61.14.211.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: EhostICT

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Port Scan ...	2020-10-14 08:43:23
attackspambots	IP 61.14.211.48 attacked honeypot on port: 1433 at 6/14/2020 10:23:50 PM	2020-06-15 09:00:58

Comments on same subnet:

IP	Type	Details	Datetime
61.14.211.214	attack	10/09/2019-13:38:42.995005 61.14.211.214 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-09 21:59:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.14.211.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.14.211.48.			IN	A

;; AUTHORITY SECTION:
.			486	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061401 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 15 09:00:49 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 48.211.14.61.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 48.211.14.61.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
83.99.0.57	attackbotsspam	Telnet login attempt	2019-08-04 01:36:15
106.12.98.12	attackbots	SSH bruteforce	2019-08-04 02:18:22
191.54.62.169	attackspam	Aug 3 23:15:33 localhost sshd[23478]: Invalid user admin from 191.54.62.169 port 49004 Aug 3 23:15:33 localhost sshd[23478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.54.62.169 Aug 3 23:15:33 localhost sshd[23478]: Invalid user admin from 191.54.62.169 port 49004 Aug 3 23:15:35 localhost sshd[23478]: Failed password for invalid user admin from 191.54.62.169 port 49004 ssh2 ...	2019-08-04 01:02:22
5.188.86.114	attackspam	08/03/2019-12:53:00.029360 5.188.86.114 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 6	2019-08-04 01:28:28
178.46.160.42	attackspam	failed_logins	2019-08-04 01:06:04
183.246.185.98	attackspam	Automatic report - Port Scan Attack	2019-08-04 02:03:05
217.79.34.202	attack	2019-08-03T15:57:21.825360abusebot-4.cloudsearch.cf sshd\[4437\]: Invalid user vyatta from 217.79.34.202 port 35841	2019-08-04 02:12:15
177.130.139.149	attack	SMTP-sasl brute force ...	2019-08-04 01:34:55
37.52.9.242	attack	Aug 3 16:53:02 mail sshd\[12875\]: Invalid user melisenda from 37.52.9.242 port 54280 Aug 3 16:53:02 mail sshd\[12875\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.52.9.242 ...	2019-08-04 01:08:59
101.231.201.50	attackspambots	Aug 3 18:57:03 www5 sshd\[31109\]: Invalid user suser from 101.231.201.50 Aug 3 18:57:03 www5 sshd\[31109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.201.50 Aug 3 18:57:05 www5 sshd\[31109\]: Failed password for invalid user suser from 101.231.201.50 port 21753 ssh2 ...	2019-08-04 01:27:48
39.43.103.199	attackbotsspam	Automatic report - Port Scan Attack	2019-08-04 02:17:34
181.57.133.130	attackspam	Aug 3 20:11:47 yabzik sshd[22934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.57.133.130 Aug 3 20:11:48 yabzik sshd[22934]: Failed password for invalid user ninja from 181.57.133.130 port 59088 ssh2 Aug 3 20:16:43 yabzik sshd[25277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.57.133.130	2019-08-04 01:33:30
170.0.125.8	attackbots	proto=tcp . spt=46518 . dpt=25 . (listed on 170.0.125.0/24 Dark List de Aug 03 03:55) (470)	2019-08-04 02:04:03
185.53.88.125	attackbots	Port scan on 10 port(s): 3001 6442 7000 7442 8082 8093 8383 8833 9595 11000	2019-08-04 01:57:03
92.118.37.74	attackbots	Aug 3 17:02:39 mail kernel: [5349594.866599] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=57053 PROTO=TCP SPT=46525 DPT=44629 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 3 17:02:59 mail kernel: [5349615.048961] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=42305 PROTO=TCP SPT=46525 DPT=52514 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 3 17:04:33 mail kernel: [5349709.133418] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=58471 PROTO=TCP SPT=46525 DPT=18736 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 3 17:06:01 mail kernel: [5349796.972313] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:d3:64:42:4c:5e:0c:c9:30:5f:08:00 SRC=92.118.37.74 DST=185.101.93.72 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=41097 PROTO=TCP SPT=46525 DPT=42736 WINDOW=1024 RES=0x00 SYN	2019-08-04 01:27:21

Recently Reported IPs

221.138.249.201	127.138.126.51	55.9.12.70	120.212.88.195
1.156.16.2	128.177.88.11	92.159.47.249	85.213.12.62
80.149.143.125	92.60.217.12	103.78.213.226	185.152.67.107
155.94.146.168	120.39.3.141	42.97.45.72	175.164.131.120
186.185.168.203	34.196.204.197	34.75.240.70	175.24.249.183