89.248.162.139

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Incrediserve Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Port Scan: TCP/8089	2019-11-11 03:05:07
attackbots	Port Scan: TCP/8089	2019-11-10 18:26:40
attackbots	11/06/2019-17:40:02.548676 89.248.162.139 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-07 09:06:33
attackspambots	11/05/2019-23:57:51.362050 89.248.162.139 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-06 13:18:00
attack	Port Scan: TCP/8089	2019-10-30 13:21:27

Comments on same subnet:

IP	Type	Details	Datetime
89.248.162.220	attackspambots	TCP port : 17916	2020-09-24 23:18:41
89.248.162.220	attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-24 15:05:42
89.248.162.220	attack	Port scan on 17 port(s): 17010 17211 17223 17254 17327 17345 17382 17466 17535 17573 17681 17766 17819 17833 17843 17870 17942	2020-09-24 06:32:15
89.248.162.164	attackbots	[H1.VM1] Blocked by UFW	2020-09-24 00:09:59
89.248.162.220	attack	[MK-VM2] Blocked by UFW	2020-09-23 21:49:51
89.248.162.164	attackspam	[H1.VM10] Blocked by UFW	2020-09-23 16:18:26
89.248.162.220	attackbots	Port scan on 3 port(s): 17010 17466 17535	2020-09-23 14:09:28
89.248.162.164	attackbotsspam	Multiport scan : 322 ports scanned 15001 15004 15005 15010 15012 15016 15018 15020 15023 15024 15026 15031 15035 15036 15037 15040 15041 15042 15043 15047 15050 15056 15058 15059 15060 15064 15067 15071 15075 15091 15097 15110 15118 15125 15126 15130 15133 15135 15136 15138 15145 15147 15154 15157 15165 15166 15168 15170 15171 15173 15176 15180 15182 15183 15185 15186 15188 15192 15194 15195 15196 15199 15204 15205 15206 15209 15214 .....	2020-09-23 08:14:30
89.248.162.220	attack	Sep 22 22:56:34 [host] kernel: [1140215.045497] [U Sep 22 22:56:52 [host] kernel: [1140233.187816] [U Sep 22 23:09:13 [host] kernel: [1140974.205783] [U Sep 22 23:09:58 [host] kernel: [1141019.021954] [U Sep 22 23:15:25 [host] kernel: [1141345.728775] [U Sep 22 23:19:13 [host] kernel: [1141574.230190] [U	2020-09-23 05:58:34
89.248.162.220	attackspam	[H1.VM10] Blocked by UFW	2020-09-22 20:59:09
89.248.162.220	attackspam	Port scan on 18 port(s): 17065 17121 17148 17181 17293 17319 17346 17374 17449 17500 17506 17606 17621 17707 17749 17926 17958 17964	2020-09-22 05:08:30
89.248.162.161	attackbots	[MK-VM4] Blocked by UFW	2020-09-21 22:33:10
89.248.162.161	attackspam	Sep 20 23:24:20 [host] kernel: [969092.177410] [UF Sep 20 23:25:34 [host] kernel: [969165.574653] [UF Sep 20 23:25:40 [host] kernel: [969172.074859] [UF Sep 20 23:27:24 [host] kernel: [969275.599172] [UF Sep 20 23:31:20 [host] kernel: [969511.944720] [UF Sep 20 23:31:29 [host] kernel: [969520.395010] [UF	2020-09-21 14:19:02
89.248.162.161	attack	Sep 20 23:24:20 [host] kernel: [969092.177410] [UF Sep 20 23:25:34 [host] kernel: [969165.574653] [UF Sep 20 23:25:40 [host] kernel: [969172.074859] [UF Sep 20 23:27:24 [host] kernel: [969275.599172] [UF Sep 20 23:31:20 [host] kernel: [969511.944720] [UF Sep 20 23:31:29 [host] kernel: [969520.395010] [UF	2020-09-21 06:09:40
89.248.162.247	attack	TCP port : 3309	2020-09-19 21:37:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.248.162.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51933
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.248.162.139.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102901 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 13:21:23 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 139.162.248.89.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.162.248.89.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.126.224.107	attack	May 1 06:47:29 server1 sshd\[9559\]: Failed password for invalid user admin from 177.126.224.107 port 52176 ssh2 May 1 06:51:57 server1 sshd\[8805\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.126.224.107 user=root May 1 06:51:59 server1 sshd\[8805\]: Failed password for root from 177.126.224.107 port 35182 ssh2 May 1 06:56:32 server1 sshd\[8666\]: Invalid user gp from 177.126.224.107 May 1 06:56:32 server1 sshd\[8666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.126.224.107 ...	2020-05-01 23:34:20
51.38.71.191	attackspam	May 1 20:28:58 webhost01 sshd[29545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.71.191 May 1 20:28:59 webhost01 sshd[29545]: Failed password for invalid user git from 51.38.71.191 port 47780 ssh2 ...	2020-05-01 23:07:45
216.244.250.72	attackspambots	DATE:2020-05-01 13:48:41, IP:216.244.250.72, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-01 23:27:15
139.199.32.57	attack	[Aegis] @ 2019-12-31 21:23:25 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-05-01 23:03:58
198.108.66.199	attack	27017/tcp 1900/udp 8089/tcp... [2020-03-19/05-01]9pkt,7pt.(tcp),1pt.(udp)	2020-05-01 23:15:27
36.90.44.2	attackspambots	Lines containing failures of 36.90.44.2 May 1 13:42:19 shared05 sshd[26114]: Invalid user user from 36.90.44.2 port 57465 May 1 13:42:20 shared05 sshd[26114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.90.44.2 May 1 13:42:22 shared05 sshd[26114]: Failed password for invalid user user from 36.90.44.2 port 57465 ssh2 May 1 13:42:22 shared05 sshd[26114]: Connection closed by invalid user user 36.90.44.2 port 57465 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=36.90.44.2	2020-05-01 23:31:58
61.220.196.1	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-01 23:25:36
114.26.45.235	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-01 22:58:30
63.82.48.245	attackspambots	May 1 15:00:00 mail.srvfarm.net postfix/smtpd[1274237]: NOQUEUE: reject: RCPT from unknown[63.82.48.245]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= May 1 15:00:36 mail.srvfarm.net postfix/smtpd[1274215]: NOQUEUE: reject: RCPT from unknown[63.82.48.245]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= May 1 15:00:40 mail.srvfarm.net postfix/smtpd[1274325]: NOQUEUE: reject: RCPT from unknown[63.82.48.245]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= May 1 15:01:29 mail.srvfarm.net postfix/smtpd[1271594]: NOQUEUE: reject: RCPT from unknown[63.82.48.245]: 450 4.1.8	2020-05-01 22:52:56
179.106.41.17	attackspambots	May 1 08:48:40 firewall sshd[5028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.106.41.17 May 1 08:48:40 firewall sshd[5028]: Invalid user spc from 179.106.41.17 May 1 08:48:42 firewall sshd[5028]: Failed password for invalid user spc from 179.106.41.17 port 48618 ssh2 ...	2020-05-01 23:26:08
115.23.172.118	attackspambots	3306/tcp 1433/tcp... [2020-02-29/04-30]93pkt,2pt.(tcp)	2020-05-01 23:25:09
198.108.66.203	attackspam	27017/tcp 1521/tcp 8089/tcp... [2020-03-11/05-01]9pkt,8pt.(tcp)	2020-05-01 23:17:02
87.18.209.135	attackbots	Unauthorized connection attempt detected from IP address 87.18.209.135 to port 5555	2020-05-01 23:11:39
27.34.48.167	attack	May 1 16:42:07 ArkNodeAT sshd\[16653\]: Invalid user ubnt from 27.34.48.167 May 1 16:42:07 ArkNodeAT sshd\[16653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.34.48.167 May 1 16:42:09 ArkNodeAT sshd\[16653\]: Failed password for invalid user ubnt from 27.34.48.167 port 46508 ssh2	2020-05-01 23:17:48
71.6.233.237	attack	2083/tcp 2323/tcp 12443/tcp... [2020-03-05/05-01]5pkt,5pt.(tcp)	2020-05-01 23:05:49

Recently Reported IPs

88.198.176.44	153.68.184.110	2.112.141.167	59.220.42.104
19.240.10.157	202.24.94.54	174.76.233.2	236.161.17.43
204.245.223.241	248.82.200.117	51.98.179.161	147.170.70.174
62.21.79.114	44.8.196.21	76.194.28.47	12.192.187.251
210.181.31.1	156.193.169.119	177.38.183.138	22.193.79.167