189.213.14.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
189.213.149.54	attack	Automatic report - Port Scan Attack	2020-09-04 00:58:17
189.213.149.54	attackspam	Automatic report - Port Scan Attack	2020-09-03 16:22:38
189.213.149.54	attack	Automatic report - Port Scan Attack	2020-09-03 08:31:09
189.213.148.165	attackbotsspam	[MK-Root1] Blocked by UFW	2020-08-24 02:45:14
189.213.144.47	attackbots	Automatic report - Port Scan Attack	2020-08-19 21:00:54
189.213.142.130	attackspambots	Automatic report - Port Scan Attack	2020-07-02 08:53:27
189.213.148.218	attackspam	Automatic report - Port Scan Attack	2020-07-01 17:12:45
189.213.143.195	attackbotsspam	Automatic report - Port Scan Attack	2020-06-30 12:53:03
189.213.147.178	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-06 08:19:44
189.213.147.178	attack	firewall-block, port(s): 1433/tcp	2020-05-01 02:17:42
189.213.147.178	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-04-11 16:13:41
189.213.147.178	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 02:27:52
189.213.148.199	attack	Unauthorized connection attempt detected from IP address 189.213.148.199 to port 23 [J]	2020-02-04 05:37:12
189.213.143.78	attack	Unauthorized connection attempt detected from IP address 189.213.143.78 to port 23 [J]	2020-01-22 23:47:18
189.213.149.89	attackspam	unauthorized connection attempt	2020-01-12 16:17:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.213.14.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7845
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.213.14.49.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 07:37:18 CST 2022
;; MSG SIZE  rcvd: 106

Host info

49.14.213.189.in-addr.arpa domain name pointer 189-213-14-49.static.axtel.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
49.14.213.189.in-addr.arpa	name = 189-213-14-49.static.axtel.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.205.142.148	attack	$f2bV_matches	2020-02-09 00:29:29
51.254.196.14	attackbotsspam	Automatic report - Banned IP Access	2020-02-09 00:05:52
222.247.38.150	attackspambots	Feb 8 12:31:36 firewall sshd[25573]: Invalid user gmh from 222.247.38.150 Feb 8 12:31:38 firewall sshd[25573]: Failed password for invalid user gmh from 222.247.38.150 port 45756 ssh2 Feb 8 12:34:19 firewall sshd[25659]: Invalid user pvc from 222.247.38.150 ...	2020-02-09 00:45:31
200.57.88.111	attackbots	Feb 4 14:36:10 dns-3 sshd[8926]: Invalid user info2 from 200.57.88.111 port 54514 Feb 4 14:36:10 dns-3 sshd[8926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.57.88.111 Feb 4 14:36:12 dns-3 sshd[8926]: Failed password for invalid user info2 from 200.57.88.111 port 54514 ssh2 Feb 4 14:36:13 dns-3 sshd[8926]: Received disconnect from 200.57.88.111 port 54514:11: Bye Bye [preauth] Feb 4 14:36:13 dns-3 sshd[8926]: Disconnected from invalid user info2 200.57.88.111 port 54514 [preauth] Feb 4 14:51:19 dns-3 sshd[9884]: User r.r from 200.57.88.111 not allowed because not listed in AllowUsers Feb 4 14:51:19 dns-3 sshd[9884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.57.88.111 user=r.r Feb 4 14:51:21 dns-3 sshd[9884]: Failed password for invalid user r.r from 200.57.88.111 port 52380 ssh2 Feb 4 14:51:22 dns-3 sshd[9884]: Received disconnect from 200.57.88.111 port 52380:1........ -------------------------------	2020-02-09 00:27:37
86.206.124.132	attackspam	Feb 8 16:11:50 cvbnet sshd[5689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.206.124.132 Feb 8 16:11:52 cvbnet sshd[5689]: Failed password for invalid user cpm from 86.206.124.132 port 33688 ssh2 ...	2020-02-09 00:09:02
157.245.6.134	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-02-09 00:15:07
139.186.74.64	attackbots	Automatic report - SSH Brute-Force Attack	2020-02-09 00:18:18
93.174.93.231	attackspam	Feb 8 16:16:25 [host] kernel: [4374042.709353] [U Feb 8 16:25:35 [host] kernel: [4374592.585850] [U Feb 8 16:36:41 [host] kernel: [4375258.368299] [U Feb 8 16:39:00 [host] kernel: [4375397.852703] [U Feb 8 17:03:24 [host] kernel: [4376861.378209] [U Feb 8 17:11:30 [host] kernel: [4377346.732674] [U	2020-02-09 00:18:45
50.115.181.98	attack	Feb 8 06:04:20 auw2 sshd\[31818\]: Invalid user ax from 50.115.181.98 Feb 8 06:04:20 auw2 sshd\[31818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d50-115-181-98.static.datacom.cgocable.net Feb 8 06:04:22 auw2 sshd\[31818\]: Failed password for invalid user ax from 50.115.181.98 port 11418 ssh2 Feb 8 06:05:43 auw2 sshd\[31939\]: Invalid user kyn from 50.115.181.98 Feb 8 06:05:43 auw2 sshd\[31939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d50-115-181-98.static.datacom.cgocable.net	2020-02-09 00:23:02
129.213.100.212	attackspambots	Feb 8 17:26:50 sd-53420 sshd\[23340\]: Invalid user vup from 129.213.100.212 Feb 8 17:26:50 sd-53420 sshd\[23340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.100.212 Feb 8 17:26:52 sd-53420 sshd\[23340\]: Failed password for invalid user vup from 129.213.100.212 port 52676 ssh2 Feb 8 17:30:00 sd-53420 sshd\[23609\]: Invalid user czo from 129.213.100.212 Feb 8 17:30:00 sd-53420 sshd\[23609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.100.212 ...	2020-02-09 00:36:26
94.177.246.39	attackbots	2020-02-08T16:46:35.894147scmdmz1 sshd[27243]: Invalid user suw from 94.177.246.39 port 50550 2020-02-08T16:46:35.897237scmdmz1 sshd[27243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.246.39 2020-02-08T16:46:35.894147scmdmz1 sshd[27243]: Invalid user suw from 94.177.246.39 port 50550 2020-02-08T16:46:37.681738scmdmz1 sshd[27243]: Failed password for invalid user suw from 94.177.246.39 port 50550 ssh2 2020-02-08T16:49:22.980367scmdmz1 sshd[27498]: Invalid user yck from 94.177.246.39 port 47620 ...	2020-02-09 00:24:31
89.248.168.221	attack	02/08/2020-17:08:06.072534 89.248.168.221 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-09 00:25:23
80.211.166.139	attackspambots	Feb 8 17:17:32 markkoudstaal sshd[29981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.166.139 Feb 8 17:17:34 markkoudstaal sshd[29981]: Failed password for invalid user pvp from 80.211.166.139 port 49988 ssh2 Feb 8 17:19:58 markkoudstaal sshd[30459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.166.139	2020-02-09 00:21:32
91.121.109.45	attackbotsspam	Fail2Ban Ban Triggered	2020-02-09 00:15:30
112.30.210.140	attackspambots	Feb 8 15:29:33 jane sshd[30010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.30.210.140 Feb 8 15:29:34 jane sshd[30010]: Failed password for invalid user szq from 112.30.210.140 port 2349 ssh2 ...	2020-02-09 00:21:08

Recently Reported IPs

79.174.27.11	138.219.121.197	112.94.100.15	47.115.179.228
118.137.26.12	14.243.26.232	69.141.237.124	190.201.162.164
187.121.218.243	120.243.97.23	188.119.120.133	27.5.30.100
222.142.214.128	128.73.209.92	134.122.1.116	103.140.83.94
61.3.150.165	23.105.86.13	73.233.1.98	186.1.19.130