141.138.48.189

Basic Info

City: Zagreb

Region: City of Zagreb

Country: Croatia

Internet Service Provider: ISKON INTERNET d.d. za informatiku i telekomunikacije

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 141.138.48.189 to port 9001 [T]	2020-05-06 08:09:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.138.48.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43026
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;141.138.48.189.			IN	A

;; AUTHORITY SECTION:
.			511	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050502 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 08:09:21 CST 2020
;; MSG SIZE  rcvd: 118

Host info

189.48.138.141.in-addr.arpa domain name pointer 141-138-48-189.dsl.iskon.hr.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
189.48.138.141.in-addr.arpa	name = 141-138-48-189.dsl.iskon.hr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.55.77.86	attackspam	firewall-block, port(s): 23/tcp	2019-06-24 08:44:15
68.183.95.97	attackbots	k+ssh-bruteforce	2019-06-24 08:55:55
86.104.32.187	attackbotsspam	Automatic report - Web App Attack	2019-06-24 08:57:55
177.55.145.130	attackbotsspam	SMTP-sasl brute force ...	2019-06-24 09:03:28
104.248.185.25	attackspam	¯\_(ツ)_/¯	2019-06-24 08:36:11
94.46.167.106	attackspam	94.46.167.106 - - \[23/Jun/2019:22:00:53 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 94.46.167.106 - - \[23/Jun/2019:22:00:53 +0200\] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 94.46.167.106 - - \[23/Jun/2019:22:00:53 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 94.46.167.106 - - \[23/Jun/2019:22:00:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 94.46.167.106 - - \[23/Jun/2019:22:00:54 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 94.46.167.106 - - \[23/Jun/2019:22:00:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$	2019-06-24 08:20:09
106.51.50.206	attack	Jun 23 13:14:39 * sshd[21437]: Failed password for invalid user xm from 106.51.50.206 port 43866 ssh2 Jun 23 13:18:33 * sshd[21454]: Failed password for invalid user admin from 106.51.50.206 port 52050 ssh2 Jun 23 13:20:04 * sshd[21464]: Failed password for invalid user broke from 106.51.50.206 port 37776 ssh2 Jun 23 13:21:36 * sshd[21499]: Failed password for invalid user user from 106.51.50.206 port 51730 ssh2 Jun 23 13:23:00 * sshd[21531]: Failed password for invalid user adm from 106.51.50.206 port 37456 ssh2 Jun 23 13:24:29 * sshd[21562]: Failed password for invalid user francine from 106.51.50.206 port 51410 ssh2 Jun 23 13:25:55 * sshd[21572]: Failed password for invalid user jira from 106.51.50.206 port 37132 ssh2 Jun 23 13:27:18 * sshd[21580]: Failed password for invalid user david from 106.51.50.206 port 51090 ssh2 Jun 23 13:28:42 * sshd[21585]: Failed password for invalid user salome from 106.51.50.206 port 36816 ssh2 Jun 23 13:30:12 * sshd[21596]: Failed password for invalid use	2019-06-24 08:34:40
77.40.3.25	attack	$f2bV_matches	2019-06-24 08:50:34
184.105.247.234	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-24 08:37:54
94.225.209.201	attack	Unauthorised access (Jun 24) SRC=94.225.209.201 LEN=40 TTL=54 ID=43954 TCP DPT=23 WINDOW=58989 SYN Unauthorised access (Jun 22) SRC=94.225.209.201 LEN=40 TTL=54 ID=46514 TCP DPT=23 WINDOW=40251 SYN Unauthorised access (Jun 21) SRC=94.225.209.201 LEN=40 TTL=54 ID=114 TCP DPT=23 WINDOW=48359 SYN	2019-06-24 08:43:13
111.79.114.177	attackbots	Jun 23 21:58:52 icinga sshd[25754]: Failed password for root from 111.79.114.177 port 41341 ssh2 Jun 23 21:59:05 icinga sshd[25754]: error: maximum authentication attempts exceeded for root from 111.79.114.177 port 41341 ssh2 [preauth] ...	2019-06-24 09:11:26
129.204.25.212	attackspambots	Joomla HTTP User Agent Object Injection Vulnerability	2019-06-24 08:41:42
193.70.6.197	attackbots	Jun 23 20:57:15 vps200512 sshd\[22786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.6.197 user=root Jun 23 20:57:17 vps200512 sshd\[22786\]: Failed password for root from 193.70.6.197 port 31955 ssh2 Jun 23 20:58:11 vps200512 sshd\[22802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.6.197 user=root Jun 23 20:58:13 vps200512 sshd\[22802\]: Failed password for root from 193.70.6.197 port 43825 ssh2 Jun 23 20:58:25 vps200512 sshd\[22810\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.6.197 user=root	2019-06-24 08:58:29
112.30.117.22	attackbots	Jun 23 14:57:58 *** sshd[22445]: Failed password for invalid user jeanmarc from 112.30.117.22 port 34566 ssh2	2019-06-24 08:33:32
91.232.188.5	attackbots	Brute Force Joomla Admin Login	2019-06-24 09:18:49

Recently Reported IPs

123.10.41.88	171.242.64.210	1.157.184.236	105.2.110.119
122.240.195.11	198.122.204.40	120.12.73.181	138.24.50.161
73.202.193.137	120.11.111.138	128.4.145.220	181.249.56.163
122.138.173.188	119.250.92.19	124.67.235.177	39.171.141.134
186.160.19.199	119.115.2.196	82.236.15.251	32.128.120.167