49.248.21.114 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Tata Teleservices Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 49.248.21.114 on Port 445(SMB)	2019-10-30 05:45:46
attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 23:02:41,652 INFO [amun_request_handler] PortScan Detected on Port: 445 (49.248.21.114)	2019-07-08 10:53:30

Type

Details

Datetime

attackbotsspam

Unauthorized connection attempt from IP address 49.248.21.114 on Port 445(SMB)

2019-10-30 05:45:46

attackbots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 23:02:41,652 INFO [amun_request_handler] PortScan Detected on Port: 445 (49.248.21.114)

2019-07-08 10:53:30

Comments on same subnet:

IP	Type	Details	Datetime
49.248.216.238	attack	Unauthorized connection attempt detected from IP address 49.248.216.238 to port 445 [T]	2020-08-14 03:57:52
49.248.215.5	attackbotsspam	Invalid user d from 49.248.215.5 port 43660	2020-07-23 02:20:50
49.248.215.5	attackspambots	"fail2ban match"	2020-07-22 06:43:26
49.248.215.5	attack	Jul 16 09:16:20 vlre-nyc-1 sshd\[32087\]: Invalid user hanna from 49.248.215.5 Jul 16 09:16:20 vlre-nyc-1 sshd\[32087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.215.5 Jul 16 09:16:22 vlre-nyc-1 sshd\[32087\]: Failed password for invalid user hanna from 49.248.215.5 port 41172 ssh2 Jul 16 09:21:54 vlre-nyc-1 sshd\[32226\]: Invalid user qwerty from 49.248.215.5 Jul 16 09:21:54 vlre-nyc-1 sshd\[32226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.215.5 ...	2020-07-16 19:21:19
49.248.215.5	attackbotsspam	2020-06-30T14:30:30+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-06-30 21:36:54
49.248.215.5	attackspam	Jun 23 05:57:08 ns382633 sshd\[1626\]: Invalid user ubuntu from 49.248.215.5 port 54438 Jun 23 05:57:08 ns382633 sshd\[1626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.215.5 Jun 23 05:57:10 ns382633 sshd\[1626\]: Failed password for invalid user ubuntu from 49.248.215.5 port 54438 ssh2 Jun 23 05:58:19 ns382633 sshd\[1762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.215.5 user=root Jun 23 05:58:21 ns382633 sshd\[1762\]: Failed password for root from 49.248.215.5 port 38074 ssh2	2020-06-23 12:02:39
49.248.215.5	attack	Invalid user ann from 49.248.215.5 port 58744	2020-06-18 13:43:39
49.248.215.5	attackspambots	Jun 15 06:40:10 *** sshd[962]: User root from 49.248.215.5 not allowed because not listed in AllowUsers	2020-06-15 17:21:16
49.248.215.5	attackbotsspam	leo_www	2020-06-15 05:50:23
49.248.215.5	attackbots	Jun 8 23:05:33 ws25vmsma01 sshd[154875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.215.5 Jun 8 23:05:35 ws25vmsma01 sshd[154875]: Failed password for invalid user applmgr from 49.248.215.5 port 39368 ssh2 ...	2020-06-09 07:08:56
49.248.215.5	attack	Brute-force attempt banned	2020-06-08 23:34:50
49.248.215.5	attack	Repeated brute force against a port	2020-06-06 21:04:25
49.248.215.5	attackbots	Invalid user ugk from 49.248.215.5 port 39542	2020-05-28 04:56:05
49.248.215.5	attackspam	Invalid user mzr from 49.248.215.5 port 47246	2020-05-23 12:30:12
49.248.215.5	attack	May 21 16:18:52 piServer sshd[4261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.215.5 May 21 16:18:55 piServer sshd[4261]: Failed password for invalid user kvw from 49.248.215.5 port 58788 ssh2 May 21 16:22:53 piServer sshd[4532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.248.215.5 ...	2020-05-21 23:21:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.248.21.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53804
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.248.21.114.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 10:53:19 CST 2019
;; MSG SIZE  rcvd: 117

Host info

114.21.248.49.in-addr.arpa domain name pointer static-114.21.248.49-tataidc.co.in.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
114.21.248.49.in-addr.arpa	name = static-114.21.248.49-tataidc.co.in.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
147.0.22.179	attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-05-11 20:43:49
14.17.114.65	attack	Bruteforce detected by fail2ban	2020-05-11 20:48:35
187.85.132.118	attackbots	May 11 09:24:21 dns1 sshd[26538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.85.132.118 May 11 09:24:23 dns1 sshd[26538]: Failed password for invalid user bkp from 187.85.132.118 port 51988 ssh2 May 11 09:31:40 dns1 sshd[26855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.85.132.118	2020-05-11 20:31:54
202.191.56.159	attack	May 11 07:57:47 s158375 sshd[1705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.191.56.159	2020-05-11 21:03:23
189.18.243.210	attack	May 11 12:04:57 onepixel sshd[2994962]: Failed password for mysql from 189.18.243.210 port 48417 ssh2 May 11 12:09:33 onepixel sshd[2995751]: Invalid user bamboo from 189.18.243.210 port 53482 May 11 12:09:33 onepixel sshd[2995751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.18.243.210 May 11 12:09:33 onepixel sshd[2995751]: Invalid user bamboo from 189.18.243.210 port 53482 May 11 12:09:35 onepixel sshd[2995751]: Failed password for invalid user bamboo from 189.18.243.210 port 53482 ssh2	2020-05-11 20:24:02
177.189.244.193	attackbotsspam	2020-05-11T14:07:26.635878sd-86998 sshd[33686]: Invalid user www-data from 177.189.244.193 port 59366 2020-05-11T14:07:26.641765sd-86998 sshd[33686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.189.244.193 2020-05-11T14:07:26.635878sd-86998 sshd[33686]: Invalid user www-data from 177.189.244.193 port 59366 2020-05-11T14:07:28.647160sd-86998 sshd[33686]: Failed password for invalid user www-data from 177.189.244.193 port 59366 ssh2 2020-05-11T14:09:34.286306sd-86998 sshd[33985]: Invalid user cdouglas from 177.189.244.193 port 45570 ...	2020-05-11 20:26:25
222.186.173.154	attack	May 11 08:40:14 NPSTNNYC01T sshd[22858]: Failed password for root from 222.186.173.154 port 55060 ssh2 May 11 08:40:17 NPSTNNYC01T sshd[22858]: Failed password for root from 222.186.173.154 port 55060 ssh2 May 11 08:40:28 NPSTNNYC01T sshd[22858]: Failed password for root from 222.186.173.154 port 55060 ssh2 May 11 08:40:28 NPSTNNYC01T sshd[22858]: error: maximum authentication attempts exceeded for root from 222.186.173.154 port 55060 ssh2 [preauth] ...	2020-05-11 20:40:58
213.217.0.131	attackbotsspam	May 11 14:45:41 debian-2gb-nbg1-2 kernel: \[11460008.989279\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=213.217.0.131 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=5828 PROTO=TCP SPT=49268 DPT=51872 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-11 20:56:38
118.89.228.58	attack	May 11 12:03:34 ip-172-31-62-245 sshd\[10191\]: Failed password for root from 118.89.228.58 port 21472 ssh2\ May 11 12:06:22 ip-172-31-62-245 sshd\[10242\]: Invalid user pluto from 118.89.228.58\ May 11 12:06:24 ip-172-31-62-245 sshd\[10242\]: Failed password for invalid user pluto from 118.89.228.58 port 42203 ssh2\ May 11 12:09:15 ip-172-31-62-245 sshd\[10374\]: Invalid user master from 118.89.228.58\ May 11 12:09:17 ip-172-31-62-245 sshd\[10374\]: Failed password for invalid user master from 118.89.228.58 port 62934 ssh2\	2020-05-11 20:39:22
145.239.72.142	attack	May 11 12:34:16 sshgateway sshd\[2275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.ip-145-239-72.eu user=root May 11 12:34:18 sshgateway sshd\[2275\]: Failed password for root from 145.239.72.142 port 49033 ssh2 May 11 12:38:00 sshgateway sshd\[2318\]: Invalid user naveed from 145.239.72.142	2020-05-11 20:57:58
139.99.116.26	attackspambots	2020-05-11T15:31:26.761761afi-git.jinr.ru sshd[29045]: Failed password for admin from 139.99.116.26 port 51782 ssh2 2020-05-11T15:31:28.553310afi-git.jinr.ru sshd[29060]: Invalid user user from 139.99.116.26 port 56226 2020-05-11T15:31:28.556433afi-git.jinr.ru sshd[29060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip26.ip-139-99-116.net 2020-05-11T15:31:28.553310afi-git.jinr.ru sshd[29060]: Invalid user user from 139.99.116.26 port 56226 2020-05-11T15:31:30.853430afi-git.jinr.ru sshd[29060]: Failed password for invalid user user from 139.99.116.26 port 56226 ssh2 ...	2020-05-11 21:05:09
134.209.178.109	attackbots	May 11 19:08:59 itv-usvr-01 sshd[19587]: Invalid user grid from 134.209.178.109 May 11 19:08:59 itv-usvr-01 sshd[19587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.178.109 May 11 19:08:59 itv-usvr-01 sshd[19587]: Invalid user grid from 134.209.178.109 May 11 19:09:01 itv-usvr-01 sshd[19587]: Failed password for invalid user grid from 134.209.178.109 port 50922 ssh2	2020-05-11 20:50:37
122.112.190.154	attack	May 11 14:09:00 debian-2gb-nbg1-2 kernel: \[11457807.276055\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=122.112.190.154 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=224 ID=23946 PROTO=TCP SPT=58715 DPT=4243 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-11 20:51:54
122.165.146.202	attackbotsspam	May 11 12:20:06 localhost sshd[10827]: Invalid user webon from 122.165.146.202 port 45418 May 11 12:20:06 localhost sshd[10827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.146.202 May 11 12:20:06 localhost sshd[10827]: Invalid user webon from 122.165.146.202 port 45418 May 11 12:20:08 localhost sshd[10827]: Failed password for invalid user webon from 122.165.146.202 port 45418 ssh2 May 11 12:25:45 localhost sshd[11286]: Invalid user ubuntu from 122.165.146.202 port 53504 ...	2020-05-11 20:27:59
112.64.34.165	attackbots	2020-05-11T12:04:57.332790abusebot-3.cloudsearch.cf sshd[24315]: Invalid user ubuntu from 112.64.34.165 port 60226 2020-05-11T12:04:57.341220abusebot-3.cloudsearch.cf sshd[24315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.34.165 2020-05-11T12:04:57.332790abusebot-3.cloudsearch.cf sshd[24315]: Invalid user ubuntu from 112.64.34.165 port 60226 2020-05-11T12:04:59.557495abusebot-3.cloudsearch.cf sshd[24315]: Failed password for invalid user ubuntu from 112.64.34.165 port 60226 ssh2 2020-05-11T12:06:58.774443abusebot-3.cloudsearch.cf sshd[24540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.34.165 user=root 2020-05-11T12:07:00.599703abusebot-3.cloudsearch.cf sshd[24540]: Failed password for root from 112.64.34.165 port 41604 ssh2 2020-05-11T12:09:02.442272abusebot-3.cloudsearch.cf sshd[24647]: Invalid user user from 112.64.34.165 port 51218 ...	2020-05-11 20:51:04

Recently Reported IPs

116.100.35.102	95.67.123.134	215.131.111.221	59.148.244.232
125.21.41.218	83.4.203.247	186.185.223.174	170.244.212.155
167.250.219.156	46.237.207.106	191.53.238.128	167.167.18.6
180.181.255.2	171.236.239.51	220.177.146.137	185.150.15.89
188.162.36.237	103.56.139.41	36.90.81.188	79.11.175.137