46.21.249.145 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OOO Network of Data-Centers Selectel

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	46.21.249.145 was recorded 5 times by 5 hosts attempting to connect to the following ports: 64317,897,65110,58810,21717. Incident counter (4h, 24h, all-time): 5, 19, 257	2019-11-20 08:32:59
attackspam	46.21.249.145 was recorded 5 times by 5 hosts attempting to connect to the following ports: 10821,21278,4465,28370,57539. Incident counter (4h, 24h, all-time): 5, 19, 169	2019-11-13 14:13:23
attack	10/30/2019-07:53:41.065500 46.21.249.145 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-30 21:45:39

Type

Details

Datetime

attack

46.21.249.145 was recorded 5 times by 5 hosts attempting to connect to the following ports: 64317,897,65110,58810,21717. Incident counter (4h, 24h, all-time): 5, 19, 257

2019-11-20 08:32:59

attackspam

46.21.249.145 was recorded 5 times by 5 hosts attempting to connect to the following ports: 10821,21278,4465,28370,57539. Incident counter (4h, 24h, all-time): 5, 19, 169

2019-11-13 14:13:23

attack

10/30/2019-07:53:41.065500 46.21.249.145 Protocol: 6 ET SCAN NMAP -sS window 1024

2019-10-30 21:45:39

Comments on same subnet:

IP	Type	Details	Datetime
46.21.249.190	attack	2020-10-10T05:53:50.603150mail.broermann.family sshd[14078]: Failed password for invalid user thinker from 46.21.249.190 port 57074 ssh2 2020-10-10T05:57:44.198392mail.broermann.family sshd[14421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.190 user=root 2020-10-10T05:57:46.273826mail.broermann.family sshd[14421]: Failed password for root from 46.21.249.190 port 60828 ssh2 2020-10-10T06:01:10.015142mail.broermann.family sshd[14790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.190 user=root 2020-10-10T06:01:12.236296mail.broermann.family sshd[14790]: Failed password for root from 46.21.249.190 port 36336 ssh2 ...	2020-10-11 01:44:01
46.21.249.141	attackspambots	Aug 12 04:54:28 ws26vmsma01 sshd[83716]: Failed password for root from 46.21.249.141 port 39162 ssh2 Aug 12 04:54:41 ws26vmsma01 sshd[83716]: error: maximum authentication attempts exceeded for root from 46.21.249.141 port 39162 ssh2 [preauth] ...	2020-08-12 12:56:57
46.21.249.141	attackspambots	SmallBizIT.US 1 packets to tcp(22)	2020-08-10 18:24:24
46.21.249.141	attackbotsspam	ET COMPROMISED Known Compromised or Hostile Host Traffic group 26 - port: 22 proto: tcp cat: Misc Attackbytes: 60	2020-08-10 01:10:14
46.21.249.141	attackspam	Aug 9 11:22:15 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2 Aug 9 11:22:18 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2 Aug 9 11:22:20 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2 Aug 9 11:22:22 lnxded64 sshd[3625]: Failed password for root from 46.21.249.141 port 37090 ssh2	2020-08-09 17:24:09
46.21.249.141	attackspam	Aug 3 22:51:15 xxxxxxx5185820 sshd[12003]: reveeclipse mapping checking getaddrinfo for nalive.ru [46.21.249.141] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 3 22:51:15 xxxxxxx5185820 sshd[12003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=r.r Aug 3 22:51:17 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:19 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:21 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:23 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:25 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:27 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:27 xxxxxxx5185820 sshd[12003]: error: maximum ........ -------------------------------	2020-08-09 05:18:55
46.21.249.141	attackbotsspam	Aug 8 22:16:01 plg sshd[2759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=root Aug 8 22:16:02 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:05 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:08 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:11 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:13 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:16 plg sshd[2759]: Failed password for invalid user root from 46.21.249.141 port 57164 ssh2 Aug 8 22:16:16 plg sshd[2759]: error: maximum authentication attempts exceeded for invalid user root from 46.21.249.141 port 57164 ssh2 [preauth] ...	2020-08-09 04:18:13
46.21.249.141	attackspambots	$f2bV_matches	2020-08-08 06:35:45
46.21.249.141	attack	2020-08-07T13:30:29.719535galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:31.927492galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:34.185887galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:36.162360galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:38.082997galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:40.286204galaxy.wi.uni-potsdam.de sshd[17608]: Failed password for root from 46.21.249.141 port 48758 ssh2 2020-08-07T13:30:40.286394galaxy.wi.uni-potsdam.de sshd[17608]: error: maximum authentication attempts exceeded for root from 46.21.249.141 port 48758 ssh2 [preauth] 2020-08-07T13:30:40.286424galaxy.wi.uni-potsdam.de sshd[17608]: Disconnecting: Too many au ...	2020-08-07 19:40:01
46.21.249.141	attackbots	Aug 6 22:56:51 roki-contabo sshd\[16181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=root Aug 6 22:56:53 roki-contabo sshd\[16181\]: Failed password for root from 46.21.249.141 port 39940 ssh2 Aug 6 22:57:04 roki-contabo sshd\[16188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=root Aug 6 22:57:06 roki-contabo sshd\[16188\]: Failed password for root from 46.21.249.141 port 43018 ssh2 Aug 6 22:57:18 roki-contabo sshd\[16200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=root ...	2020-08-07 04:58:08
46.21.249.141	attackspambots	Aug 3 22:51:15 xxxxxxx5185820 sshd[12003]: reveeclipse mapping checking getaddrinfo for nalive.ru [46.21.249.141] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 3 22:51:15 xxxxxxx5185820 sshd[12003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.21.249.141 user=r.r Aug 3 22:51:17 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:19 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:21 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:23 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:25 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:27 xxxxxxx5185820 sshd[12003]: Failed password for r.r from 46.21.249.141 port 56940 ssh2 Aug 3 22:51:27 xxxxxxx5185820 sshd[12003]: error: maximum ........ -------------------------------	2020-08-06 13:39:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.21.249.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43154
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.21.249.145.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102800 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 28 16:18:43 CST 2019
;; MSG SIZE  rcvd: 117

Host info

145.249.21.46.in-addr.arpa domain name pointer srv145-249-21-46.cwstech.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
145.249.21.46.in-addr.arpa	name = srv145-249-21-46.cwstech.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.224.147.72	attackspam	May 21 06:46:39 mout sshd[4373]: Invalid user ggz from 104.224.147.72 port 47452 May 21 06:46:41 mout sshd[4373]: Failed password for invalid user ggz from 104.224.147.72 port 47452 ssh2 May 23 16:59:08 mout sshd[23654]: Invalid user otp from 104.224.147.72 port 45836	2020-05-24 00:45:26
192.241.172.175	attackspambots	May 23 17:12:07 mail sshd[7567]: Invalid user mru from 192.241.172.175 May 23 17:12:07 mail sshd[7567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.172.175 May 23 17:12:07 mail sshd[7567]: Invalid user mru from 192.241.172.175 May 23 17:12:09 mail sshd[7567]: Failed password for invalid user mru from 192.241.172.175 port 39854 ssh2 May 23 17:21:27 mail sshd[8608]: Invalid user aqg from 192.241.172.175 ...	2020-05-24 00:21:03
122.152.220.197	attackbotsspam	Invalid user ijr from 122.152.220.197 port 49276	2020-05-24 00:41:26
51.77.150.203	attackspambots	May 23 16:11:02 l02a sshd[21001]: Invalid user ncq from 51.77.150.203 May 23 16:11:02 l02a sshd[21001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.ip-51-77-150.eu May 23 16:11:02 l02a sshd[21001]: Invalid user ncq from 51.77.150.203 May 23 16:11:04 l02a sshd[21001]: Failed password for invalid user ncq from 51.77.150.203 port 51542 ssh2	2020-05-24 00:31:31
206.253.167.10	attackspambots	5x Failed Password	2020-05-24 00:02:35
27.79.229.127	attackbotsspam	Spammer	2020-05-24 00:19:31
175.204.114.196	attackspam	Invalid user admin from 175.204.114.196 port 47465	2020-05-24 00:38:18
150.109.41.62	attack	odoo8 ...	2020-05-24 00:41:06
159.65.86.239	attack	May 23 17:26:21 vserver sshd\[26988\]: Invalid user lsd from 159.65.86.239May 23 17:26:23 vserver sshd\[26988\]: Failed password for invalid user lsd from 159.65.86.239 port 44732 ssh2May 23 17:33:49 vserver sshd\[27019\]: Invalid user jne from 159.65.86.239May 23 17:33:51 vserver sshd\[27019\]: Failed password for invalid user jne from 159.65.86.239 port 37596 ssh2 ...	2020-05-24 00:17:13
157.245.227.165	attackspam	Repeated brute force against a port	2020-05-24 00:40:55
112.81.56.52	attackspam	May 21 02:38:34 m3061 sshd[21837]: Invalid user juj from 112.81.56.52 May 21 02:38:34 m3061 sshd[21837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.81.56.52 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=112.81.56.52	2020-05-24 00:43:53
222.186.175.182	attack	SSH bruteforce	2020-05-23 23:59:38
203.130.152.114	attackspambots	Invalid user ubnt from 203.130.152.114 port 56934	2020-05-24 00:11:40
203.151.81.77	attackbotsspam	$f2bV_matches	2020-05-24 00:35:13
183.106.8.211	attack	Invalid user pi from 183.106.8.211 port 51844	2020-05-24 00:36:53

Recently Reported IPs

132.232.219.177	58.147.177.80	120.79.3.122	213.142.146.86
210.213.85.42	179.43.110.203	156.223.174.107	113.219.83.37
45.79.206.197	5.13.136.203	62.83.7.239	203.150.162.218
196.202.170.218	49.76.55.41	101.37.152.150	27.193.190.175
35.241.189.252	106.246.178.215	83.33.9.94	14.100.20.25