IP address

Search at other sites:
.18389.248.170.9no-reverse-dns-configured.com
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
UCEPROTECT L1
89.248.170.9 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-07-01 07:45:00.941000
Was present on blacklist at: 2025-05-14 23:45, 2025-05-15 07:45, 2025-05-15 15:45, 2025-05-15 23:45, 2025-05-16 07:45, 2025-05-16 15:45, 2025-05-16 23:45, 2025-05-17 07:45, 2025-05-17 15:45, 2025-05-17 23:45, 2025-05-18 07:45, 2025-05-18 15:45, 2025-05-18 23:45, 2025-05-19 07:45, 2025-05-19 15:45, 2025-05-19 23:45, 2025-05-20 07:45, 2025-05-20 15:45, 2025-05-20 23:45, 2025-05-21 07:45, 2025-05-21 15:45, 2025-05-21 23:45, 2025-05-22 07:45, 2025-05-22 15:45, 2025-06-24 15:45, 2025-06-24 23:45, 2025-06-25 07:45, 2025-06-25 15:45, 2025-06-25 23:45, 2025-06-26 07:45, 2025-06-26 15:45, 2025-06-26 23:45, 2025-06-27 07:45, 2025-06-27 15:45, 2025-06-27 23:45, 2025-06-28 07:45, 2025-06-28 15:45, 2025-06-28 23:45, 2025-06-29 07:45, 2025-06-29 15:45, 2025-06-29 23:45, 2025-06-30 07:45, 2025-06-30 15:45, 2025-06-30 23:45, 2025-07-01 07:45
AbuseIPDB
89.248.170.9 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-06-30 04:00:00.627000
Was present on blacklist at: 2025-05-16 04:00, 2025-05-17 04:00, 2025-05-18 04:00, 2025-05-24 04:00, 2025-05-25 04:00, 2025-05-28 04:00, 2025-05-29 04:00, 2025-05-30 04:00, 2025-06-02 04:00, 2025-06-03 04:00, 2025-06-07 04:00, 2025-06-08 04:00, 2025-06-16 04:00, 2025-06-17 04:00, 2025-06-29 04:00, 2025-06-30 04:00
CI Army
89.248.170.9 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-06-07 02:50:00.879000
Was present on blacklist at: 2025-05-26 02:50, 2025-05-30 02:50, 2025-05-31 02:50, 2025-06-01 02:50, 2025-06-02 02:50, 2025-06-03 02:50, 2025-06-04 02:50, 2025-06-05 02:50, 2025-06-06 02:50, 2025-06-07 02:50
Warden events (1809)
2025-06-30
ReconScanning (node.9c1411): 38
2025-06-29
ReconScanning (node.4dc198): 109
ReconScanning (node.9c1411): 54
2025-06-28
ReconScanning (node.4dc198): 12
2025-06-16
ReconScanning (node.4dc198): 18
ReconScanning (node.9c1411): 7
2025-06-15
ReconScanning (node.4dc198): 272
ReconScanning (node.9c1411): 67
2025-06-07
ReconScanning (node.4dc198): 255
2025-06-06
ReconScanning (node.4dc198): 43
2025-06-02
ReconScanning (node.4dc198): 56
2025-06-01
ReconScanning (node.4dc198): 239
2025-05-28
ReconScanning (node.4dc198): 120
2025-05-27
ReconScanning (node.4dc198): 171
2025-05-24
ReconScanning (node.4dc198): 132
2025-05-23
ReconScanning (node.4dc198): 140
2025-05-17
ReconScanning (node.4dc198): 76
DShield reports (IP summary, reports)
2025-05-17
Number of reports: 76
Distinct targets: 44
2025-05-18
Number of reports: 182
Distinct targets: 105
2025-05-23
Number of reports: 31
Distinct targets: 20
2025-05-24
Number of reports: 205
Distinct targets: 114
2025-05-25
Number of reports: 24
Distinct targets: 20
2025-05-28
Number of reports: 181
Distinct targets: 107
2025-05-29
Number of reports: 196
Distinct targets: 165
2025-05-30
Number of reports: 21
Distinct targets: 17
2025-06-01
Number of reports: 45
Distinct targets: 35
2025-06-02
Number of reports: 147
Distinct targets: 86
2025-06-06
Number of reports: 14
Distinct targets: 10
2025-06-07
Number of reports: 77
Distinct targets: 58
2025-06-08
Number of reports: 157
Distinct targets: 81
2025-06-15
Number of reports: 67
Distinct targets: 44
2025-06-16
Number of reports: 169
Distinct targets: 98
2025-06-29
Number of reports: 180
Distinct targets: 121
2025-06-30
Number of reports: 70
Distinct targets: 51
OTX pulses
[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot
Author name:georgengelmann
Pulse modified:2025-06-13 19:59:05.448000
Indicator created:2025-05-14 21:55:07
Indicator role:bruteforce
Indicator title:RDP intrusion attempt from no-reverse-dns-configured.com port 58877
Indicator expiration:2025-06-13 21:00:00
Origin AS
AS202425 - INT-NETWORK
BGP Prefix
89.248.170.0/24
geo
Netherlands, Amsterdam
🕑 Europe/Amsterdam
hostname
no-reverse-dns-configured.com
Address block ('inetnum' or 'NetRange' in whois database)
89.248.160.0 - 89.248.175.255
last_activity
2025-06-30 10:31:05
last_warden_event
2025-06-30 10:31:05
rep
0.1833217075892857
reserved_range
0
Shodan's InternetDB
Open ports: 22
Tags: scanner
CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:9.6p1
ts_added
2025-05-15 00:02:18.357000
ts_last_update
2025-07-02 00:02:20.815000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses