必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Incrediserve Ltd

主机名(hostname): unknown

机构(organization): IP Volume inc

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbotsspam
scans once in preceeding hours on the ports (in chronological order) 4022 resulting in total of 70 scans from 89.248.160.0-89.248.174.255 block.
2020-10-01 07:13:40
attack
Port Scan: TCP/4369
2020-09-30 23:40:51
attackspambots
firewall-block, port(s): 8098/tcp
2020-08-22 18:35:26
attackbotsspam
TCP port : 5007
2020-08-16 19:28:15
attackbots
ET CINS Active Threat Intelligence Poor Reputation IP group 85 - port: 5007 proto: tcp cat: Misc Attackbytes: 60
2020-08-16 01:24:18
attack
firewall-block, port(s): 195/tcp, 444/tcp
2020-08-11 07:26:47
attackbots
ET CINS Active Threat Intelligence Poor Reputation IP group 85 - port: 53 proto: tcp cat: Misc Attackbytes: 60
2020-08-10 12:46:22
attack
Unauthorized connection attempt detected from IP address 89.248.168.51 to port 4022 [T]
2020-08-07 17:22:07
attack
Aug  7 02:58:24 mertcangokgoz-v4-main kernel: [375241.686134] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:5a:6b:04:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.51 DST=94.130.96.165 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=TCP SPT=47987 DPT=2222 WINDOW=65535 RES=0x00 SYN URGP=0
2020-08-07 08:13:41
attackbotsspam
firewall-block, port(s): 631/tcp
2020-08-05 20:43:57
attackspam
Port scan: Attack repeated for 24 hours
2020-07-25 19:35:23
attackbotsspam
ET DROP Dshield Block Listed Source group 1 - port: 4567 proto: tcp cat: Misc Attackbytes: 60
2020-07-21 19:54:14
attack
20/7/17@17:59:57: FAIL: Alarm-Network address from=89.248.168.51
...
2020-07-18 07:00:35
attackbotsspam
Port scan: Attack repeated for 24 hours
2020-07-17 22:20:46
attackspam
scans 2 times in preceeding hours on the ports (in chronological order) 4022 4022 resulting in total of 42 scans from 89.248.160.0-89.248.174.255 block.
2020-07-07 00:18:48
attackbotsspam
scans 2 times in preceeding hours on the ports (in chronological order) 2087 2222 resulting in total of 47 scans from 89.248.160.0-89.248.174.255 block.
2020-07-05 22:17:01
attack
Jun 30 21:27:21 debian-2gb-nbg1-2 kernel: \[15803878.465349\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.51 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=TCP SPT=43975 DPT=195 WINDOW=65535 RES=0x00 SYN URGP=0
2020-07-01 19:44:21
attack
scans once in preceeding hours on the ports (in chronological order) 4022 resulting in total of 83 scans from 89.248.160.0-89.248.174.255 block.
2020-06-28 23:50:37
attack
" "
2020-06-25 17:45:13
attackbotsspam
" "
2020-06-24 13:22:11
attackspambots
06/20/2020-16:15:57.245954 89.248.168.51 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2020-06-21 04:42:13
attackbots
06/18/2020-16:46:18.840906 89.248.168.51 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2020-06-19 05:19:07
attack
 TCP (SYN) 89.248.168.51:53462 -> port 444, len 44
2020-06-15 14:51:15
attackspam
 TCP (SYN) 89.248.168.51:34144 -> port 445, len 40
2020-06-09 19:46:29
attackspambots
ET DROP Dshield Block Listed Source group 1 - port: 8098 proto: TCP cat: Misc Attack
2020-06-07 02:56:14
attackbotsspam
Unauthorized connection attempt detected from IP address 89.248.168.51 to port 4022 [T]
2020-06-04 23:10:39
attackspam
06/03/2020-17:12:37.230746 89.248.168.51 Protocol: 6 ET DROP Dshield Block Listed Source group 1
2020-06-04 06:51:20
attackspam
Unauthorized connection attempt detected from IP address 89.248.168.51 to port 445 [T]
2020-06-01 03:41:29
attackbots
firewall-block, port(s): 195/tcp, 444/tcp
2020-05-31 17:33:38
attackspambots
Unauthorized connection attempt detected from IP address 89.248.168.51 to port 88 [T]
2020-05-30 17:57:55
相同子网IP讨论:
IP 类型 评论内容 时间
89.248.168.226 attack
Scan port
2023-03-21 13:42:59
89.248.168.226 attack
Scan port
2023-02-20 13:47:15
89.248.168.112 attackbots
" "
2020-10-14 09:18:12
89.248.168.157 attack
firewall-block, port(s): 2551/tcp
2020-10-13 13:05:44
89.248.168.157 attackbots
firewall-block, port(s): 2550/tcp
2020-10-13 05:52:28
89.248.168.157 attack
ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 2080 proto: tcp cat: Misc Attackbytes: 60
2020-10-11 02:13:51
89.248.168.112 attackbots
firewall-block, port(s): 5269/tcp
2020-10-10 22:40:01
89.248.168.157 attackspam
Port Scan: TCP/2069
2020-10-10 17:58:35
89.248.168.112 attackbots
ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 5009 proto: tcp cat: Misc Attackbytes: 60
2020-10-10 14:32:23
89.248.168.176 attackspambots
ET CINS Active Threat Intelligence Poor Reputation IP group 78 - port: 1064 proto: tcp cat: Misc Attackbytes: 60
2020-10-08 03:19:09
89.248.168.176 attackbotsspam
firewall-block, port(s): 1058/tcp
2020-10-07 19:33:35
89.248.168.217 attackspambots
Multiport scan 36 ports : 9(x15) 88(x14) 135(x14) 139(x13) 177(x12) 514(x12) 593(x13) 996(x13) 999(x13) 1025(x14) 1028(x14) 1031(x14) 1046(x14) 1053(x14) 1057(x14) 1062(x14) 1068(x14) 1081(x13) 1101(x13) 1194(x14) 1719(x14) 1812(x15) 4244(x15) 4431(x15) 5000(x14) 5011(x14) 5051(x15) 5556(x15) 6481(x15) 6656(x14) 6886(x13) 8333(x14) 9160(x13) 14147(x13) 16000(x14) 22547(x15)
2020-10-05 06:23:29
89.248.168.217 attackspam
 UDP 89.248.168.217:48123 -> port 1194, len 64
2020-10-04 22:24:25
89.248.168.217 attackspam
ET CINS Active Threat Intelligence Poor Reputation IP group 76 - port: 1062 proto: udp cat: Misc Attackbytes: 71
2020-10-04 14:10:26
89.248.168.157 attack
Port Scan
...
2020-10-04 06:46:37
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.248.168.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1018
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.248.168.51.			IN	A

;; AUTHORITY SECTION:
.			1832	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 15:48:20 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:
51.168.248.89.in-addr.arpa domain name pointer security.criminalip.com.
NSLOOKUP信息:
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
51.168.248.89.in-addr.arpa	name = security.criminalip.com.

Authoritative answers can be found from:

相关IP信息:
最新评论:
IP 类型 评论内容 时间
95.211.230.211 attackspam
(imapd) Failed IMAP login from 95.211.230.211 (NL/Netherlands/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 24 16:22:55 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 3 secs): user=, method=PLAIN, rip=95.211.230.211, lip=5.63.12.44, TLS, session=<3Kv5OZ6tHO1f0+bT>
2020-08-24 20:40:12
176.31.255.223 attackbots
Aug 24 15:28:59 pkdns2 sshd\[9256\]: Invalid user cacti from 176.31.255.223Aug 24 15:29:01 pkdns2 sshd\[9256\]: Failed password for invalid user cacti from 176.31.255.223 port 46058 ssh2Aug 24 15:30:53 pkdns2 sshd\[9379\]: Invalid user odoo from 176.31.255.223Aug 24 15:30:55 pkdns2 sshd\[9379\]: Failed password for invalid user odoo from 176.31.255.223 port 48102 ssh2Aug 24 15:32:42 pkdns2 sshd\[9472\]: Invalid user zhou from 176.31.255.223Aug 24 15:32:44 pkdns2 sshd\[9472\]: Failed password for invalid user zhou from 176.31.255.223 port 50152 ssh2
...
2020-08-24 20:45:58
40.71.100.104 attack
Aug 24 11:52:46 scw-6657dc sshd[5528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.71.100.104
Aug 24 11:52:46 scw-6657dc sshd[5528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.71.100.104
Aug 24 11:52:48 scw-6657dc sshd[5528]: Failed password for invalid user marketing from 40.71.100.104 port 37130 ssh2
...
2020-08-24 20:52:13
59.92.9.201 attackspambots
20/8/24@07:52:31: FAIL: Alarm-Network address from=59.92.9.201
20/8/24@07:52:31: FAIL: Alarm-Network address from=59.92.9.201
...
2020-08-24 21:08:24
203.186.187.169 attackbots
Aug 24 13:45:02 server sshd[3327]: Failed password for invalid user stagiaire from 203.186.187.169 port 36630 ssh2
Aug 24 13:48:58 server sshd[8619]: Failed password for invalid user admin2 from 203.186.187.169 port 43490 ssh2
Aug 24 13:52:47 server sshd[13853]: Failed password for invalid user commun from 203.186.187.169 port 50350 ssh2
2020-08-24 20:52:42
192.241.223.211 attack
firewall-block, port(s): 8091/tcp
2020-08-24 21:15:08
209.141.45.189 attackbots
prod11
...
2020-08-24 20:45:27
14.161.5.70 attack
Dovecot Invalid User Login Attempt.
2020-08-24 20:37:32
85.111.74.140 attack
"$f2bV_matches"
2020-08-24 20:39:30
67.205.144.65 attack
67.205.144.65 - - [24/Aug/2020:13:47:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
67.205.144.65 - - [24/Aug/2020:13:47:49 +0100] "POST /wp-login.php HTTP/1.1" 200 1877 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
67.205.144.65 - - [24/Aug/2020:13:47:49 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-08-24 21:07:45
92.7.243.253 attackbots
Attempted connection to port 80.
2020-08-24 21:06:57
197.44.185.16 attackspam
Attempted connection to port 445.
2020-08-24 21:14:15
176.92.72.44 attackspam
Telnet Server BruteForce Attack
2020-08-24 20:47:56
45.15.16.100 attack
(imapd) Failed IMAP login from 45.15.16.100 (SE/Sweden/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 24 16:22:32 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=45.15.16.100, lip=5.63.12.44, TLS, session=
2020-08-24 20:59:28
138.36.100.81 attackspambots
Automatic report - XMLRPC Attack
2020-08-24 21:19:19

最近上报的IP列表

123.231.254.226 46.166.151.156 202.152.148.252 182.23.105.66
217.72.168.235 89.248.160.132 103.8.195.34 195.191.83.83
209.121.12.246 187.59.156.123 188.152.220.33 113.173.237.187
195.120.68.227 132.232.77.114 144.21.80.208 78.85.250.14
159.203.122.149 128.0.139.217 14.229.159.52 183.82.111.150