Check an IP Address, Domain Name, Subnet, or ASN

89.248.168.227 was found in our database!

$ whois 89.248.168.227

country·🇳🇱 The Netherlands

city·Amsterdam

isp·IP Volume inc

asn·AS202425

network·Standard

$ sikker risk 89.248.168.227scoring →

confidence

91%Very High

first_seen·Mar 3, 2026

last_seen·1h ago

first_reported·Mar 5, 2026

last_reported·7d ago

sessions·177

events·181

reports·19

$ sikker protocols 89.248.168.227

HTTPS

60 / 62

HTTP

50 / 50 / 5r

SSH

28 / 29 / 7r

ELASTICSEARCH

19 / 19

TELNET

12 / 13 / 2r

FTP

8 / 8 / 4r

$ sikker summary 89.248.168.227

89.248.168.227 has a threat confidence score of 91%. This IP address from The Netherlands (AS202425, IP Volume inc) has been observed in 177 honeypot sessions and reported 19 times targeting HTTPS, HTTP, SSH, ELASTICSEARCH, TELNET and 1 other protocols. First observed on March 3, 2026, most recently active March 29, 2026.

$ sikker behaviors 89.248.168.227catalog →

infoHttp Root Path Request34x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request12x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 89.248.168.227

http_method_get45 elastic_http_get_request19 https_path_root16 elastic_root_path_probe9 http_path_doc_page_login_asp_access3 http_path_bad_request1

$ sikker reports 89.248.168.227submit →

Showing 5 of 19 reports from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 22, 2026, 01:28	Brute Force	FTP	SikkerGuard: 2 blocked packets
User	Mar 22, 2026, 24:12	Brute Force	TELNET	SikkerGuard: 2 blocked packets
User	Mar 19, 2026, 18:08	Brute Force	SSH	SikkerGuard: 2 blocked packets
User	Mar 19, 2026, 17:13	Brute Force	SSH	SikkerGuard: 2 blocked packets
User	Mar 19, 2026, 16:52	Brute Force	HTTP	SikkerGuard: 2 blocked packets

1 / 4

$ sikker related 89.248.168.227

🇳🇱·More threats fromThe Netherlands→AS·More threats fromIP Volume inc→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→SSH·More threats targetingSSH→ELAS·More threats targetingELASTICSEARCH→TELN·More threats targetingTELNET→FTP·More threats targetingFTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
94.102.49.193	100%	1,827
93.174.93.12	96%	11,303
80.82.77.139	100%	3,524
80.82.77.202	97%	5,855
94.102.49.155	100%	12,951

IP Address	Confidence	Events
45.148.10.192	100%	23,700
45.148.10.240	100%	514,082
130.12.180.174	91%	3,794
94.154.35.215	93%	37,695
95.215.8.165	82%	6