49.248.121.10 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Tata Teleservices Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2020-05-29T07:54:40.085410abusebot-4.cloudsearch.cf sshd[29114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.121.10 user=root 2020-05-29T07:54:42.936008abusebot-4.cloudsearch.cf sshd[29114]: Failed password for root from 49.248.121.10 port 33384 ssh2 2020-05-29T07:57:34.087026abusebot-4.cloudsearch.cf sshd[29265]: Invalid user frants from 49.248.121.10 port 36544 2020-05-29T07:57:34.097524abusebot-4.cloudsearch.cf sshd[29265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.121.10 2020-05-29T07:57:34.087026abusebot-4.cloudsearch.cf sshd[29265]: Invalid user frants from 49.248.121.10 port 36544 2020-05-29T07:57:35.832905abusebot-4.cloudsearch.cf sshd[29265]: Failed password for invalid user frants from 49.248.121.10 port 36544 ssh2 2020-05-29T08:00:18.283323abusebot-4.cloudsearch.cf sshd[29455]: Invalid user leanora from 49.248.121.10 port 39696 ...	2020-05-29 18:14:08
attack	DATE:2020-05-24 00:07:43, IP:49.248.121.10, PORT:ssh SSH brute force auth (docker-dc)	2020-05-24 06:09:21
attackspam	2020-05-05T22:17:33.858385 sshd[8294]: Invalid user ftpadmin from 49.248.121.10 port 57810 2020-05-05T22:17:33.872052 sshd[8294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.121.10 2020-05-05T22:17:33.858385 sshd[8294]: Invalid user ftpadmin from 49.248.121.10 port 57810 2020-05-05T22:17:36.319292 sshd[8294]: Failed password for invalid user ftpadmin from 49.248.121.10 port 57810 ssh2 ...	2020-05-06 05:54:12

Type

Details

Datetime

attackbotsspam

2020-05-29T07:54:40.085410abusebot-4.cloudsearch.cf sshd[29114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.121.10  user=root
2020-05-29T07:54:42.936008abusebot-4.cloudsearch.cf sshd[29114]: Failed password for root from 49.248.121.10 port 33384 ssh2
2020-05-29T07:57:34.087026abusebot-4.cloudsearch.cf sshd[29265]: Invalid user frants from 49.248.121.10 port 36544
2020-05-29T07:57:34.097524abusebot-4.cloudsearch.cf sshd[29265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.121.10
2020-05-29T07:57:34.087026abusebot-4.cloudsearch.cf sshd[29265]: Invalid user frants from 49.248.121.10 port 36544
2020-05-29T07:57:35.832905abusebot-4.cloudsearch.cf sshd[29265]: Failed password for invalid user frants from 49.248.121.10 port 36544 ssh2
2020-05-29T08:00:18.283323abusebot-4.cloudsearch.cf sshd[29455]: Invalid user leanora from 49.248.121.10 port 39696
...

2020-05-29 18:14:08

attack

DATE:2020-05-24 00:07:43, IP:49.248.121.10, PORT:ssh SSH brute force auth (docker-dc)

2020-05-24 06:09:21

attackspam

2020-05-05T22:17:33.858385  sshd[8294]: Invalid user ftpadmin from 49.248.121.10 port 57810
2020-05-05T22:17:33.872052  sshd[8294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.121.10
2020-05-05T22:17:33.858385  sshd[8294]: Invalid user ftpadmin from 49.248.121.10 port 57810
2020-05-05T22:17:36.319292  sshd[8294]: Failed password for invalid user ftpadmin from 49.248.121.10 port 57810 ssh2
...

2020-05-06 05:54:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.248.121.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35803
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.248.121.10.			IN	A

;; AUTHORITY SECTION:
.			480	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050502 1800 900 604800 86400

;; Query time: 175 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 05:54:08 CST 2020
;; MSG SIZE  rcvd: 117

Host info

10.121.248.49.in-addr.arpa domain name pointer static-10.121.248.49-tataidc.co.in.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
10.121.248.49.in-addr.arpa	name = static-10.121.248.49-tataidc.co.in.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.72.88.40	attack	Sep 16 10:29:03 apollo sshd\[22165\]: Invalid user digi-user from 27.72.88.40Sep 16 10:29:05 apollo sshd\[22165\]: Failed password for invalid user digi-user from 27.72.88.40 port 51612 ssh2Sep 16 10:36:05 apollo sshd\[22199\]: Invalid user jackieg from 27.72.88.40 ...	2019-09-17 00:56:19
167.71.203.150	attack	Sep 16 06:34:29 hpm sshd\[16075\]: Invalid user tibero6 from 167.71.203.150 Sep 16 06:34:29 hpm sshd\[16075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.203.150 Sep 16 06:34:31 hpm sshd\[16075\]: Failed password for invalid user tibero6 from 167.71.203.150 port 42826 ssh2 Sep 16 06:43:47 hpm sshd\[16989\]: Invalid user konowicz from 167.71.203.150 Sep 16 06:43:47 hpm sshd\[16989\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.203.150	2019-09-17 00:52:27
31.133.78.128	attackspam	SMB Server BruteForce Attack	2019-09-17 01:46:30
92.118.37.97	attack	Portscan or hack attempt detected by psad/fwsnort	2019-09-17 01:30:41
120.142.161.81	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/120.142.161.81/ KR - 1H : (65) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN10036 IP : 120.142.161.81 CIDR : 120.142.160.0/21 PREFIX COUNT : 519 UNIQUE IP COUNT : 856064 WYKRYTE ATAKI Z ASN10036 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-17 01:01:29
138.197.145.26	attackspambots	Sep 16 19:06:26 dedicated sshd[28146]: Invalid user zun from 138.197.145.26 port 33418	2019-09-17 01:07:29
157.230.115.60	attackspam	Sep 16 02:52:00 aiointranet sshd\[28016\]: Invalid user 123456 from 157.230.115.60 Sep 16 02:52:00 aiointranet sshd\[28016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.115.60 Sep 16 02:52:01 aiointranet sshd\[28016\]: Failed password for invalid user 123456 from 157.230.115.60 port 33666 ssh2 Sep 16 02:55:55 aiointranet sshd\[28347\]: Invalid user cobra from 157.230.115.60 Sep 16 02:55:55 aiointranet sshd\[28347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.115.60	2019-09-17 01:13:32
185.175.93.104	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-09-17 01:19:11
77.32.181.240	attack	Sep 16 10:19:52 mailserver postfix/smtpd[75388]: warning: hostname newsletter.sinimo.fr does not resolve to address 77.32.181.240 Sep 16 10:19:52 mailserver postfix/smtpd[75388]: connect from unknown[77.32.181.240] Sep 16 10:19:52 mailserver postfix/smtpd[75388]: NOQUEUE: reject: RCPT from unknown[77.32.181.240]: 450 4.7.1 Client host rejected: cannot find your hostname, [77.32.181.240]; from= to=<[hidden]> proto=ESMTP helo= Sep 16 10:19:52 mailserver postfix/smtpd[75388]: lost connection after RCPT from unknown[77.32.181.240] Sep 16 10:19:52 mailserver postfix/smtpd[75388]: disconnect from unknown[77.32.181.240] Sep 16 10:20:52 mailserver postfix/smtpd[75511]: warning: hostname newsletter.sinimo.fr does not resolve to address 77.32.181.240 Sep 16 10:20:52 mailserver postfix/smtpd[75511]: connect from unknown[77.32.181.240] Sep 16 10:20:52 mailserver postfix/smtpd[75511]: NOQUEUE: reject: RCPT from unknown[77.32.181.240]: 450 4.7.1 Client host rejected: cann	2019-09-17 00:53:56
191.249.165.89	attack	Automatic report - Port Scan Attack	2019-09-17 00:58:56
218.207.195.169	attackspambots	2019-09-16T13:53:29.536269lon01.zurich-datacenter.net sshd\[4825\]: Invalid user ftpuser from 218.207.195.169 port 52236 2019-09-16T13:53:29.544211lon01.zurich-datacenter.net sshd\[4825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.207.195.169 2019-09-16T13:53:31.089554lon01.zurich-datacenter.net sshd\[4825\]: Failed password for invalid user ftpuser from 218.207.195.169 port 52236 ssh2 2019-09-16T13:59:49.565867lon01.zurich-datacenter.net sshd\[4961\]: Invalid user jira from 218.207.195.169 port 8898 2019-09-16T13:59:49.572022lon01.zurich-datacenter.net sshd\[4961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.207.195.169 ...	2019-09-17 01:30:19
149.202.164.82	attack	Sep 16 08:09:03 ny01 sshd[23325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.164.82 Sep 16 08:09:05 ny01 sshd[23325]: Failed password for invalid user pul from 149.202.164.82 port 42236 ssh2 Sep 16 08:13:22 ny01 sshd[24043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.164.82	2019-09-17 01:28:11
189.181.199.161	attackbotsspam	detected by Fail2Ban	2019-09-17 01:08:17
201.182.33.193	attackbotsspam	Sep 16 02:00:56 auw2 sshd\[30498\]: Invalid user edgar from 201.182.33.193 Sep 16 02:00:56 auw2 sshd\[30498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.182.33.193 Sep 16 02:00:58 auw2 sshd\[30498\]: Failed password for invalid user edgar from 201.182.33.193 port 38696 ssh2 Sep 16 02:05:48 auw2 sshd\[30917\]: Invalid user login from 201.182.33.193 Sep 16 02:05:48 auw2 sshd\[30917\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.182.33.193	2019-09-17 01:06:04
175.143.83.219	attack	DATE:2019-09-16 10:20:53, IP:175.143.83.219, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-09-17 00:50:38

Recently Reported IPs

196.119.165.233	191.130.41.13	79.70.20.171	178.240.232.123
34.92.89.178	54.209.122.14	216.65.217.55	114.163.79.77
154.125.244.243	225.43.243.224	138.197.130.138	249.243.168.244
34.161.24.213	251.183.107.42	115.156.91.40	165.89.70.190
53.67.35.66	177.129.149.82	27.158.219.174	197.51.248.90