49.48.199.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Triple T Internet PCL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH login attempts with user root at 2020-02-05.	2020-02-06 14:52:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.48.199.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4262
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.48.199.1.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020600 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 06 14:52:19 CST 2020
;; MSG SIZE  rcvd: 115

Host info

1.199.48.49.in-addr.arpa domain name pointer mx-ll-49.48.199-1.dynamic.3bb.in.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.199.48.49.in-addr.arpa	name = mx-ll-49.48.199-1.dynamic.3bb.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.195.201.128	attackspambots	Dec 13 03:50:12 wbs sshd\[23738\]: Invalid user host from 203.195.201.128 Dec 13 03:50:12 wbs sshd\[23738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.201.128 Dec 13 03:50:14 wbs sshd\[23738\]: Failed password for invalid user host from 203.195.201.128 port 56876 ssh2 Dec 13 03:55:47 wbs sshd\[24266\]: Invalid user ammie from 203.195.201.128 Dec 13 03:55:47 wbs sshd\[24266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.201.128	2019-12-13 22:03:13
200.117.143.26	attackbots	Fail2Ban Ban Triggered	2019-12-13 21:39:15
116.196.80.104	attackspam	Dec 13 15:18:27 sauna sshd[29198]: Failed password for root from 116.196.80.104 port 37710 ssh2 ...	2019-12-13 21:27:10
137.74.115.225	attackbotsspam	Dec 13 13:53:13 srv206 sshd[29155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=225.ip-137-74-115.eu user=root Dec 13 13:53:15 srv206 sshd[29155]: Failed password for root from 137.74.115.225 port 56410 ssh2 ...	2019-12-13 21:50:41
118.24.7.98	attack	Invalid user midkiff from 118.24.7.98 port 39396	2019-12-13 21:53:25
103.43.6.211	attackspam	Unauthorized connection attempt detected from IP address 103.43.6.211 to port 445	2019-12-13 21:57:19
104.248.116.140	attack	2019-12-13T12:55:37.313164abusebot.cloudsearch.cf sshd\[2756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 user=sshd 2019-12-13T12:55:39.587110abusebot.cloudsearch.cf sshd\[2756\]: Failed password for sshd from 104.248.116.140 port 51242 ssh2 2019-12-13T13:03:22.502693abusebot.cloudsearch.cf sshd\[2841\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 user=root 2019-12-13T13:03:24.611258abusebot.cloudsearch.cf sshd\[2841\]: Failed password for root from 104.248.116.140 port 36916 ssh2	2019-12-13 22:00:28
222.186.175.148	attack	Dec 13 13:57:26 hcbbdb sshd\[1415\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Dec 13 13:57:28 hcbbdb sshd\[1415\]: Failed password for root from 222.186.175.148 port 39280 ssh2 Dec 13 13:57:38 hcbbdb sshd\[1415\]: Failed password for root from 222.186.175.148 port 39280 ssh2 Dec 13 13:57:42 hcbbdb sshd\[1415\]: Failed password for root from 222.186.175.148 port 39280 ssh2 Dec 13 13:57:45 hcbbdb sshd\[1446\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root	2019-12-13 22:01:17
115.79.5.246	attack	DATE:2019-12-13 08:43:16, IP:115.79.5.246, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2019-12-13 21:47:41
117.71.53.105	attackspambots	$f2bV_matches	2019-12-13 21:54:48
74.82.47.55	attackspambots	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2019-12-13 21:49:36
66.96.233.31	attackbotsspam	Dec 13 14:18:38 mail sshd\[3937\]: Invalid user jashly from 66.96.233.31 Dec 13 14:18:38 mail sshd\[3937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.96.233.31 Dec 13 14:18:40 mail sshd\[3937\]: Failed password for invalid user jashly from 66.96.233.31 port 53609 ssh2 ...	2019-12-13 21:27:40
49.207.183.102	attackspambots	Dec 13 12:07:14 *** sshd[4466]: Invalid user admin from 49.207.183.102	2019-12-13 21:59:31
112.85.42.180	attack	Dec 13 08:36:18 linuxvps sshd\[51941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.180 user=root Dec 13 08:36:20 linuxvps sshd\[51941\]: Failed password for root from 112.85.42.180 port 37997 ssh2 Dec 13 08:36:43 linuxvps sshd\[52181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.180 user=root Dec 13 08:36:45 linuxvps sshd\[52181\]: Failed password for root from 112.85.42.180 port 16817 ssh2 Dec 13 08:36:49 linuxvps sshd\[52181\]: Failed password for root from 112.85.42.180 port 16817 ssh2	2019-12-13 21:41:11
105.255.166.218	attackbotsspam	1576222985 - 12/13/2019 08:43:05 Host: 105.255.166.218/105.255.166.218 Port: 445 TCP Blocked	2019-12-13 22:00:13

Recently Reported IPs

80.234.92.155	27.64.237.1	201.141.194.54	23.240.188.5
192.241.238.241	37.98.196.82	182.253.124.63	171.252.242.65
223.149.1.2	173.244.36.75	204.197.178.29	222.186.30.7
189.123.42.65	222.186.19.2	77.42.124.36	189.243.122.143
255.233.136.239	222.137.137.1	165.8.232.31	220.162.247.1