IP address

Search at other sites:

.12489.248.168.239no-reverse-dns-configured.com

Shodan(more info)

Passive DNS

IP blacklists

CI Army

89.248.168.239 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-07-08 02:50:00.843000
Was present on blacklist at: 2025-04-30 02:50, 2025-05-02 02:50, 2025-05-03 02:50, 2025-05-04 02:50, 2025-05-06 02:50, 2025-05-07 02:50, 2025-05-08 02:50, 2025-05-09 02:50, 2025-05-10 02:50, 2025-05-13 02:50, 2025-05-14 02:50, 2025-05-16 02:50, 2025-05-17 02:50, 2025-05-18 02:50, 2025-05-19 02:50, 2025-05-21 02:50, 2025-05-22 02:50, 2025-05-23 02:50, 2025-05-24 02:50, 2025-05-25 02:50, 2025-05-26 02:50, 2025-05-27 02:50, 2025-05-28 02:50, 2025-05-29 02:50, 2025-06-06 02:50, 2025-06-14 02:50, 2025-06-15 02:50, 2025-06-16 02:50, 2025-06-17 02:50, 2025-06-18 02:50, 2025-06-19 02:50, 2025-06-20 02:50, 2025-06-26 02:50, 2025-06-27 02:50, 2025-06-28 02:50, 2025-06-29 02:50, 2025-06-30 02:50, 2025-07-01 02:50, 2025-07-02 02:50, 2025-07-03 02:50, 2025-07-04 02:50, 2025-07-05 02:50, 2025-07-06 02:50, 2025-07-07 02:50, 2025-07-08 02:50

UCEPROTECT L1

89.248.168.239 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-20 07:45:00.563000
Was present on blacklist at: 2025-06-13 15:45, 2025-06-13 23:45, 2025-06-14 07:45, 2025-06-14 15:45, 2025-06-14 23:45, 2025-06-15 07:45, 2025-06-15 15:45, 2025-06-15 23:45, 2025-06-16 07:45, 2025-06-16 15:45, 2025-06-16 23:45, 2025-06-17 07:45, 2025-06-17 15:45, 2025-06-17 23:45, 2025-06-18 07:45, 2025-06-18 15:45, 2025-06-18 23:45, 2025-06-19 07:45, 2025-06-19 15:45, 2025-06-19 23:45, 2025-06-20 07:45

AbuseIPDB

89.248.168.239 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-07-06 04:00:00.753000
Was present on blacklist at: 2025-06-14 04:00, 2025-06-15 04:00, 2025-06-16 04:00, 2025-06-27 04:00, 2025-07-06 04:00

Spamhaus XBL CBL

89.248.168.239 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-07-02 03:13:20.518000
Was present on blacklist at: 2025-06-18 03:13, 2025-06-25 03:13

Warden events (1303)

2025-07-05

ReconScanning (node.4dc198): 1

ReconScanning (node.9c1411): 2

2025-07-03

ReconScanning (node.9c1411): 1

2025-07-02

ReconScanning (node.4dc198): 3

2025-06-15

ReconScanning (node.4dc198): 276

ReconScanning (node.368407): 274

ReconScanning (node.9c1411): 75

2025-06-14

ReconScanning (node.9c1411): 65

ReconScanning (node.4dc198): 287

ReconScanning (node.368407): 284

2025-06-13

ReconScanning (node.9c1411): 5

ReconScanning (node.4dc198): 14

ReconScanning (node.368407): 14

2025-06-12

ReconScanning (node.9c1411): 2

DShield reports (IP summary, reports)

2025-04-29

Number of reports: 138

Distinct targets: 129

2025-05-01

Number of reports: 224

Distinct targets: 142

2025-05-05

Number of reports: 219

Distinct targets: 139

2025-05-07

Number of reports: 226

Distinct targets: 142

2025-05-12

Number of reports: 227

Distinct targets: 141

2025-05-15

Number of reports: 188

Distinct targets: 151

2025-05-20

Number of reports: 116

Distinct targets: 68

2025-05-21

Number of reports: 131

Distinct targets: 61

2025-05-24

Number of reports: 244

Distinct targets: 146

2025-06-05

Number of reports: 226

Distinct targets: 134

2025-06-12

Number of reports: 40

Distinct targets: 23

2025-06-13

Number of reports: 178

Distinct targets: 133

2025-06-14

Number of reports: 360

Distinct targets: 313

2025-06-15

Number of reports: 331

Distinct targets: 292

2025-06-25

Number of reports: 114

Distinct targets: 97

2025-06-27

Number of reports: 97

Distinct targets: 55

2025-07-01

Number of reports: 197

Distinct targets: 118

2025-07-02

Number of reports: 59

Distinct targets: 24

2025-07-05

Number of reports: 70

Distinct targets: 64

2025-07-06

Number of reports: 230

Distinct targets: 150

2025-07-07

Number of reports: 140

Distinct targets: 97

Origin AS

AS202425 - INT-NETWORK

BGP Prefix

89.248.168.0/24

geo

Netherlands, Amsterdam

🕑 Europe/Amsterdam

hostname

no-reverse-dns-configured.com

Address block ('inetnum' or 'NetRange' in whois database)

89.248.160.0 - 89.248.175.255

last_activity

2025-07-05 21:43:51

last_warden_event

2025-07-05 21:43:51

rep

0.12351190476190475

reserved_range

0

Shodan's InternetDB

Open ports: 22, 8888

Tags: scanner

CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.2p1

ts_added

2025-04-30 03:13:12.421000

ts_last_update

2025-07-08 05:00:20.703000

Warden event timeline

DShield event timeline

Presence on blacklists