110.49.70.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Advanced Info Service Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 1 16:42:19 sshgateway sshd\[15341\]: Invalid user ts from 110.49.70.242 Oct 1 16:42:19 sshgateway sshd\[15341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Oct 1 16:42:21 sshgateway sshd\[15341\]: Failed password for invalid user ts from 110.49.70.242 port 59157 ssh2	2020-10-02 03:33:06
attackbotsspam	Oct 1 19:25:16 web1 sshd[14282]: Invalid user felipe from 110.49.70.242 port 44234 Oct 1 19:25:16 web1 sshd[14282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Oct 1 19:25:16 web1 sshd[14282]: Invalid user felipe from 110.49.70.242 port 44234 Oct 1 19:25:18 web1 sshd[14282]: Failed password for invalid user felipe from 110.49.70.242 port 44234 ssh2 Oct 1 19:52:51 web1 sshd[23386]: Invalid user bob from 110.49.70.242 port 43474 Oct 1 19:52:51 web1 sshd[23386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Oct 1 19:52:51 web1 sshd[23386]: Invalid user bob from 110.49.70.242 port 43474 Oct 1 19:52:53 web1 sshd[23386]: Failed password for invalid user bob from 110.49.70.242 port 43474 ssh2 Oct 1 20:54:16 web1 sshd[11764]: Invalid user git from 110.49.70.242 port 40016 ...	2020-10-01 19:45:39
attackspambots	Aug 17 07:19:29 ns381471 sshd[8730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Aug 17 07:19:31 ns381471 sshd[8730]: Failed password for invalid user nagios from 110.49.70.242 port 33330 ssh2	2020-08-17 17:27:12
attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-08-06 02:51:51
attackspam	Jul 29 22:47:44 hidden sshd[23271]: Invalid user zhcui from 110.49.70.242 port 49175 Jul 29 22:47:44 hidden sshd[23271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Jul 29 22:47:46 hidden sshd[23271]: Failed password for invalid user zhcui from 110.49.70.242 port 49175 ssh2	2020-07-30 05:29:04
attack	Automatic report - Banned IP Access	2020-02-16 04:45:46
attackspam	Feb 8 04:36:30 hpm sshd\[871\]: Invalid user vmp from 110.49.70.242 Feb 8 04:36:30 hpm sshd\[871\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Feb 8 04:36:32 hpm sshd\[871\]: Failed password for invalid user vmp from 110.49.70.242 port 36765 ssh2 Feb 8 04:43:11 hpm sshd\[1732\]: Invalid user ugr from 110.49.70.242 Feb 8 04:43:11 hpm sshd\[1732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242	2020-02-09 03:26:52
attack	Dec 22 07:57:35 MK-Soft-VM7 sshd[29981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Dec 22 07:57:37 MK-Soft-VM7 sshd[29981]: Failed password for invalid user jeffy from 110.49.70.242 port 47276 ssh2 ...	2019-12-22 15:51:19
attackbots	SSH invalid-user multiple login attempts	2019-12-15 06:55:19
attackspambots	2019-12-13T15:34:01.079470Z 9497be84e85e New connection: 110.49.70.242:55593 (172.17.0.6:2222) [session: 9497be84e85e] 2019-12-13T15:56:47.145123Z 22a4339d6c3b New connection: 110.49.70.242:27174 (172.17.0.6:2222) [session: 22a4339d6c3b]	2019-12-14 03:34:01
attack	Dec 3 08:17:35 mail sshd\[18205\]: Invalid user eldridge from 110.49.70.242 Dec 3 08:17:35 mail sshd\[18205\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Dec 3 08:17:37 mail sshd\[18205\]: Failed password for invalid user eldridge from 110.49.70.242 port 33727 ssh2 ...	2019-12-03 17:33:38
attack	Oct 17 13:41:25 icinga sshd[27189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.242 Oct 17 13:41:27 icinga sshd[27189]: Failed password for invalid user 1qaz2wsx3edc from 110.49.70.242 port 19029 ssh2 ...	2019-10-17 23:24:37
attack	Invalid user demo from 110.49.70.242 port 4067	2019-10-17 16:42:29
attackspambots	Aug 26 09:37:55 Tower sshd[25112]: Connection from 110.49.70.242 port 12933 on 192.168.10.220 port 22 Aug 26 09:37:57 Tower sshd[25112]: Invalid user testmail1 from 110.49.70.242 port 12933 Aug 26 09:37:57 Tower sshd[25112]: error: Could not get shadow information for NOUSER Aug 26 09:37:57 Tower sshd[25112]: Failed password for invalid user testmail1 from 110.49.70.242 port 12933 ssh2 Aug 26 09:37:57 Tower sshd[25112]: Received disconnect from 110.49.70.242 port 12933:11: Bye Bye [preauth] Aug 26 09:37:57 Tower sshd[25112]: Disconnected from invalid user testmail1 110.49.70.242 port 12933 [preauth]	2019-08-26 21:49:44

Comments on same subnet:

IP	Type	Details	Datetime
110.49.70.244	attackbots	Oct 7 04:55:49 mail sshd[11124]: Failed password for root from 110.49.70.244 port 60210 ssh2	2020-10-08 06:51:08
110.49.70.244	attackbotsspam	Oct 7 04:55:49 mail sshd[11124]: Failed password for root from 110.49.70.244 port 60210 ssh2	2020-10-07 23:12:38
110.49.70.244	attackbots	Oct 7 04:55:49 mail sshd[11124]: Failed password for root from 110.49.70.244 port 60210 ssh2	2020-10-07 15:18:45
110.49.70.248	attackbots	Invalid user username from 110.49.70.248 port 41882	2020-10-05 07:48:38
110.49.70.248	attackspam	Oct 4 17:19:08 ncomp sshd[28754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.248 user=root Oct 4 17:19:10 ncomp sshd[28754]: Failed password for root from 110.49.70.248 port 7793 ssh2 Oct 4 17:26:11 ncomp sshd[28881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.248 user=root Oct 4 17:26:12 ncomp sshd[28881]: Failed password for root from 110.49.70.248 port 24181 ssh2	2020-10-05 00:07:50
110.49.70.248	attackbots	$f2bV_matches	2020-10-04 15:51:15
110.49.70.248	attackspambots	Oct 1 22:38:14 roki-contabo sshd\[16978\]: Invalid user brian from 110.49.70.248 Oct 1 22:38:14 roki-contabo sshd\[16978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.248 Oct 1 22:38:16 roki-contabo sshd\[16978\]: Failed password for invalid user brian from 110.49.70.248 port 51964 ssh2 Oct 1 23:54:59 roki-contabo sshd\[18949\]: Invalid user j from 110.49.70.248 Oct 1 23:54:59 roki-contabo sshd\[18949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.248 ...	2020-10-02 06:23:22
110.49.70.246	attack	Oct 1 23:25:15 ovpn sshd\[32011\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.246 user=root Oct 1 23:25:18 ovpn sshd\[32011\]: Failed password for root from 110.49.70.246 port 44864 ssh2 Oct 1 23:46:09 ovpn sshd\[4808\]: Invalid user bruno from 110.49.70.246 Oct 1 23:46:09 ovpn sshd\[4808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.246 Oct 1 23:46:11 ovpn sshd\[4808\]: Failed password for invalid user bruno from 110.49.70.246 port 42972 ssh2	2020-10-02 05:51:31
110.49.70.240	attackspam	Oct 1 17:26:24 sshgateway sshd\[15619\]: Invalid user user from 110.49.70.240 Oct 1 17:26:24 sshgateway sshd\[15619\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.240 Oct 1 17:26:26 sshgateway sshd\[15619\]: Failed password for invalid user user from 110.49.70.240 port 61265 ssh2	2020-10-02 02:08:11
110.49.70.248	attackspam	Oct 1 16:07:16 sshgateway sshd\[15133\]: Invalid user testing1 from 110.49.70.248 Oct 1 16:07:16 sshgateway sshd\[15133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.248 Oct 1 16:07:18 sshgateway sshd\[15133\]: Failed password for invalid user testing1 from 110.49.70.248 port 34828 ssh2	2020-10-01 22:50:30
110.49.70.246	attack	Oct 2 00:04:44 localhost sshd[2319999]: Invalid user admin from 110.49.70.246 port 59672 ...	2020-10-01 22:13:46
110.49.70.240	attackspambots	Oct 1 09:31:37 ws26vmsma01 sshd[57135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.240 Oct 1 09:31:39 ws26vmsma01 sshd[57135]: Failed password for invalid user felipe from 110.49.70.240 port 35434 ssh2 ...	2020-10-01 18:15:31
110.49.70.246	attackbots	Oct 1 07:24:35 localhost sshd\[30092\]: Invalid user develop from 110.49.70.246 Oct 1 07:24:35 localhost sshd\[30092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.246 Oct 1 07:24:36 localhost sshd\[30092\]: Failed password for invalid user develop from 110.49.70.246 port 36374 ssh2 Oct 1 07:29:02 localhost sshd\[30342\]: Invalid user wang from 110.49.70.246 Oct 1 07:29:02 localhost sshd\[30342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.246 ...	2020-10-01 14:32:19
110.49.70.248	attackbots	Sep 29 19:06:07 localhost sshd\[25031\]: Invalid user server from 110.49.70.248 port 48646 Sep 29 19:06:07 localhost sshd\[25031\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.49.70.248 Sep 29 19:06:10 localhost sshd\[25031\]: Failed password for invalid user server from 110.49.70.248 port 48646 ssh2 ...	2020-09-30 03:46:28
110.49.70.248	attackspambots	Invalid user username from 110.49.70.248 port 41882	2020-09-29 19:53:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 110.49.70.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17072
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;110.49.70.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082600 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 26 21:49:36 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 242.70.49.110.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 242.70.49.110.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.175.205.46	attackspambots	Sep 8 03:23:00 yabzik sshd[12975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.205.46 Sep 8 03:23:01 yabzik sshd[12975]: Failed password for invalid user ubuntu from 134.175.205.46 port 50880 ssh2 Sep 8 03:28:20 yabzik sshd[14764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.205.46	2019-09-08 08:31:43
190.206.252.205	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-07 20:34:23,900 INFO [amun_request_handler] PortScan Detected on Port: 445 (190.206.252.205)	2019-09-08 08:54:18
51.38.47.117	attack	"Fail2Ban detected SSH brute force attempt"	2019-09-08 08:34:12
58.48.73.143	attack	Sep 8 00:22:56 *** sshd[1669731]: refused connect from 58.48.73.143 (5= 8.48.73.143) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=58.48.73.143	2019-09-08 08:48:39
49.69.204.11	attackbotsspam	firewall-block, port(s): 22/tcp	2019-09-08 08:47:35
200.165.49.202	attackspambots	Sep 8 00:14:43 www_kotimaassa_fi sshd[26291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.49.202 Sep 8 00:14:45 www_kotimaassa_fi sshd[26291]: Failed password for invalid user user from 200.165.49.202 port 35581 ssh2 ...	2019-09-08 08:25:44
51.15.160.194	attackbots	SIPVicious Scanner Detection	2019-09-08 09:01:05
45.82.153.35	attackspam	" "	2019-09-08 08:25:12
192.99.32.86	attackbots	Sep 8 02:40:23 SilenceServices sshd[6087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.32.86 Sep 8 02:40:26 SilenceServices sshd[6087]: Failed password for invalid user nagios from 192.99.32.86 port 39678 ssh2 Sep 8 02:44:16 SilenceServices sshd[7575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.32.86	2019-09-08 08:59:29
181.48.99.90	attack	Sep 8 02:43:04 core sshd[14770]: Invalid user mc from 181.48.99.90 port 34382 Sep 8 02:43:06 core sshd[14770]: Failed password for invalid user mc from 181.48.99.90 port 34382 ssh2 ...	2019-09-08 09:08:10
69.17.158.101	attackbots	Sep 7 14:18:44 kapalua sshd\[25882\]: Invalid user jenkins from 69.17.158.101 Sep 7 14:18:44 kapalua sshd\[25882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.17.158.101 Sep 7 14:18:46 kapalua sshd\[25882\]: Failed password for invalid user jenkins from 69.17.158.101 port 50876 ssh2 Sep 7 14:23:39 kapalua sshd\[26292\]: Invalid user student from 69.17.158.101 Sep 7 14:23:39 kapalua sshd\[26292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.17.158.101	2019-09-08 08:24:37
62.234.91.237	attack	Sep 8 01:25:09 vps647732 sshd[10917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.91.237 Sep 8 01:25:12 vps647732 sshd[10917]: Failed password for invalid user dspace from 62.234.91.237 port 34427 ssh2 ...	2019-09-08 08:51:49
49.88.112.72	attack	Sep 8 02:31:59 mail sshd\[17860\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.72 user=root Sep 8 02:32:01 mail sshd\[17860\]: Failed password for root from 49.88.112.72 port 32527 ssh2 Sep 8 02:32:02 mail sshd\[17860\]: Failed password for root from 49.88.112.72 port 32527 ssh2 Sep 8 02:32:05 mail sshd\[17860\]: Failed password for root from 49.88.112.72 port 32527 ssh2 Sep 8 02:33:35 mail sshd\[18008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.72 user=root	2019-09-08 08:46:12
43.226.40.60	attackspam	Sep 7 23:45:06 heissa sshd\[24604\]: Invalid user plex from 43.226.40.60 port 39404 Sep 7 23:45:06 heissa sshd\[24604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.40.60 Sep 7 23:45:08 heissa sshd\[24604\]: Failed password for invalid user plex from 43.226.40.60 port 39404 ssh2 Sep 7 23:49:56 heissa sshd\[25062\]: Invalid user test from 43.226.40.60 port 55152 Sep 7 23:49:56 heissa sshd\[25062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.40.60	2019-09-08 08:52:40
59.152.241.38	attackspam	[munged]::443 59.152.241.38 - - [07/Sep/2019:23:56:19 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 59.152.241.38 - - [07/Sep/2019:23:56:22 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 59.152.241.38 - - [07/Sep/2019:23:56:25 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 59.152.241.38 - - [07/Sep/2019:23:56:29 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 59.152.241.38 - - [07/Sep/2019:23:56:33 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 59.152.241.38 - - [07/Sep/2019:23:56:37 +0200] "POST /[munged]: HTTP/1.1" 200 9080 "-" "Mozilla/5.0 (X11; Ubun	2019-09-08 09:02:54

Recently Reported IPs

145.202.220.225	36.236.35.52	42.180.85.126	36.236.84.145
5.188.86.102	86.238.68.31	36.237.107.246	157.230.144.85
54.36.150.68	52.77.222.25	36.238.108.69	138.68.245.137
36.238.52.19	163.53.81.242	36.239.155.244	85.102.134.141
36.239.186.206	176.9.77.130	118.179.167.173	165.49.24.212