49.48.125.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Triple T Internet PCL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	port scan and connect, tcp 23 (telnet)	2020-06-22 00:10:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.48.125.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10520
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.48.125.29.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062100 1800 900 604800 86400

;; Query time: 153 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 22 00:09:56 CST 2020
;; MSG SIZE  rcvd: 116

Host info

29.125.48.49.in-addr.arpa domain name pointer mx-ll-49.48.125-29.dynamic.3bb.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.125.48.49.in-addr.arpa	name = mx-ll-49.48.125-29.dynamic.3bb.in.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.230.30.229	attackspam	Invalid user vaf from 157.230.30.229 port 47120	2020-05-23 07:48:39
35.224.163.21	attack	May 20 13:11:31 josie sshd[15032]: Invalid user srs from 35.224.163.21 May 20 13:11:31 josie sshd[15032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.224.163.21 May 20 13:11:34 josie sshd[15032]: Failed password for invalid user srs from 35.224.163.21 port 48396 ssh2 May 20 13:11:34 josie sshd[15033]: Received disconnect from 35.224.163.21: 11: Bye Bye May 20 13:12:11 josie sshd[15177]: Invalid user fwc from 35.224.163.21 May 20 13:12:11 josie sshd[15177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.224.163.21 May 20 13:12:13 josie sshd[15177]: Failed password for invalid user fwc from 35.224.163.21 port 54170 ssh2 May 20 13:12:13 josie sshd[15178]: Received disconnect from 35.224.163.21: 11: Bye Bye May 20 13:12:40 josie sshd[15214]: Invalid user gdp from 35.224.163.21 May 20 13:12:40 josie sshd[15214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=s........ -------------------------------	2020-05-23 07:54:14
159.203.27.100	attackspambots	159.203.27.100 - - [23/May/2020:00:57:07 +0200] "GET /wp-login.php HTTP/1.1" 200 6614 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.27.100 - - [23/May/2020:00:57:09 +0200] "POST /wp-login.php HTTP/1.1" 200 6865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.27.100 - - [23/May/2020:00:57:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-23 07:46:18
190.145.26.90	attack	Unauthorized connection attempt from IP address 190.145.26.90 on Port 445(SMB)	2020-05-23 07:40:38
141.98.9.160	attackspambots	$f2bV_matches	2020-05-23 07:44:47
94.23.24.213	attack	May 23 01:33:29 MainVPS sshd[15247]: Invalid user nlp from 94.23.24.213 port 56130 May 23 01:33:29 MainVPS sshd[15247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.24.213 May 23 01:33:29 MainVPS sshd[15247]: Invalid user nlp from 94.23.24.213 port 56130 May 23 01:33:31 MainVPS sshd[15247]: Failed password for invalid user nlp from 94.23.24.213 port 56130 ssh2 May 23 01:36:44 MainVPS sshd[17669]: Invalid user gpz from 94.23.24.213 port 33576 ...	2020-05-23 07:37:39
139.199.108.83	attack	W 5701,/var/log/auth.log,-,-	2020-05-23 07:26:36
131.161.219.242	attack	Invalid user vlado from 131.161.219.242 port 40672	2020-05-23 07:50:53
189.33.79.187	attackspambots	Invalid user usv from 189.33.79.187 port 38776	2020-05-23 07:50:34
116.109.79.42	attack	Unauthorized connection attempt from IP address 116.109.79.42 on Port 445(SMB)	2020-05-23 07:26:52
187.189.174.145	attackbotsspam	Unauthorized connection attempt from IP address 187.189.174.145 on Port 445(SMB)	2020-05-23 07:53:26
103.253.42.35	attackbots	05/22/2020-16:16:01.888500 103.253.42.35 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-23 07:23:04
144.34.210.56	attackspambots	Invalid user rnl from 144.34.210.56 port 53478	2020-05-23 07:25:28
49.233.88.50	attack	5x Failed Password	2020-05-23 07:41:23
222.186.180.130	attack	May 22 23:30:25 scw-6657dc sshd[21930]: Failed password for root from 222.186.180.130 port 57776 ssh2 May 22 23:30:25 scw-6657dc sshd[21930]: Failed password for root from 222.186.180.130 port 57776 ssh2 May 22 23:30:27 scw-6657dc sshd[21930]: Failed password for root from 222.186.180.130 port 57776 ssh2 ...	2020-05-23 07:34:59

Recently Reported IPs

197.3.89.28	5.2.177.23	188.162.194.40	185.12.45.116
62.35.54.224	59.153.97.224	186.112.80.114	114.36.152.202
181.39.37.100	92.184.116.129	31.78.194.135	42.104.109.194
191.182.177.148	241.80.183.86	44.84.44.221	115.183.13.57
213.181.198.40	220.118.135.169	96.179.203.115	41.41.25.187