89.248.172.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United Kingdom

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
89.248.172.16	attack	Bap IP	2024-05-12 23:39:04
89.248.172.140	attackbots	Automatic report - Port Scan	2020-10-13 20:36:52
89.248.172.140	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 80 - port: 2468 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:08:47
89.248.172.140	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 7110 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 04:58:27
89.248.172.16	attack	ET DROP Dshield Block Listed Source group 1 - port: 60001 proto: tcp cat: Misc Attackbytes: 60	2020-10-11 03:06:34
89.248.172.16	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-10 18:56:46
89.248.172.16	attackbotsspam	- Port=2081	2020-10-08 03:13:38
89.248.172.16	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 8089 proto: tcp cat: Misc Attackbytes: 60	2020-10-07 19:27:51
89.248.172.85	attackbots	scans 5 times in preceeding hours on the ports (in chronological order) 28589 10777 30026 10201 30103 resulting in total of 70 scans from 89.248.160.0-89.248.174.255 block.	2020-10-01 07:13:00
89.248.172.140	attack	scans 10 times in preceeding hours on the ports (in chronological order) 2728 4590 4446 3410 20222 1983 5656 6300 2728 3031 resulting in total of 70 scans from 89.248.160.0-89.248.174.255 block.	2020-10-01 06:47:26
89.248.172.85	attack	TCP (SYN) 89.248.172.85:50104 -> port 30009, len 44	2020-09-30 23:39:40
89.248.172.140	attackspam	TCP (SYN) 89.248.172.140:44912 -> port 3410, len 44	2020-09-30 23:10:43
89.248.172.140	attack	firewall-block, port(s): 1983/tcp, 3450/tcp, 5656/tcp	2020-09-30 15:44:03
89.248.172.140	attackbots	TCP (SYN) 89.248.172.140:47677 -> port 2000, len 44	2020-09-21 20:38:47
89.248.172.140	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 5566 proto: tcp cat: Misc Attackbytes: 60	2020-09-21 12:30:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.248.172.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11798
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;89.248.172.72.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091500 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 15 18:50:26 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 72.172.248.89.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.172.248.89.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.17.159.63	attack	xmlrpc attack	2020-09-01 05:52:19
196.52.43.130	attackspambots	TCP (SYN) 196.52.43.130:52225 -> port 67, len 44	2020-09-01 05:54:50
94.46.53.103	attack	Email rejected due to spam filtering	2020-09-01 06:19:15
134.202.64.169	attack	8,78-07/07 [bc04/m147] PostRequest-Spammer scoring: essen	2020-09-01 06:14:13
188.65.221.222	attackbotsspam	20 attempts against mh-misbehave-ban on flare	2020-09-01 06:12:32
152.174.69.247	attackspam	Sep 1 00:24:56 journals sshd\[73894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.174.69.247 user=root Sep 1 00:24:58 journals sshd\[73894\]: Failed password for root from 152.174.69.247 port 43136 ssh2 Sep 1 00:32:50 journals sshd\[74339\]: Invalid user libuuid from 152.174.69.247 Sep 1 00:32:50 journals sshd\[74339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.174.69.247 Sep 1 00:32:52 journals sshd\[74339\]: Failed password for invalid user libuuid from 152.174.69.247 port 55078 ssh2 ...	2020-09-01 05:54:07
188.13.201.91	attack	xmlrpc attack	2020-09-01 05:46:29
211.170.28.252	attackbots	Sep 1 00:06:38 lnxweb62 sshd[31402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.170.28.252 Sep 1 00:06:38 lnxweb62 sshd[31402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.170.28.252	2020-09-01 06:18:35
134.122.96.20	attack	Aug 31 21:09:26 plex-server sshd[2207530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.96.20 Aug 31 21:09:26 plex-server sshd[2207530]: Invalid user reward from 134.122.96.20 port 56616 Aug 31 21:09:28 plex-server sshd[2207530]: Failed password for invalid user reward from 134.122.96.20 port 56616 ssh2 Aug 31 21:13:06 plex-server sshd[2209198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.96.20 user=root Aug 31 21:13:08 plex-server sshd[2209198]: Failed password for root from 134.122.96.20 port 35258 ssh2 ...	2020-09-01 05:51:28
167.249.168.131	spambotsattackproxynormal	🌐ꦿ⧼⿴⃟ٍࣽ.艾ʜ sʏsᴛᴇᴍ ༴᪳🌐ꦿꦼ꙲斖༆	2020-09-01 05:47:00
103.221.252.46	attack	Sep 1 04:44:39 webhost01 sshd[29218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.221.252.46 Sep 1 04:44:41 webhost01 sshd[29218]: Failed password for invalid user sonarr from 103.221.252.46 port 50358 ssh2 ...	2020-09-01 05:49:02
193.181.27.171	attackbots	Email rejected due to spam filtering	2020-09-01 06:18:52
138.197.213.134	attackspambots	2020-08-31T21:27:29.523499abusebot-7.cloudsearch.cf sshd[2344]: Invalid user status from 138.197.213.134 port 36552 2020-08-31T21:27:29.529894abusebot-7.cloudsearch.cf sshd[2344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 2020-08-31T21:27:29.523499abusebot-7.cloudsearch.cf sshd[2344]: Invalid user status from 138.197.213.134 port 36552 2020-08-31T21:27:31.409165abusebot-7.cloudsearch.cf sshd[2344]: Failed password for invalid user status from 138.197.213.134 port 36552 ssh2 2020-08-31T21:32:09.633266abusebot-7.cloudsearch.cf sshd[2393]: Invalid user magno from 138.197.213.134 port 45272 2020-08-31T21:32:09.639144abusebot-7.cloudsearch.cf sshd[2393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.134 2020-08-31T21:32:09.633266abusebot-7.cloudsearch.cf sshd[2393]: Invalid user magno from 138.197.213.134 port 45272 2020-08-31T21:32:12.289502abusebot-7.cloudsearch.cf sshd[2393 ...	2020-09-01 05:50:14
2607:f8b0:4864:20::642	attackbotsspam	Return-Path: Received: from mail-pl1-x642.google.com ([IPv6:2607:f8b0:4864:20::642]) by resimta-po-33v.sys.comcast.net with ESMTP id CqkokUJQKq7VyCqn3k1cPA; Mon, 31 Aug 2020 20:52:33 +0000 From: "Membership Reminder" Subject: Notification: Your membership service not yet confirmed, we tried to bill you automatically NETFLIX Something went wrong We have been notified that you questioned a Netflix charge for the payment method we have on file and have terminated your membership. We would like you to come back. If you change your mind, just restart your membership to enjoy the best TV shows and movies without interruption. Restart Now	2020-09-01 05:47:47
103.92.24.240	attackbots	$f2bV_matches	2020-09-01 06:16:54

Recently Reported IPs

113.30.155.63	93.177.118.149	164.52.24.141	193.56.28.3
180.252.181.2	188.209.52.82	190.14.39.111	14.38.255.37
185.11.146.220	89.248.168.250	185.62.190.55	92.118.37.89
158.85.81.126	169.54.244.93	89.248.171.125	91.212.100.214
93.177.119.124	93.177.119.211	146.19.140.252	195.126.196.33