49.230.20.129 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.230.20.98	attackspambots	Port Scan detected from 49.230.20.98 (TH/Thailand/-). 21 hits in the last 50 seconds; Ports: ; Direction: in; Trigger: PS_LIMIT; Logs: Aug 24 18:50:21 serv kernel: Firewall: Port Flood* IN=eth0 OUT= MAC=02:8b:61:de:f0:8e:00:21:d8:ca:1e:40:08:00 SRC=49.230.20.98 DST=*** LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=28991 DF PROTO=TCP SPT=24811 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Aug 24 18:50:21 serv kernel: Firewall: Port Flood IN=eth0 OUT= MAC=02:8b:61:de:f0:8e:00:21:d8:ca:1e:40:08:00 SRC=49.230.20.98 DST=*** LEN=48 TOS=0x00 PREC=0x00 TTL=56 ID=38082 DF PROTO=TCP SPT=14709 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 Aug 24 18:50:21 serv kernel: Firewall: Port Flood IN=eth0 OUT= MAC=02:8b:61:de:f0:8e:00:21:d8:ca:1e:40:08:00 SRC=49.230.20.98 DST=*** LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=35824 DF PROTO=TCP SPT=37358 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 Aug 24 18:50:21 serv kernel: Firewal	2020-08-24 22:22:44
49.230.20.160	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-02-2020 14:20:44.	2020-02-09 06:20:10
49.230.20.254	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 17:32:30,439 INFO [amun_request_handler] PortScan Detected on Port: 445 (49.230.20.254)	2019-08-26 05:13:06

Type

Details

Datetime

49.230.20.98

attackspambots

*Port Scan* detected from 49.230.20.98 (TH/Thailand/-). 21 hits in the last 50 seconds; Ports: *; Direction: in; Trigger: PS_LIMIT; Logs: Aug 24 18:50:21 serv kernel: Firewall: *Port Flood* IN=eth0 OUT= MAC=02:8b:61:de:f0:8e:00:21:d8:ca:1e:40:08:00 SRC=49.230.20.98 DST=*** LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=28991 DF PROTO=TCP SPT=24811 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 
Aug 24 18:50:21 serv kernel: Firewall: *Port Flood* IN=eth0 OUT= MAC=02:8b:61:de:f0:8e:00:21:d8:ca:1e:40:08:00 SRC=49.230.20.98 DST=*** LEN=48 TOS=0x00 PREC=0x00 TTL=56 ID=38082 DF PROTO=TCP SPT=14709 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 
Aug 24 18:50:21 serv kernel: Firewall: *Port Flood* IN=eth0 OUT= MAC=02:8b:61:de:f0:8e:00:21:d8:ca:1e:40:08:00 SRC=49.230.20.98 DST=*** LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=35824 DF PROTO=TCP SPT=37358 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0 
Aug 24 18:50:21 serv kernel: Firewal

2020-08-24 22:22:44

49.230.20.160

attackbots

Attempt to attack host OS, exploiting network vulnerabilities, on 08-02-2020 14:20:44.

2020-02-09 06:20:10

49.230.20.254

attackspambots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 17:32:30,439 INFO [amun_request_handler] PortScan Detected on Port: 445 (49.230.20.254)

2019-08-26 05:13:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.230.20.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23854
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.230.20.129.			IN	A

;; AUTHORITY SECTION:
.			145	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 21:23:12 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 129.20.230.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 129.20.230.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.227.130.2	attack	Invalid user ubuntu from 125.227.130.2 port 53248	2020-03-19 16:13:53
95.30.52.28	attack	SSH login attempts.	2020-03-19 16:20:20
177.129.191.142	attackbots	Invalid user trung from 177.129.191.142 port 57685	2020-03-19 16:30:44
94.177.216.68	attack	Mar 19 07:38:05 h2646465 sshd[19148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.216.68 user=root Mar 19 07:38:07 h2646465 sshd[19148]: Failed password for root from 94.177.216.68 port 50260 ssh2 Mar 19 07:48:01 h2646465 sshd[22366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.216.68 user=root Mar 19 07:48:03 h2646465 sshd[22366]: Failed password for root from 94.177.216.68 port 39442 ssh2 Mar 19 07:53:34 h2646465 sshd[24097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.216.68 user=root Mar 19 07:53:36 h2646465 sshd[24097]: Failed password for root from 94.177.216.68 port 53458 ssh2 Mar 19 07:59:05 h2646465 sshd[25797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.216.68 user=root Mar 19 07:59:08 h2646465 sshd[25797]: Failed password for root from 94.177.216.68 port 39234 ssh2 Mar 19 08:04:24 h2646465 ssh	2020-03-19 16:33:42
180.168.201.126	attack	Invalid user testuser from 180.168.201.126 port 40308	2020-03-19 16:23:49
134.17.94.237	attackspam	Mar 19 01:29:28 ws19vmsma01 sshd[113200]: Failed password for root from 134.17.94.237 port 3598 ssh2 ...	2020-03-19 15:58:17
154.8.227.18	attackspambots	3 failed attempts at connecting to SSH.	2020-03-19 16:09:26
175.24.16.238	attackbotsspam	$f2bV_matches	2020-03-19 16:13:35
106.12.54.13	attackspam	Mar 19 09:37:20 server sshd\[30573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.54.13 user=root Mar 19 09:37:21 server sshd\[30573\]: Failed password for root from 106.12.54.13 port 59094 ssh2 Mar 19 09:46:55 server sshd\[418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.54.13 user=root Mar 19 09:46:58 server sshd\[418\]: Failed password for root from 106.12.54.13 port 39786 ssh2 Mar 19 09:51:01 server sshd\[1452\]: Invalid user suporte from 106.12.54.13 Mar 19 09:51:01 server sshd\[1452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.54.13 ...	2020-03-19 16:19:21
36.81.132.64	attack	Unauthorized connection attempt detected from IP address 36.81.132.64 to port 445	2020-03-19 16:39:19
188.234.247.110	attack	Mar 19 08:13:35 nextcloud sshd\[9582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.234.247.110 user=root Mar 19 08:13:38 nextcloud sshd\[9582\]: Failed password for root from 188.234.247.110 port 49564 ssh2 Mar 19 08:16:33 nextcloud sshd\[11300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.234.247.110 user=root	2020-03-19 16:26:47
118.25.123.42	attackbotsspam	(sshd) Failed SSH login from 118.25.123.42 (CN/China/-): 5 in the last 3600 secs	2020-03-19 16:43:36
149.56.96.78	attackbotsspam	Mar 19 09:53:09 server sshd\[1848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.ip-149-56-96.net user=root Mar 19 09:53:11 server sshd\[1848\]: Failed password for root from 149.56.96.78 port 64002 ssh2 Mar 19 09:59:58 server sshd\[3423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.ip-149-56-96.net user=root Mar 19 10:00:00 server sshd\[3423\]: Failed password for root from 149.56.96.78 port 50746 ssh2 Mar 19 10:03:00 server sshd\[4345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.ip-149-56-96.net user=root ...	2020-03-19 16:45:58
180.167.233.252	attackspam	Mar 19 09:15:48 server sshd\[25437\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.233.252 user=root Mar 19 09:15:50 server sshd\[25437\]: Failed password for root from 180.167.233.252 port 43828 ssh2 Mar 19 09:22:53 server sshd\[26998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.233.252 user=root Mar 19 09:22:55 server sshd\[26998\]: Failed password for root from 180.167.233.252 port 41646 ssh2 Mar 19 09:36:04 server sshd\[30396\]: Invalid user radio from 180.167.233.252 Mar 19 09:36:04 server sshd\[30396\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.233.252 ...	2020-03-19 16:24:20
191.252.185.141	attackbotsspam	SSH login attempts.	2020-03-19 16:10:27

Recently Reported IPs

31.25.90.228	189.232.52.96	163.125.93.50	1.30.200.82
47.14.49.160	222.181.206.201	35.230.130.45	138.197.72.25
115.201.35.231	202.62.52.174	190.151.159.21	114.122.180.212
60.13.7.235	211.36.141.48	177.249.168.204	196.219.62.9
27.45.91.55	179.109.3.153	120.229.113.201	187.233.34.46