89.248.172.120

Basic Info

City: unknown

Region: unknown

Country: United Kingdom

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
89.248.172.16	attack	Bap IP	2024-05-12 23:39:04
89.248.172.140	attackbots	Automatic report - Port Scan	2020-10-13 20:36:52
89.248.172.140	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 80 - port: 2468 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:08:47
89.248.172.140	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 7110 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 04:58:27
89.248.172.16	attack	ET DROP Dshield Block Listed Source group 1 - port: 60001 proto: tcp cat: Misc Attackbytes: 60	2020-10-11 03:06:34
89.248.172.16	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-10 18:56:46
89.248.172.16	attackbotsspam	- Port=2081	2020-10-08 03:13:38
89.248.172.16	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 8089 proto: tcp cat: Misc Attackbytes: 60	2020-10-07 19:27:51
89.248.172.85	attackbots	scans 5 times in preceeding hours on the ports (in chronological order) 28589 10777 30026 10201 30103 resulting in total of 70 scans from 89.248.160.0-89.248.174.255 block.	2020-10-01 07:13:00
89.248.172.140	attack	scans 10 times in preceeding hours on the ports (in chronological order) 2728 4590 4446 3410 20222 1983 5656 6300 2728 3031 resulting in total of 70 scans from 89.248.160.0-89.248.174.255 block.	2020-10-01 06:47:26
89.248.172.85	attack	TCP (SYN) 89.248.172.85:50104 -> port 30009, len 44	2020-09-30 23:39:40
89.248.172.140	attackspam	TCP (SYN) 89.248.172.140:44912 -> port 3410, len 44	2020-09-30 23:10:43
89.248.172.140	attack	firewall-block, port(s): 1983/tcp, 3450/tcp, 5656/tcp	2020-09-30 15:44:03
89.248.172.140	attackbots	TCP (SYN) 89.248.172.140:47677 -> port 2000, len 44	2020-09-21 20:38:47
89.248.172.140	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 5566 proto: tcp cat: Misc Attackbytes: 60	2020-09-21 12:30:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.248.172.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23958
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;89.248.172.120.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091501 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 01:58:25 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 120.172.248.89.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.82.98, trying next server
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 120.172.248.89.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.27.78.168	attackspambots	Dec 1 09:42:54 web8 sshd\[27471\]: Invalid user mylinux from 189.27.78.168 Dec 1 09:42:54 web8 sshd\[27471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.27.78.168 Dec 1 09:42:57 web8 sshd\[27471\]: Failed password for invalid user mylinux from 189.27.78.168 port 36888 ssh2 Dec 1 09:47:07 web8 sshd\[29384\]: Invalid user itcenter from 189.27.78.168 Dec 1 09:47:07 web8 sshd\[29384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.27.78.168	2019-12-01 21:09:14
125.69.67.116	attackspam	Unauthorised access (Dec 1) SRC=125.69.67.116 LEN=40 TTL=51 ID=41296 TCP DPT=23 WINDOW=29694 SYN	2019-12-01 21:21:26
14.177.159.63	attack	Brute force attempt	2019-12-01 21:42:11
67.207.91.133	attackspambots	Dec 1 08:04:57 localhost sshd[604]: Failed password for invalid user bore from 67.207.91.133 port 55136 ssh2 Dec 1 08:21:51 localhost sshd[1281]: Failed password for root from 67.207.91.133 port 33164 ssh2 Dec 1 08:24:44 localhost sshd[1424]: Failed password for invalid user yusuzuki from 67.207.91.133 port 39392 ssh2	2019-12-01 21:06:15
5.196.140.219	attackbotsspam	Dec 1 01:21:06 mail sshd\[46046\]: Invalid user lol1 from 5.196.140.219 Dec 1 01:21:06 mail sshd\[46046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.140.219 ...	2019-12-01 21:44:24
58.87.117.128	attack	Dec 1 14:06:24 www sshd\[25336\]: Invalid user lgordon from 58.87.117.128 port 41730 ...	2019-12-01 21:45:22
119.90.61.10	attackbots	SSH bruteforce (Triggered fail2ban)	2019-12-01 21:20:50
186.130.80.139	attackbots	Unauthorised access (Dec 1) SRC=186.130.80.139 LEN=40 TOS=0x10 PREC=0x40 TTL=52 ID=43137 TCP DPT=23 WINDOW=38867 SYN	2019-12-01 21:36:54
132.232.37.154	attackbotsspam	Dec 1 07:59:43 ws22vmsma01 sshd[91610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.37.154 Dec 1 07:59:45 ws22vmsma01 sshd[91610]: Failed password for invalid user ts from 132.232.37.154 port 51762 ssh2 ...	2019-12-01 21:45:53
197.51.245.227	attackbotsspam	Brute force attempt	2019-12-01 21:45:02
103.255.4.9	attackspambots	Port 1433 Scan	2019-12-01 21:29:26
196.218.37.194	attackbots	UTC: 2019-11-30 port: 23/tcp	2019-12-01 21:39:40
185.217.231.34	attack	Dec 1 16:29:05 our-server-hostname postfix/smtpd[9032]: connect from unknown[185.217.231.34] Dec 1 16:29:07 our-server-hostname sqlgrey: grey: new: 185.217.231.34(185.217.231.34), x@x -> x@x Dec x@x Dec x@x Dec 1 16:29:07 our-server-hostname postfix/smtpd[9032]: disconnect from unknown[185.217.231.34] Dec 1 16:29:14 our-server-hostname postfix/smtpd[11403]: connect from unknown[185.217.231.34] Dec 1 16:29:16 our-server-hostname sqlgrey: grey: new: 185.217.231.34(185.217.231.34), x@x -> x@x Dec x@x Dec x@x Dec 1 16:29:17 our-server-hostname sqlgrey: grey: new: 185.217.231.34(185.217.231.34), x@x -> x@x Dec x@x Dec x@x Dec 1 16:29:18 our-server-hostname postfix/smtpd[11403]: disconnect from unknown[185.217.231.34] Dec 1 16:29:46 our-server-hostname postfix/smtpd[9032]: connect from unknown[185.217.231.34] Dec 1 16:29:46 our-server-hostname sqlgrey: grey: new: 185.217.231.34(185.217.231.34), x@x -> x@x Dec x@x Dec x@x Dec 1 16:29:47 our-server-hostname postfix/sm........ -------------------------------	2019-12-01 21:16:50
202.131.231.210	attack	SSH Brute Force, server-1 sshd[26326]: Failed password for invalid user Winter from 202.131.231.210 port 39486 ssh2	2019-12-01 21:19:16
51.77.148.87	attackbots	Dec 1 05:07:46 mail sshd\[7867\]: Invalid user shanmin from 51.77.148.87 Dec 1 05:07:46 mail sshd\[7867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.148.87 ...	2019-12-01 21:13:35

Recently Reported IPs

113.30.155.179	89.248.172.124	167.248.133.212	167.248.133.221
176.121.14.170	167.94.138.167	167.94.138.174	84.54.57.183
185.88.103.197	45.141.84.239	185.100.87.231	185.143.221.116
185.143.221.117	193.56.28.41	185.143.221.25	89.248.168.85
185.11.146.89	185.143.221.206	45.141.84.234	85.62.188.148