Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Incrediserve Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackbotsspam
firewall-block, port(s): 1052/tcp, 1053/tcp
2019-06-30 07:18:28
attackbotsspam
¯\_(ツ)_/¯
2019-06-26 08:36:58
attackbots
24.06.2019 12:06:31 Connection to port 1034 blocked by firewall
2019-06-24 23:14:36
Comments on same subnet:
IP Type Details Datetime
89.248.168.226 attack
Scan port
2023-03-21 13:42:59
89.248.168.226 attack
Scan port
2023-02-20 13:47:15
89.248.168.112 attackbots
" "
2020-10-14 09:18:12
89.248.168.157 attack
firewall-block, port(s): 2551/tcp
2020-10-13 13:05:44
89.248.168.157 attackbots
firewall-block, port(s): 2550/tcp
2020-10-13 05:52:28
89.248.168.157 attack
ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 2080 proto: tcp cat: Misc Attackbytes: 60
2020-10-11 02:13:51
89.248.168.112 attackbots
firewall-block, port(s): 5269/tcp
2020-10-10 22:40:01
89.248.168.157 attackspam
Port Scan: TCP/2069
2020-10-10 17:58:35
89.248.168.112 attackbots
ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 5009 proto: tcp cat: Misc Attackbytes: 60
2020-10-10 14:32:23
89.248.168.176 attackspambots
ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 1064 proto: tcp cat: Misc Attackbytes: 60
2020-10-08 03:19:09
89.248.168.176 attackbotsspam
firewall-block, port(s): 1058/tcp
2020-10-07 19:33:35
89.248.168.217 attackspambots
Multiport scan 36 ports : 9(x15) 88(x14) 135(x14) 139(x13) 177(x12) 514(x12) 593(x13) 996(x13) 999(x13) 1025(x14) 1028(x14) 1031(x14) 1046(x14) 1053(x14) 1057(x14) 1062(x14) 1068(x14) 1081(x13) 1101(x13) 1194(x14) 1719(x14) 1812(x15) 4244(x15) 4431(x15) 5000(x14) 5011(x14) 5051(x15) 5556(x15) 6481(x15) 6656(x14) 6886(x13) 8333(x14) 9160(x13) 14147(x13) 16000(x14) 22547(x15)
2020-10-05 06:23:29
89.248.168.217 attackspam
 UDP 89.248.168.217:48123 -> port 1194, len 64
2020-10-04 22:24:25
89.248.168.217 attackspam
ET CINS Active Threat Intelligence Poor Reputation IP group 76 - port: 1062 proto: udp cat: Misc Attackbytes: 71
2020-10-04 14:10:26
89.248.168.157 attack
Port Scan
...
2020-10-04 06:46:37
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.248.168.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33191
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.248.168.3.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019053101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 01 11:53:35 CST 2019
;; MSG SIZE  rcvd: 116

Host info
3.168.248.89.in-addr.arpa domain name pointer security.criminalip.com.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
3.168.248.89.in-addr.arpa	name = security.criminalip.com.

Authoritative answers can be found from:

Related IP info:
Related comments:
IP Type Details Datetime
74.82.47.5 attackspambots
" "
2020-07-14 21:18:06
83.118.205.162 attack
Jul 14 14:53:18 home sshd[22600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.118.205.162
Jul 14 14:53:21 home sshd[22600]: Failed password for invalid user wanglj from 83.118.205.162 port 27305 ssh2
Jul 14 14:56:53 home sshd[23051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.118.205.162
...
2020-07-14 21:05:45
49.213.187.41 attackbotsspam
port scan and connect, tcp 81 (hosts2-ns)
2020-07-14 21:24:27
201.148.120.86 attackspam
Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):
2020-07-14 20:55:38
183.17.230.202 attack
Unauthorized connection attempt from IP address 183.17.230.202 on Port 445(SMB)
2020-07-14 21:17:29
185.164.138.21 attack
Invalid user mongo from 185.164.138.21 port 56562
2020-07-14 20:56:32
43.254.54.96 attackbots
Jul 14 13:45:13 ns392434 sshd[2754]: Invalid user vp from 43.254.54.96 port 51705
Jul 14 13:45:13 ns392434 sshd[2754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.254.54.96
Jul 14 13:45:13 ns392434 sshd[2754]: Invalid user vp from 43.254.54.96 port 51705
Jul 14 13:45:15 ns392434 sshd[2754]: Failed password for invalid user vp from 43.254.54.96 port 51705 ssh2
Jul 14 14:00:28 ns392434 sshd[3110]: Invalid user leon from 43.254.54.96 port 47021
Jul 14 14:00:28 ns392434 sshd[3110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.254.54.96
Jul 14 14:00:28 ns392434 sshd[3110]: Invalid user leon from 43.254.54.96 port 47021
Jul 14 14:00:30 ns392434 sshd[3110]: Failed password for invalid user leon from 43.254.54.96 port 47021 ssh2
Jul 14 14:06:54 ns392434 sshd[3374]: Invalid user eloa from 43.254.54.96 port 52836
2020-07-14 20:53:30
119.45.136.208 attack
Invalid user chengwei from 119.45.136.208 port 33342
2020-07-14 20:48:50
106.55.173.60 attackspam
SSH Brute-force
2020-07-14 21:26:47
58.234.45.190 attackbots
Invalid user abc from 58.234.45.190 port 22603
2020-07-14 21:08:18
139.99.89.91 attack
2020-07-14T15:12:55.621510vps773228.ovh.net sshd[10271]: Failed password for invalid user liu from 139.99.89.91 port 46036 ssh2
2020-07-14T15:15:45.790481vps773228.ovh.net sshd[10275]: Invalid user test from 139.99.89.91 port 33610
2020-07-14T15:15:45.813133vps773228.ovh.net sshd[10275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.ip-139-99-89.net
2020-07-14T15:15:45.790481vps773228.ovh.net sshd[10275]: Invalid user test from 139.99.89.91 port 33610
2020-07-14T15:15:47.653462vps773228.ovh.net sshd[10275]: Failed password for invalid user test from 139.99.89.91 port 33610 ssh2
...
2020-07-14 21:21:04
177.131.122.106 attackbotsspam
Jul 14 14:22:43 piServer sshd[23086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.131.122.106 
Jul 14 14:22:45 piServer sshd[23086]: Failed password for invalid user andy from 177.131.122.106 port 4125 ssh2
Jul 14 14:23:48 piServer sshd[23141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.131.122.106 
...
2020-07-14 20:46:53
62.234.178.25 attackbotsspam
Invalid user faxbox from 62.234.178.25 port 37338
2020-07-14 21:07:16
5.249.145.245 attackspam
Invalid user allan from 5.249.145.245 port 47281
2020-07-14 21:13:58
152.136.203.208 attack
Invalid user pc01 from 152.136.203.208 port 39272
2020-07-14 20:59:20

Recently Reported IPs

77.247.110.66 178.128.23.162 185.220.101.65 117.165.102.152
80.14.47.171 80.11.44.112 187.67.67.232 125.76.246.102
41.169.18.58 169.197.108.206 25.210.108.4 139.9.43.28
223.220.250.173 218.23.236.17 114.252.35.61 183.82.114.15
104.228.63.173 212.58.119.126 46.174.191.30 116.228.53.173