IP address


.14989.248.168.239no-reverse-dns-configured.com
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
CI Army
89.248.168.239 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-07-06 02:50:00.891000
Was present on blacklist at: 2025-04-30 02:50, 2025-05-02 02:50, 2025-05-03 02:50, 2025-05-04 02:50, 2025-05-06 02:50, 2025-05-07 02:50, 2025-05-08 02:50, 2025-05-09 02:50, 2025-05-10 02:50, 2025-05-13 02:50, 2025-05-14 02:50, 2025-05-16 02:50, 2025-05-17 02:50, 2025-05-18 02:50, 2025-05-19 02:50, 2025-05-21 02:50, 2025-05-22 02:50, 2025-05-23 02:50, 2025-05-24 02:50, 2025-05-25 02:50, 2025-05-26 02:50, 2025-05-27 02:50, 2025-05-28 02:50, 2025-05-29 02:50, 2025-06-06 02:50, 2025-06-14 02:50, 2025-06-15 02:50, 2025-06-16 02:50, 2025-06-17 02:50, 2025-06-18 02:50, 2025-06-19 02:50, 2025-06-20 02:50, 2025-06-26 02:50, 2025-06-27 02:50, 2025-06-28 02:50, 2025-06-29 02:50, 2025-06-30 02:50, 2025-07-01 02:50, 2025-07-02 02:50, 2025-07-03 02:50, 2025-07-04 02:50, 2025-07-05 02:50, 2025-07-06 02:50
UCEPROTECT L1
89.248.168.239 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-20 07:45:00.563000
Was present on blacklist at: 2025-06-13 15:45, 2025-06-13 23:45, 2025-06-14 07:45, 2025-06-14 15:45, 2025-06-14 23:45, 2025-06-15 07:45, 2025-06-15 15:45, 2025-06-15 23:45, 2025-06-16 07:45, 2025-06-16 15:45, 2025-06-16 23:45, 2025-06-17 07:45, 2025-06-17 15:45, 2025-06-17 23:45, 2025-06-18 07:45, 2025-06-18 15:45, 2025-06-18 23:45, 2025-06-19 07:45, 2025-06-19 15:45, 2025-06-19 23:45, 2025-06-20 07:45
AbuseIPDB
89.248.168.239 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-07-06 04:00:00.753000
Was present on blacklist at: 2025-06-14 04:00, 2025-06-15 04:00, 2025-06-16 04:00, 2025-06-27 04:00, 2025-07-06 04:00
Spamhaus XBL CBL
89.248.168.239 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-07-02 03:13:20.518000
Was present on blacklist at: 2025-06-18 03:13, 2025-06-25 03:13
Warden events (1303)
2025-07-05
ReconScanning (node.4dc198): 1
ReconScanning (node.9c1411): 2
2025-07-03
ReconScanning (node.9c1411): 1
2025-07-02
ReconScanning (node.4dc198): 3
2025-06-15
ReconScanning (node.4dc198): 276
ReconScanning (node.368407): 274
ReconScanning (node.9c1411): 75
2025-06-14
ReconScanning (node.9c1411): 65
ReconScanning (node.4dc198): 287
ReconScanning (node.368407): 284
2025-06-13
ReconScanning (node.9c1411): 5
ReconScanning (node.4dc198): 14
ReconScanning (node.368407): 14
2025-06-12
ReconScanning (node.9c1411): 2
DShield reports (IP summary, reports)
2025-04-29
Number of reports: 138
Distinct targets: 129
2025-05-01
Number of reports: 224
Distinct targets: 142
2025-05-05
Number of reports: 219
Distinct targets: 139
2025-05-07
Number of reports: 226
Distinct targets: 142
2025-05-12
Number of reports: 227
Distinct targets: 141
2025-05-15
Number of reports: 188
Distinct targets: 151
2025-05-20
Number of reports: 116
Distinct targets: 68
2025-05-21
Number of reports: 131
Distinct targets: 61
2025-05-24
Number of reports: 244
Distinct targets: 146
2025-06-05
Number of reports: 226
Distinct targets: 134
2025-06-12
Number of reports: 40
Distinct targets: 23
2025-06-13
Number of reports: 178
Distinct targets: 133
2025-06-14
Number of reports: 360
Distinct targets: 313
2025-06-15
Number of reports: 331
Distinct targets: 292
2025-06-25
Number of reports: 114
Distinct targets: 97
2025-06-27
Number of reports: 97
Distinct targets: 55
2025-07-01
Number of reports: 197
Distinct targets: 118
2025-07-02
Number of reports: 59
Distinct targets: 24
2025-07-05
Number of reports: 70
Distinct targets: 64
Origin AS
AS202425 - INT-NETWORK
BGP Prefix
89.248.168.0/24
geo
Netherlands, Amsterdam
🕑 Europe/Amsterdam
hostname
no-reverse-dns-configured.com
Address block ('inetnum' or 'NetRange' in whois database)
89.248.160.0 - 89.248.175.255
last_activity
2025-07-05 21:43:51
last_warden_event
2025-07-05 21:43:51
rep
0.14910714285714285
reserved_range
0
Shodan's InternetDB
Open ports: 22, 8888
Tags: scanner
CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.2p1
ts_added
2025-04-30 03:13:12.421000
ts_last_update
2025-07-06 05:00:45.252000

Warden event timeline

DShield event timeline

Presence on blacklists