89.248.172.145

Basic Info

City: unknown

Region: unknown

Country: United Kingdom

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
89.248.172.16	attack	Bap IP	2024-05-12 23:39:04
89.248.172.140	attackbots	Automatic report - Port Scan	2020-10-13 20:36:52
89.248.172.140	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 80 - port: 2468 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:08:47
89.248.172.140	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 7110 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 04:58:27
89.248.172.16	attack	ET DROP Dshield Block Listed Source group 1 - port: 60001 proto: tcp cat: Misc Attackbytes: 60	2020-10-11 03:06:34
89.248.172.16	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-10 18:56:46
89.248.172.16	attackbotsspam	- Port=2081	2020-10-08 03:13:38
89.248.172.16	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 8089 proto: tcp cat: Misc Attackbytes: 60	2020-10-07 19:27:51
89.248.172.85	attackbots	scans 5 times in preceeding hours on the ports (in chronological order) 28589 10777 30026 10201 30103 resulting in total of 70 scans from 89.248.160.0-89.248.174.255 block.	2020-10-01 07:13:00
89.248.172.140	attack	scans 10 times in preceeding hours on the ports (in chronological order) 2728 4590 4446 3410 20222 1983 5656 6300 2728 3031 resulting in total of 70 scans from 89.248.160.0-89.248.174.255 block.	2020-10-01 06:47:26
89.248.172.85	attack	TCP (SYN) 89.248.172.85:50104 -> port 30009, len 44	2020-09-30 23:39:40
89.248.172.140	attackspam	TCP (SYN) 89.248.172.140:44912 -> port 3410, len 44	2020-09-30 23:10:43
89.248.172.140	attack	firewall-block, port(s): 1983/tcp, 3450/tcp, 5656/tcp	2020-09-30 15:44:03
89.248.172.140	attackbots	TCP (SYN) 89.248.172.140:47677 -> port 2000, len 44	2020-09-21 20:38:47
89.248.172.140	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 5566 proto: tcp cat: Misc Attackbytes: 60	2020-09-21 12:30:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.248.172.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36805
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;89.248.172.145.			IN	A

;; AUTHORITY SECTION:
.			480	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091502 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 05:58:58 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 145.172.248.89.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.172.248.89.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.24.5.135	attack	Dec 10 09:33:24 * sshd[20226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.5.135 Dec 10 09:33:26 * sshd[20226]: Failed password for invalid user x-men from 118.24.5.135 port 48938 ssh2	2019-12-10 22:35:12
198.108.67.32	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 22:28:58
50.207.12.103	attackspam	Dec 10 05:04:51 sachi sshd\[18370\]: Invalid user server from 50.207.12.103 Dec 10 05:04:51 sachi sshd\[18370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50-207-12-103-static.hfc.comcastbusiness.net Dec 10 05:04:53 sachi sshd\[18370\]: Failed password for invalid user server from 50.207.12.103 port 57950 ssh2 Dec 10 05:10:13 sachi sshd\[19008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50-207-12-103-static.hfc.comcastbusiness.net user=root Dec 10 05:10:16 sachi sshd\[19008\]: Failed password for root from 50.207.12.103 port 37560 ssh2	2019-12-10 23:10:19
124.61.206.234	attack	Dec 10 15:46:54 MK-Soft-Root2 sshd[23951]: Failed password for root from 124.61.206.234 port 43380 ssh2 Dec 10 15:54:24 MK-Soft-Root2 sshd[25296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.61.206.234 ...	2019-12-10 22:58:58
118.97.77.114	attack	2019-12-10T14:46:56.771617shield sshd\[4859\]: Invalid user tbdb from 118.97.77.114 port 41252 2019-12-10T14:46:56.775685shield sshd\[4859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.77.114 2019-12-10T14:46:58.648747shield sshd\[4859\]: Failed password for invalid user tbdb from 118.97.77.114 port 41252 ssh2 2019-12-10T14:54:23.097072shield sshd\[6936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.77.114 user=root 2019-12-10T14:54:25.000469shield sshd\[6936\]: Failed password for root from 118.97.77.114 port 50322 ssh2	2019-12-10 22:59:27
178.62.117.106	attack	Dec 10 09:48:53 ny01 sshd[26649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106 Dec 10 09:48:55 ny01 sshd[26649]: Failed password for invalid user kahkoska from 178.62.117.106 port 34663 ssh2 Dec 10 09:54:20 ny01 sshd[27281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106	2019-12-10 23:02:39
190.34.17.52	attackspam	$f2bV_matches	2019-12-10 22:37:56
51.255.173.222	attackbotsspam	Dec 10 14:14:21 srv206 sshd[13570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.ip-51-255-173.eu user=root Dec 10 14:14:23 srv206 sshd[13570]: Failed password for root from 51.255.173.222 port 54550 ssh2 Dec 10 14:20:36 srv206 sshd[13635]: Invalid user mailnul from 51.255.173.222 ...	2019-12-10 22:51:12
61.177.172.128	attack	--- report --- Dec 10 11:41:38 sshd: Connection from 61.177.172.128 port 52999 Dec 10 11:41:49 sshd: Did not receive identification string from 61.177.172.128	2019-12-10 23:15:07
51.254.136.164	attackspambots	Dec 10 09:33:36 nextcloud sshd\[10846\]: Invalid user host from 51.254.136.164 Dec 10 09:33:36 nextcloud sshd\[10846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.136.164 Dec 10 09:33:38 nextcloud sshd\[10846\]: Failed password for invalid user host from 51.254.136.164 port 54702 ssh2 ...	2019-12-10 22:43:08
178.62.37.78	attack	Aug 14 17:58:11 microserver sshd[46627]: Invalid user tomcat from 178.62.37.78 port 36148 Aug 14 17:58:11 microserver sshd[46627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.37.78 Aug 14 17:58:14 microserver sshd[46627]: Failed password for invalid user tomcat from 178.62.37.78 port 36148 ssh2 Aug 14 18:03:09 microserver sshd[47295]: Invalid user cst from 178.62.37.78 port 56558 Aug 14 18:03:09 microserver sshd[47295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.37.78 Aug 14 18:17:53 microserver sshd[49315]: Invalid user teamspeak from 178.62.37.78 port 33082 Aug 14 18:17:53 microserver sshd[49315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.37.78 Aug 14 18:17:55 microserver sshd[49315]: Failed password for invalid user teamspeak from 178.62.37.78 port 33082 ssh2 Aug 14 18:22:54 microserver sshd[49956]: Invalid user soporte from 178.62.37.78 port 53484 Aug	2019-12-10 23:09:11
202.200.142.251	attackspam	Dec 10 09:22:18 ny01 sshd[23218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.200.142.251 Dec 10 09:22:21 ny01 sshd[23218]: Failed password for invalid user guest from 202.200.142.251 port 37142 ssh2 Dec 10 09:30:25 ny01 sshd[24638]: Failed password for root from 202.200.142.251 port 41880 ssh2	2019-12-10 22:32:45
210.242.67.17	attack	2019-12-10T15:06:17.199334shield sshd\[8777\]: Invalid user on from 210.242.67.17 port 49962 2019-12-10T15:06:17.203791shield sshd\[8777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210-242-67-17.hinet-ip.hinet.net 2019-12-10T15:06:18.799348shield sshd\[8777\]: Failed password for invalid user on from 210.242.67.17 port 49962 ssh2 2019-12-10T15:12:25.727623shield sshd\[10237\]: Invalid user wwwrun from 210.242.67.17 port 59438 2019-12-10T15:12:25.731813shield sshd\[10237\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210-242-67-17.hinet-ip.hinet.net	2019-12-10 23:16:50
180.106.81.168	attackbots	$f2bV_matches	2019-12-10 22:38:33
188.166.5.84	attackspam	Dec 10 09:48:46 linuxvps sshd\[50589\]: Invalid user witzmann from 188.166.5.84 Dec 10 09:48:46 linuxvps sshd\[50589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.5.84 Dec 10 09:48:48 linuxvps sshd\[50589\]: Failed password for invalid user witzmann from 188.166.5.84 port 60288 ssh2 Dec 10 09:54:17 linuxvps sshd\[54137\]: Invalid user waymon from 188.166.5.84 Dec 10 09:54:17 linuxvps sshd\[54137\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.5.84	2019-12-10 23:05:11

Recently Reported IPs

45.148.10.239	198.191.14.211	89.248.172.146	89.248.172.254
89.248.172.147	89.248.172.186	89.248.172.236	45.148.10.218
45.148.10.147	176.121.14.11	181.174.164.11	5.182.39.1
5.182.39.49	5.182.39.76	45.148.10.202	5.182.39.35
89.248.172.165	89.248.172.150	89.248.172.148	89.248.172.193