03:50, 2026-02-18 03:50, 2026-02-19 03:50, 2026-02-20 03:50, 2026-02-21 03:50, 2026-02-22 03:50, 2026-02-23 03:50, 2026-02-24 03:50, 2026-02-25 03:50, 2026-02-26 03:50, 2026-02-27 03:50, 2026-02-28 03:50, 2026-03-04 03:50, 2026-03-05 03:50, 2026-03-06 03:50

AbuseIPDB

89.248.168.239 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-24 04:00:00.660000
Was present on blacklist at: 2026-02-09 05:00, 2026-02-10 05:00, 2026-02-11 05:00, 2026-02-13 05:00, 2026-02-15 05:00, 2026-02-17 05:00, 2026-02-19 05:00, 2026-02-20 05:00, 2026-02-21 05:00, 2026-02-23 05:00, 2026-02-24 05:00, 2026-02-25 05:00, 2026-02-26 05:00, 2026-02-28 05:00, 2026-03-01 05:00, 2026-03-02 05:00, 2026-03-03 05:00, 2026-03-04 05:00, 2026-03-05 05:00, 2026-03-06 05:00, 2026-03-10 05:00, 2026-03-11 05:00, 2026-03-12 05:00, 2026-03-13 05:00, 2026-03-14 05:00, 2026-03-15 05:00, 2026-03-16 05:00, 2026-03-19 05:00, 2026-03-20 05:00, 2026-03-21 05:00, 2026-03-22 05:00, 2026-03-23 05:00, 2026-03-24 05:00, 2026-03-25 05:00, 2026-03-26 05:00, 2026-03-28 05:00, 2026-03-29 04:00, 2026-03-30 04:00, 2026-03-31 04:00, 2026-04-01 04:00, 2026-04-02 04:00, 2026-04-03 04:00, 2026-04-04 04:00, 2026-04-05 04:00, 2026-04-06 04:00, 2026-04-07 04:00, 2026-04-08 04:00, 2026-04-10 04:00, 2026-04-11 04:00, 2026-04-12 04:00, 2026-04-13 04:00, 2026-04-14 04:00, 2026-04-15 04:00, 2026-04-16 04:00, 2026-04-17 04:00, 2026-04-19 04:00, 2026-04-20 04:00, 2026-04-22 04:00, 2026-04-23 04:00, 2026-04-24 04:00

blocklist.de Apache

89.248.168.239 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the service<br>Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-25 23:05:05.206000
Was present on blacklist at: 2026-02-23 17:05, 2026-02-23 23:05, 2026-02-24 05:05, 2026-02-24 11:05, 2026-02-24 17:05, 2026-02-24 23:05, 2026-02-25 05:05, 2026-02-25 11:05, 2026-02-25 17:05, 2026-02-25 23:05, 2026-02-26 05:05, 2026-02-26 11:05, 2026-02-26 17:05, 2026-02-26 23:05, 2026-02-27 05:05, 2026-02-27 11:05, 2026-02-27 17:05, 2026-02-28 23:05, 2026-03-01 05:05, 2026-03-01 11:05, 2026-03-01 17:05, 2026-03-01 23:05, 2026-03-02 05:05, 2026-03-02 17:05, 2026-03-02 23:05, 2026-03-03 05:05, 2026-03-05 11:05, 2026-03-06 11:05, 2026-03-09 11:05, 2026-03-09 23:05, 2026-03-10 05:05, 2026-03-10 11:05, 2026-03-10 23:05, 2026-03-11 05:05, 2026-03-11 11:05, 2026-03-11 17:05, 2026-03-11 23:05, 2026-03-12 05:05, 2026-03-12 11:05, 2026-03-12 17:05, 2026-03-13 05:05, 2026-03-14 05:05, 2026-03-14 11:05, 2026-03-14 17:05, 2026-03-14 23:05, 2026-03-15 05:05, 2026-03-15 11:05, 2026-03-15 17:05, 2026-03-15 23:05, 2026-03-19 05:05, 2026-03-19 11:05, 2026-03-19 17:05, 2026-03-19 23:05, 2026-03-20 05:05, 2026-03-20 11:05, 2026-03-20 17:05, 2026-03-20 23:05, 2026-03-21 05:05, 2026-03-21 11:05, 2026-03-21 17:05, 2026-03-21 23:05, 2026-03-22 05:05, 2026-03-22 11:05, 2026-03-22 17:05, 2026-03-22 23:05, 2026-03-23 05:05, 2026-03-23 11:05, 2026-03-23 17:05, 2026-03-23 23:05, 2026-03-24 05:05, 2026-03-24 11:05, 2026-03-24 17:05, 2026-03-24 23:05, 2026-03-25 05:05, 2026-03-25 11:05, 2026-03-25 17:05, 2026-03-25 23:05

Turris greylist

89.248.168.239 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-03 22:15:00.119000
Was present on blacklist at: 2026-02-24 22:15, 2026-02-25 22:15, 2026-02-27 22:15, 2026-03-01 22:15, 2026-03-02 22:15, 2026-03-03 22:15

blocklist.de web-login

89.248.168.239 is listed on the blocklist.de web-login blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs that attacks Joomla, Wordpress and<br>other Web-Logins with Brute-Force Logins.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-23 23:05:05.067000
Was present on blacklist at: 2026-02-24 23:05, 2026-02-25 05:05, 2026-02-25 11:05, 2026-02-25 17:05, 2026-02-25 23:05, 2026-02-26 05:05, 2026-02-26 11:05, 2026-02-26 17:05, 2026-02-26 23:05, 2026-02-27 05:05, 2026-02-27 11:05, 2026-02-27 17:05, 2026-03-06 11:05, 2026-03-10 11:05, 2026-03-11 17:05, 2026-03-11 23:05, 2026-03-20 05:05, 2026-03-20 11:05, 2026-03-20 17:05, 2026-03-21 17:05, 2026-03-22 11:05, 2026-03-22 17:05, 2026-03-22 23:05, 2026-03-23 23:05

Spamhaus XBL CBL

89.248.168.239 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-04-22 03:13:20.195000
Was present on blacklist at: 2026-02-25 03:13, 2026-03-04 03:13, 2026-03-11 03:13, 2026-03-18 03:13, 2026-03-25 03:13

UCEPROTECT L1

89.248.168.239 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-30 15:45:01.129000
Was present on blacklist at: 2026-02-26 00:45, 2026-02-27 08:45, 2026-02-27 16:45, 2026-02-28 08:45, 2026-03-01 16:45, 2026-03-02 08:45, 2026-03-02 16:45, 2026-03-03 00:45, 2026-03-03 08:45, 2026-03-03 16:45, 2026-03-04 00:45, 2026-03-04 08:45, 2026-03-04 16:45, 2026-03-05 00:45, 2026-03-05 08:45, 2026-03-05 16:45, 2026-03-06 00:45, 2026-03-06 08:45, 2026-03-09 08:45, 2026-03-09 16:45, 2026-03-10 00:45, 2026-03-10 08:45, 2026-03-10 16:45, 2026-03-11 00:45, 2026-03-11 08:45, 2026-03-11 16:45, 2026-03-12 00:45, 2026-03-12 08:45, 2026-03-12 16:45, 2026-03-13 00:45, 2026-03-13 08:45, 2026-03-13 16:45, 2026-03-14 00:45, 2026-03-14 08:45, 2026-03-14 16:45, 2026-03-15 00:45, 2026-03-15 08:45, 2026-03-15 16:45, 2026-03-16 00:45, 2026-03-16 08:45, 2026-03-16 16:45, 2026-03-17 00:45, 2026-03-17 08:45, 2026-03-17 16:45, 2026-03-18 00:45, 2026-03-18 08:45, 2026-03-18 16:45, 2026-03-19 00:45, 2026-03-19 08:45, 2026-03-19 16:45, 2026-03-20 00:45, 2026-03-20 08:45, 2026-03-20 16:45, 2026-03-21 00:45, 2026-03-21 08:45, 2026-03-21 16:45, 2026-03-22 00:45, 2026-03-22 08:45, 2026-03-22 16:45, 2026-03-23 00:45, 2026-03-23 08:45, 2026-03-23 16:45, 2026-03-24 00:45, 2026-03-24 08:45, 2026-03-24 16:45, 2026-03-25 00:45, 2026-03-25 08:45, 2026-03-25 16:45, 2026-03-26 00:45, 2026-03-26 08:45, 2026-03-26 16:45, 2026-03-27 00:45, 2026-03-27 08:45, 2026-03-27 16:45, 2026-03-28 00:45, 2026-03-28 08:45, 2026-03-28 16:45, 2026-03-29 00:45, 2026-03-29 07:45, 2026-03-29 15:45, 2026-03-29 23:45, 2026-03-30 07:45, 2026-03-30 15:45

blocklist.de bots

89.248.168.239 is listed on the blocklist.de bots blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing attacks on the RFI-Attacks,<br>REG-Bots, IRC-Bots or BadBots.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-13 23:05:05.118000
Was present on blacklist at: 2026-03-02 11:05, 2026-03-03 11:05, 2026-03-03 17:05, 2026-03-03 23:05, 2026-03-04 05:05, 2026-03-04 11:05, 2026-03-04 17:05, 2026-03-04 23:05, 2026-03-05 05:05, 2026-03-05 17:05, 2026-03-05 23:05, 2026-03-06 05:05, 2026-03-09 17:05, 2026-03-10 17:05, 2026-03-12 23:05, 2026-03-13 11:05, 2026-03-13 17:05, 2026-03-13 23:05

Echelon config file hunt

89.248.168.239 is listed on the Echelon config file hunt blacklist.

Description: Scanning for exposed configuration files
Type of feed: primary (feed detail page)

Last checked at: 2026-03-28 10:10:00.475000
Was present on blacklist at: 2026-03-05 10:10, 2026-03-06 10:10, 2026-03-11 10:10, 2026-03-12 10:10, 2026-03-13 10:10, 2026-03-14 10:10, 2026-03-15 10:10, 2026-03-16 10:10, 2026-03-17 10:10, 2026-03-18 10:10, 2026-03-19 10:10, 2026-03-20 10:10, 2026-03-21 10:10, 2026-03-22 10:10, 2026-03-23 10:10, 2026-03-24 10:10, 2026-03-25 10:10, 2026-03-26 10:10, 2026-03-27 10:10, 2026-03-28 10:10

Echelon web crawler

89.248.168.239 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-03-28 10:50:00.539000
Was present on blacklist at: 2026-03-05 10:50, 2026-03-06 10:50, 2026-03-09 10:50, 2026-03-10 10:50, 2026-03-11 10:50, 2026-03-12 10:50, 2026-03-14 10:50, 2026-03-16 10:50, 2026-03-17 10:50, 2026-03-18 10:50, 2026-03-19 10:50, 2026-03-20 10:50, 2026-03-21 10:50, 2026-03-22 10:50, 2026-03-23 10:50, 2026-03-24 10:50, 2026-03-25 10:50, 2026-03-26 10:50, 2026-03-27 10:50, 2026-03-28 10:50

Echelon admin panel hunt

89.248.168.239 is listed on the Echelon admin panel hunt blacklist.

Description: Scanning for administrative interfaces
Type of feed: primary (feed detail page)

Last checked at: 2026-03-12 10:05:00.521000
Was present on blacklist at: 2026-03-06 10:05, 2026-03-07 10:05, 2026-03-09 10:05, 2026-03-10 10:05, 2026-03-11 10:05, 2026-03-12 10:05

Echelon CMS enumeration

89.248.168.239 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-03-12 10:05:00.526000
Was present on blacklist at: 2026-03-06 10:05, 2026-03-07 10:05, 2026-03-09 10:05, 2026-03-10 10:05, 2026-03-11 10:05, 2026-03-12 10:05

Echelon TLS/SSL crawler

89.248.168.239 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-03-28 10:40:02.274000
Was present on blacklist at: 2026-03-06 10:40, 2026-03-09 10:40, 2026-03-10 10:40, 2026-03-11 10:40, 2026-03-12 10:40, 2026-03-14 10:40, 2026-03-15 10:40, 2026-03-16 10:40, 2026-03-17 10:40, 2026-03-18 10:40, 2026-03-19 10:40, 2026-03-20 10:40, 2026-03-21 10:40, 2026-03-22 10:40, 2026-03-23 10:40, 2026-03-24 10:40, 2026-03-25 10:40, 2026-03-26 10:40, 2026-03-27 10:40, 2026-03-28 10:40

Threat categories

TL	Role	Category	Details
25	src	—

---

Warden events (6676)

2026-03-24

ReconScanning (node.4dc198): 130

AnomalyTraffic (node.6a1878): 30

ReconScanning (node.368407): 45

ReconScanning (node.9c1411): 3

2026-03-23

ReconScanning (node.368407): 79

ReconScanning (node.4dc198): 263

AnomalyTraffic (node.6a1878): 72

ReconScanning (node.9c1411): 1

2026-03-22

ReconScanning (node.4dc198): 275

ReconScanning (node.368407): 94

ReconScanning (node.9c1411): 22

AnomalyTraffic (node.6a1878): 57

2026-03-21

ReconScanning (node.4dc198): 252

AnomalyTraffic (node.6a1878): 37

ReconScanning (node.368407): 90

ReconScanning (node.9c1411): 37

2026-03-20

ReconScanning (node.4dc198): 287

AnomalyTraffic (node.6a1878): 78

ReconScanning (node.368407): 91

ReconScanning (node.9c1411): 2

2026-03-19

AnomalyTraffic (node.6a1878): 55

ReconScanning (node.4dc198): 244

ReconScanning (node.368407): 81

ReconScanning (node.9c1411): 21

2026-03-14

ReconScanning (node.4dc198): 127

AnomalyTraffic (node.6a1878): 36

ReconScanning (node.368407): 52

ReconScanning (node.9c1411): 1

2026-03-13

ReconScanning (node.4dc198): 274

AnomalyTraffic (node.6a1878): 77

ReconScanning (node.368407): 75

ReconScanning (node.9c1411): 2

2026-03-12

ReconScanning (node.368407): 87

ReconScanning (node.4dc198): 210

AnomalyTraffic (node.ffe95c): 24

ReconScanning (node.9c1411): 11

AnomalyTraffic (node.6a1878): 43

2026-03-11

ReconScanning (node.4dc198): 237

ReconScanning (node.368407): 94

AnomalyTraffic (node.ffe95c): 53

ReconScanning (node.9c1411): 24

2026-03-10

ReconScanning (node.4dc198): 247

AnomalyTraffic (node.ffe95c): 65

ReconScanning (node.368407): 82

ReconScanning (node.9c1411): 13

2026-03-09

ReconScanning (node.4dc198): 282

AnomalyTraffic (node.ffe95c): 61

ReconScanning (node.368407): 97

ReconScanning (node.9c1411): 10

2026-03-08

ReconScanning (node.4dc198): 255

AnomalyTraffic (node.ffe95c): 73

ReconScanning (node.368407): 65

ReconScanning (node.9c1411): 2

2026-03-07

ReconScanning (node.4dc198): 233

ReconScanning (node.368407): 56

ReconScanning (node.9c1411): 36

AnomalyTraffic (node.ffe95c): 44

2026-03-06

AnomalyTraffic (node.ffe95c): 12

ReconScanning (node.4dc198): 233

ReconScanning (node.368407): 59

ReconScanning (node.9c1411): 55

2026-03-05

ReconScanning (node.9c1411): 57

ReconScanning (node.4dc198): 137

ReconScanning (node.368407): 16

AnomalyTraffic (node.ffe95c): 14

2026-03-04

ReconScanning (node.4dc198): 133

ReconScanning (node.9c1411): 64

ReconScanning (node.368407): 3

AnomalyTraffic (node.ffe95c): 8

2026-03-03

ReconScanning (node.9c1411): 70

ReconScanning (node.4dc198): 69

ReconScanning (node.368407): 2

2026-03-02

ReconScanning (node.9c1411): 65

ReconScanning (node.4dc198): 11

2026-03-01

ReconScanning (node.4dc198): 137

AnomalyTraffic (node.ffe95c): 38

ReconScanning (node.9c1411): 34

ReconScanning (node.368407): 4

2026-02-28

ReconScanning (node.4dc198): 22

ReconScanning (node.9c1411): 4

AnomalyTraffic (node.ffe95c): 5

ReconScanning (node.368407): 1

2026-02-09

AnomalyTraffic (node.ffe95c): 5

ReconScanning (node.368407): 12

ReconScanning (node.4dc198): 12

DShield reports (IP summary, reports)

2026-01-26

Number of reports: 101

Distinct targets: 62

2026-02-24

Number of reports: 19544

Distinct targets: 104

2026-02-25

Number of reports: 19544

Distinct targets: 104

2026-02-26

Number of reports: 181

Distinct targets: 114

2026-02-27

Number of reports: 204

Distinct targets: 96

2026-03-01

Number of reports: 506

Distinct targets: 87

2026-03-02

Number of reports: 12817

Distinct targets: 207

2026-03-03

Number of reports: 23963

Distinct targets: 402

2026-03-04

Number of reports: 39958

Distinct targets: 446

2026-03-05

Number of reports: 39958

Distinct targets: 446

2026-03-06

Number of reports: 822

Distinct targets: 186

2026-03-09

Number of reports: 922

Distinct targets: 187

2026-03-10

Number of reports: 923

Distinct targets: 195

2026-03-11

Number of reports: 881

Distinct targets: 200

2026-03-12

Number of reports: 921

Distinct targets: 194

2026-03-13

Number of reports: 921

Distinct targets: 194

2026-03-14

Number of reports: 487

Distinct targets: 188

2026-03-19

Number of reports: 880

Distinct targets: 187

2026-03-20

Number of reports: 882

Distinct targets: 185

2026-03-21

Number of reports: 975

Distinct targets: 190

2026-03-22

Number of reports: 913

Distinct targets: 187

2026-03-23

Number of reports: 912

Distinct targets: 196

2026-03-24

Number of reports: 912

Distinct targets: 196

OTX pulses

[699dac8622cf49a6caaf1df2] 2026-02-24 13:49:58.739000 | Apache honeypot logs for 24/Feb/2026

Author name:	jnazario
Pulse modified:	2026-02-24 13:49:58.739000
Indicator created:	2026-02-24 13:49:59
Indicator role:	None
Indicator title:
Indicator expiration:	2026-03-26 13:00:00

[69a58e9e2d7e67643309db51] 2026-03-02 13:20:30.643000 | Apache honeypot logs for 02/Mar/2026

Author name:	jnazario
Pulse modified:	2026-03-02 13:20:30.643000
Indicator created:	2026-03-02 13:20:31
Indicator role:	None
Indicator title:
Indicator expiration:	2026-04-01 13:00:00

[69a98489d5f13596ec3cb3bb] 2026-03-05 13:26:33.450000 | Apache honeypot logs for 05/Mar/2026

Author name:	jnazario
Pulse modified:	2026-03-05 13:26:33.450000
Indicator created:	2026-03-05 13:26:34
Indicator role:	None
Indicator title:
Indicator expiration:	2026-04-04 13:00:00

Origin AS

AS202425 - INT-NETWORK

BGP Prefix

89.248.168.0/24

geo

Netherlands, Amsterdam

🕑 Europe/Amsterdam

hostname

no-reverse-dns-configured.com

Address block ('inetnum' or 'NetRange' in whois database)

89.248.160.0 - 89.248.175.255

last_activity

2026-03-24 10:44:19

last_warden_event

2026-03-24 10:44:19

rep

0.0

reserved_range

0

ts_added

2025-04-30 03:13:12.421000

ts_last_update

2026-04-26 03:13:20.154000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses