JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.206.243.164

49.206.243.164 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 100%: ?

100%

ISP	Beam Telecom Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS24309
Hostname(s)	49.206.243.164.actcorp.in
Domain Name	beamtele.com
Country	🇮🇳 India
City	Bengaluru, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.206.243.164

Whois 49.206.243.164

IP Abuse Reports for 49.206.243.164:

This IP address has been reported a total of 133 times from 90 distinct sources. 49.206.243.164 was first reported on May 29th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 blik2108	2026-06-01 10:39:02 (2 days ago)	2026-06-01T10:26:47.855784+00:00 wightpi sshd[567811]: Invalid user test from 49.206.243.164 port 58 ... show more 2026-06-01T10:26:47.855784+00:00 wightpi sshd[567811]: Invalid user test from 49.206.243.164 port 58664 2026-06-01T10:39:01.207852+00:00 wightpi sshd[567936]: Invalid user tecnopos from 49.206.243.164 port 16918 ... show less	Brute-Force SSH
🇷🇺 weke	2026-05-31 22:48:10 (3 days ago)	ip=49.206.243.164 \| user=wordpress \| pass=wordpress \| event=cowrie.login.failed \| source=ssh honeypo ... show more ip=49.206.243.164 \| user=wordpress \| pass=wordpress \| event=cowrie.login.failed \| source=ssh honeypot MSK \| time=2026-05-31T22:48:10.264606Z show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-31 22:22:45 (3 days ago)	49.206.243.164 (IN/India/49.206.243.164.actcorp.in), 5 distributed sshd attacks on account [root] in ... show more 49.206.243.164 (IN/India/49.206.243.164.actcorp.in), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 31 17:02:41 14401 sshd[13426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.206.243.164 user=root May 31 17:02:42 14401 sshd[13426]: Failed password for root from 49.206.243.164 port 17382 ssh2 May 31 17:22:30 14401 sshd[23658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.254.46 user=root May 31 17:22:32 14401 sshd[23658]: Failed password for root from 117.89.254.46 port 55114 ssh2 May 31 17:22:34 14401 sshd[23660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.89.254.46 user=root IP Addresses Blocked: show less	Brute-Force SSH
🇮🇹 NukeDuke	2026-05-31 21:42:29 (3 days ago)	49.206.243.164 abuse ...	SSH Brute-Force
🇯🇵 knock	2026-05-31 20:31:44 (3 days ago)	Knock-Knock honeypot brute-force: SSH (1 total hits)	Brute-Force SSH
🇧🇾 lns.bz	2026-05-31 19:44:39 (3 days ago)	SSH bruteforce [BY]	SSH
🇺🇸 r	2026-05-31 19:17:52 (3 days ago)	May 31 19:17:52 panel sshd[26970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid= ... show more May 31 19:17:52 panel sshd[26970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.206.243.164 show less	Brute-Force SSH
🇫🇷 elf	2026-05-31 18:07:28 (3 days ago)	[Fail2Ban]: Jail sshd triggered 3 time(s) for 49.206.243.164. May 31 20:07:24 - sshd[3272375]: pam_u ... show more [Fail2Ban]: Jail sshd triggered 3 time(s) for 49.206.243.164. May 31 20:07:24 - sshd[3272375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.206.243.164 May 31 20:07:26 - sshd[3272375]: Failed password for invalid user api from 49.206.243.164 port 46478 ssh2 May 31 20:07:28 - sshd[3272375]: Disconnected from invalid user api 49.206.243.164 port 46478 [preauth] ... show less	Brute-Force SSH
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-31 14:34:20 (3 days ago)	Honeypot hit: Brute-force attack detected on 22/SSH • Credential used: donald:donald • Number of log ... show more Honeypot hit: Brute-force attack detected on 22/SSH • Credential used: donald:donald • Number of login attempts: 1 • Client: SSH-2.0-libssh_0.11.1 show less	Hacking SSH
🇺🇸 bigscoots.com	2026-05-31 13:37:57 (3 days ago)	49.206.243.164 (IN/India/49.206.243.164.actcorp.in), 5 distributed sshd attacks on account [root] in ... show more 49.206.243.164 (IN/India/49.206.243.164.actcorp.in), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 31 08:37:46 13400 sshd[31979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.206.243.164 user=root May 31 08:29:36 13400 sshd[27851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.111.52.109 user=root May 31 08:29:39 13400 sshd[27851]: Failed password for root from 114.111.52.109 port 48238 ssh2 May 31 08:29:48 13400 sshd[27901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.218.184 user=root May 31 08:29:50 13400 sshd[27901]: Failed password for root from 104.248.218.184 port 35338 ssh2 IP Addresses Blocked: show less	Brute-Force SSH
🇺🇸 psh-ack	2026-05-31 11:23:14 (3 days ago)	Credential compromise attempt using andres/andres. Attacker performed system reconnaissance via CPU ... show more Credential compromise attempt using andres/andres. Attacker performed system reconnaissance via CPU core enumeration. Primary objective: SSH key injection for persistence. Executed multi-stage SSH directory manipulation—removed existing .ssh directory, recreated it, and injected RSA public key (AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXx). Third command attempted to modify file attributes on .ssh directory using chattr -ia followed by lockr command to prevent removal/modification—standard hardening technique to ensure persistence survives cleanup attempts. Connection used libssh 0.11.1 client library. Attack duration under one minute. No downloads or lateral movement observed. Single session with three discrete commands targeting SSH persistence establishment and file immutability locks. show less	Brute-Force SSH
🇺🇸 m2jest1c	2026-05-31 10:32:06 (3 days ago)	2026-05-31T06:32:05.891361 rhel-20gb-ash-1 sshd[1000009]: Disconnected from authenticating user root ... show more 2026-05-31T06:32:05.891361 rhel-20gb-ash-1 sshd[1000009]: Disconnected from authenticating user root 49.206.243.164 port 34710 [preauth] ... show less	Brute-Force SSH
🇬🇧 gbzret4d	2026-05-31 08:32:31 (3 days ago)	Honeypot [uk-production01]: Brute-force attack detected on 22/SSH • Credential used: root:wkdskfk • ... show more Honeypot [uk-production01]: Brute-force attack detected on 22/SSH • Credential used: root:wkdskfk • Number of login attempts: 1 • Client: SSH-2.0-libssh_0.11.1 show less	SSH
🇺🇸 bigscoots.com	2026-05-31 07:32:55 (3 days ago)	49.206.243.164 (IN/India/49.206.243.164.actcorp.in), 5 distributed sshd attacks on account [root] in ... show more 49.206.243.164 (IN/India/49.206.243.164.actcorp.in), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 31 02:26:13 17907 sshd[2905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.47.158.56 user=root May 31 02:25:05 17907 sshd[2349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.233.83.104 user=root May 31 02:25:07 17907 sshd[2349]: Failed password for root from 223.233.83.104 port 1473 ssh2 May 31 02:32:26 17907 sshd[6197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.206.243.164 user=root May 31 02:27:39 17907 sshd[3602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.194.243.199 user=root IP Addresses Blocked: 101.47.158.56 (SG/Singapore/-) 223.233.83.104 (IN/India/abts-north-dynamic-104.83.233.223.airtelbroadband.in) show less	Brute-Force SSH
🇩🇪 Kotiacat_one	2026-05-30 21:30:40 (4 days ago)	2026-05-31T00:30:39.448381+03:00 kotia sshd[117840]: Invalid user xue from 49.206.243.164 port 20944 ... show more 2026-05-31T00:30:39.448381+03:00 kotia sshd[117840]: Invalid user xue from 49.206.243.164 port 20944 ... show less	Brute-Force SSH

Showing 106 to 120 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 115.85.84.106

🇨🇦 85.217.149.65

🇨🇳 1.83.125.222

🇺🇸 2607:f8b0:400c:c18::128

🇩🇪 192.109.200.78

🇳🇱 172.211.123.250

🇭🇰 165.154.41.56

🇯🇵 152.32.201.247

🇺🇸 140.235.1.105

🇮🇩 103.135.227.154

🇧🇬 91.191.209.198

🇺🇸 66.154.107.138

🇬🇧 35.203.211.164

🇯🇵 20.63.210.3

🇸🇬 2a09:bac5:55f8:25b9::3c2:4c

🇨🇭 209.99.191.19

🇺🇸 208.84.100.238

🇨🇦 191.96.36.42

🇳🇱 176.65.149.45

🇺🇸 172.178.16.179