89.146.149.248

Basic Info

City: unknown

Region: unknown

Country: Bosnia and Herzegovina

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
89.146.149.145	attackbots	Unauthorized connection attempt detected from IP address 89.146.149.145 to port 26	2020-07-09 02:10:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.146.149.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;89.146.149.248.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012901 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 05:53:38 CST 2025
;; MSG SIZE  rcvd: 107

Host info

248.149.146.89.in-addr.arpa domain name pointer SE400.PPPoE-5624.sa.bih.net.ba.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.149.146.89.in-addr.arpa	name = SE400.PPPoE-5624.sa.bih.net.ba.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.30.35	attack	2020-05-13T17:19:16.685395sd-86998 sshd[41315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root 2020-05-13T17:19:18.573475sd-86998 sshd[41315]: Failed password for root from 222.186.30.35 port 38746 ssh2 2020-05-13T17:19:21.313461sd-86998 sshd[41315]: Failed password for root from 222.186.30.35 port 38746 ssh2 2020-05-13T17:19:16.685395sd-86998 sshd[41315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root 2020-05-13T17:19:18.573475sd-86998 sshd[41315]: Failed password for root from 222.186.30.35 port 38746 ssh2 2020-05-13T17:19:21.313461sd-86998 sshd[41315]: Failed password for root from 222.186.30.35 port 38746 ssh2 2020-05-13T17:19:16.685395sd-86998 sshd[41315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root 2020-05-13T17:19:18.573475sd-86998 sshd[41315]: Failed password for root from 222.186 ...	2020-05-13 23:32:08
218.92.0.158	attack	May 13 17:34:09 home sshd[17762]: Failed password for root from 218.92.0.158 port 3909 ssh2 May 13 17:34:12 home sshd[17762]: Failed password for root from 218.92.0.158 port 3909 ssh2 May 13 17:34:16 home sshd[17762]: Failed password for root from 218.92.0.158 port 3909 ssh2 May 13 17:34:19 home sshd[17762]: Failed password for root from 218.92.0.158 port 3909 ssh2 ...	2020-05-13 23:38:37
1.245.61.144	attackspam	2020-05-13T08:29:57.531272linuxbox-skyline sshd[145615]: Invalid user ehi from 1.245.61.144 port 48504 ...	2020-05-13 22:49:47
185.53.168.96	attackbots	May 13 16:18:53 DAAP sshd[28275]: Invalid user admin from 185.53.168.96 port 60182 May 13 16:18:53 DAAP sshd[28275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.53.168.96 May 13 16:18:53 DAAP sshd[28275]: Invalid user admin from 185.53.168.96 port 60182 May 13 16:18:55 DAAP sshd[28275]: Failed password for invalid user admin from 185.53.168.96 port 60182 ssh2 May 13 16:28:25 DAAP sshd[28327]: Invalid user libuuid from 185.53.168.96 port 36418 ...	2020-05-13 22:57:05
128.199.250.87	attackspam	May 13 18:48:04 gw1 sshd[5969]: Failed password for root from 128.199.250.87 port 59490 ssh2 ...	2020-05-13 23:13:41
188.166.246.46	attackspam	May 13 15:07:24 OPSO sshd\[12017\]: Invalid user user2 from 188.166.246.46 port 48092 May 13 15:07:24 OPSO sshd\[12017\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.246.46 May 13 15:07:26 OPSO sshd\[12017\]: Failed password for invalid user user2 from 188.166.246.46 port 48092 ssh2 May 13 15:11:51 OPSO sshd\[12779\]: Invalid user oracle from 188.166.246.46 port 50494 May 13 15:11:51 OPSO sshd\[12779\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.246.46	2020-05-13 22:58:25
62.122.97.5	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-05-13 23:11:40
120.31.138.82	attackspam	20 attempts against mh-ssh on install-test	2020-05-13 23:14:03
123.207.241.223	attack	May 13 14:19:48 game-panel sshd[23392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.241.223 May 13 14:19:50 game-panel sshd[23392]: Failed password for invalid user rdc from 123.207.241.223 port 55486 ssh2 May 13 14:25:34 game-panel sshd[23612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.241.223	2020-05-13 23:16:11
158.69.160.191	attack	$f2bV_matches	2020-05-13 23:00:02
164.163.23.19	attackspam	May 13 11:45:58 firewall sshd[23525]: Invalid user postgres from 164.163.23.19 May 13 11:45:59 firewall sshd[23525]: Failed password for invalid user postgres from 164.163.23.19 port 33664 ssh2 May 13 11:50:35 firewall sshd[23612]: Invalid user qtss from 164.163.23.19 ...	2020-05-13 23:05:07
178.154.200.34	attackspam	[Wed May 13 21:40:31.213242 2020] [:error] [pid 10844:tid 140704567748352] [client 178.154.200.34:33226] [client 178.154.200.34] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XrwG3-ANdM6VaKJ-TyCUVAAAAyw"] ...	2020-05-13 23:40:34
213.180.203.38	attackspam	[Wed May 13 19:37:08.871260 2020] [:error] [pid 23852:tid 140604109100800] [client 213.180.203.38:64230] [client 213.180.203.38] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xrvp9O6oP8lSLrpN4R1CtwAAAe8"] ...	2020-05-13 23:02:26
194.61.55.164	attackbots	...	2020-05-13 23:08:03
51.89.149.213	attackspam	firewall-block, port(s): 25160/tcp	2020-05-13 22:54:16

Recently Reported IPs

80.177.120.69	117.215.10.152	96.70.19.248	223.61.152.185
68.96.133.42	70.101.83.56	82.155.210.225	96.183.250.161
205.163.251.216	146.151.53.219	154.83.94.123	179.105.172.221
161.250.102.171	224.48.72.148	39.172.47.4	228.89.247.196
110.31.178.68	61.47.55.70	163.160.117.108	150.238.166.243