89.146.149.248

Basic Info

City: unknown

Region: unknown

Country: Bosnia and Herzegovina

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
89.146.149.145	attackbots	Unauthorized connection attempt detected from IP address 89.146.149.145 to port 26	2020-07-09 02:10:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.146.149.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;89.146.149.248.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012901 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 05:53:38 CST 2025
;; MSG SIZE  rcvd: 107

Host info

248.149.146.89.in-addr.arpa domain name pointer SE400.PPPoE-5624.sa.bih.net.ba.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.149.146.89.in-addr.arpa	name = SE400.PPPoE-5624.sa.bih.net.ba.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.200.164.195	attackbots	1574663199 - 11/25/2019 07:26:39 Host: 220.200.164.195/220.200.164.195 Port: 540 TCP Blocked	2019-11-25 17:49:01
107.173.53.251	attack	(From francoedward98@gmail.com) Hi! Have you tried searching on Google for the products/services your website offers? Does your business site appear on the first page? I'm an expert Online marketing analyst, and I know exactly how to improve your website's rank in search engines. If you're not appearing on the top of search results, you're inevitably missing out on a lot of opportunities. This is because your potential clients are having a difficult time finding you online since they can't find you on the first page of search results. I've been in the field of SEO for over a decade now and I can help you fix that. I'm offering you a free consultation, so I can show you how the optimization can make your website rank higher on Google and other search engines. Kindly let me know if you're interested, so I can give you a call at a time that works best for you. I hope to speak with you soon. Best regards, Ed Franco	2019-11-25 18:17:29
106.13.114.228	attack	Nov 25 05:13:42 linuxvps sshd\[25302\]: Invalid user ctm from 106.13.114.228 Nov 25 05:13:42 linuxvps sshd\[25302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.114.228 Nov 25 05:13:45 linuxvps sshd\[25302\]: Failed password for invalid user ctm from 106.13.114.228 port 38626 ssh2 Nov 25 05:21:32 linuxvps sshd\[30058\]: Invalid user antiup from 106.13.114.228 Nov 25 05:21:32 linuxvps sshd\[30058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.114.228	2019-11-25 18:21:42
106.12.189.2	attack	Nov 25 06:52:48 server02 sshd[24079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.189.2 Nov 25 06:52:50 server02 sshd[24079]: Failed password for invalid user csmp from 106.12.189.2 port 38834 ssh2 Nov 25 07:13:49 server02 sshd[25088]: User dovecot from 106.12.189.2 not allowed because not listed in AllowUsers Nov 25 07:13:49 server02 sshd[25088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.189.2 user=dovecot ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.12.189.2	2019-11-25 18:19:15
69.94.131.69	attack	Nov 25 07:13:56 h2421860 postfix/postscreen[9602]: CONNECT from [69.94.131.69]:51580 to [85.214.119.52]:25 Nov 25 07:13:56 h2421860 postfix/dnsblog[9605]: addr 69.94.131.69 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 25 07:13:56 h2421860 postfix/dnsblog[9604]: addr 69.94.131.69 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 25 07:13:56 h2421860 postfix/dnsblog[9607]: addr 69.94.131.69 listed by domain bl.mailspike.net as 127.0.0.10 Nov 25 07:13:56 h2421860 postfix/dnsblog[9605]: addr 69.94.131.69 listed by domain Unknown.trblspam.com as 185.53.179.7 Nov 25 07:13:56 h2421860 postfix/dnsblog[9606]: addr 69.94.131.69 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 25 07:14:02 h2421860 postfix/postscreen[9602]: DNSBL rank 10 for [69.94.131.69]:51580 Nov x@x Nov 25 07:14:02 h2421860 postfix/postscreen[9602]: DISCONNECT [69.94.131.69]:51580 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=69.94.131.69	2019-11-25 17:51:16
151.75.196.123	attack	Automatic report - Port Scan Attack	2019-11-25 17:46:28
103.27.238.107	attackspambots	Lines containing failures of 103.27.238.107 Nov 25 06:04:00 shared05 sshd[31964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.107 user=backup Nov 25 06:04:03 shared05 sshd[31964]: Failed password for backup from 103.27.238.107 port 42924 ssh2 Nov 25 06:04:03 shared05 sshd[31964]: Received disconnect from 103.27.238.107 port 42924:11: Bye Bye [preauth] Nov 25 06:04:03 shared05 sshd[31964]: Disconnected from authenticating user backup 103.27.238.107 port 42924 [preauth] Nov 25 06:55:51 shared05 sshd[18391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.27.238.107 user=nagios Nov 25 06:55:53 shared05 sshd[18391]: Failed password for nagios from 103.27.238.107 port 41816 ssh2 Nov 25 06:55:53 shared05 sshd[18391]: Received disconnect from 103.27.238.107 port 41816:11: Bye Bye [preauth] Nov 25 06:55:53 shared05 sshd[18391]: Disconnected from authenticating user nagios 103.27......... ------------------------------	2019-11-25 18:14:23
40.123.36.193	attackbots	11/25/2019-04:50:46.402010 40.123.36.193 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-25 18:14:50
138.197.163.11	attackbotsspam	Nov 25 07:26:18 vmd26974 sshd[8205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.163.11 Nov 25 07:26:21 vmd26974 sshd[8205]: Failed password for invalid user aiello from 138.197.163.11 port 32892 ssh2 ...	2019-11-25 18:00:07
111.230.241.245	attackspam	Nov 25 10:31:01 OPSO sshd\[10325\]: Invalid user cav from 111.230.241.245 port 57408 Nov 25 10:31:01 OPSO sshd\[10325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.241.245 Nov 25 10:31:03 OPSO sshd\[10325\]: Failed password for invalid user cav from 111.230.241.245 port 57408 ssh2 Nov 25 10:38:42 OPSO sshd\[11728\]: Invalid user hisanori from 111.230.241.245 port 36544 Nov 25 10:38:42 OPSO sshd\[11728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.241.245	2019-11-25 17:45:17
220.173.55.8	attackspambots	Nov 25 00:00:13 web9 sshd\[25378\]: Invalid user sommers from 220.173.55.8 Nov 25 00:00:13 web9 sshd\[25378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.173.55.8 Nov 25 00:00:16 web9 sshd\[25378\]: Failed password for invalid user sommers from 220.173.55.8 port 53807 ssh2 Nov 25 00:08:29 web9 sshd\[26635\]: Invalid user ramones from 220.173.55.8 Nov 25 00:08:29 web9 sshd\[26635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.173.55.8	2019-11-25 18:10:31
112.64.170.166	attackbotsspam	Lines containing failures of 112.64.170.166 Nov 25 04:10:59 zabbix sshd[86299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.170.166 user=r.r Nov 25 04:11:00 zabbix sshd[86299]: Failed password for r.r from 112.64.170.166 port 58060 ssh2 Nov 25 04:11:01 zabbix sshd[86299]: Received disconnect from 112.64.170.166 port 58060:11: Bye Bye [preauth] Nov 25 04:11:01 zabbix sshd[86299]: Disconnected from authenticating user r.r 112.64.170.166 port 58060 [preauth] Nov 25 04:21:17 zabbix sshd[87013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.170.166 user=lp Nov 25 04:21:19 zabbix sshd[87013]: Failed password for lp from 112.64.170.166 port 50262 ssh2 Nov 25 04:21:19 zabbix sshd[87013]: Received disconnect from 112.64.170.166 port 50262:11: Bye Bye [preauth] Nov 25 04:21:19 zabbix sshd[87013]: Disconnected from authenticating user lp 112.64.170.166 port 50262 [preauth] Nov 25 0........ ------------------------------	2019-11-25 17:57:14
159.65.172.240	attackspambots	Automatic report - Banned IP Access	2019-11-25 18:09:59
117.50.17.253	attack	Nov 25 07:18:42 vserver sshd\[12630\]: Invalid user mike from 117.50.17.253Nov 25 07:18:44 vserver sshd\[12630\]: Failed password for invalid user mike from 117.50.17.253 port 46570 ssh2Nov 25 07:26:25 vserver sshd\[12695\]: Invalid user kolos from 117.50.17.253Nov 25 07:26:28 vserver sshd\[12695\]: Failed password for invalid user kolos from 117.50.17.253 port 15086 ssh2 ...	2019-11-25 17:55:42
66.207.68.117	attackbotsspam	66.207.68.117 - - \[25/Nov/2019:09:48:59 +0100\] "POST /wp-login.php HTTP/1.0" 200 4474 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 66.207.68.117 - - \[25/Nov/2019:09:49:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 4287 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 66.207.68.117 - - \[25/Nov/2019:09:49:01 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-25 18:03:53

Recently Reported IPs

80.177.120.69	117.215.10.152	96.70.19.248	223.61.152.185
68.96.133.42	70.101.83.56	82.155.210.225	96.183.250.161
205.163.251.216	146.151.53.219	154.83.94.123	179.105.172.221
161.250.102.171	224.48.72.148	39.172.47.4	228.89.247.196
110.31.178.68	61.47.55.70	163.160.117.108	150.238.166.243