49.49.1.217 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.49.198.226	attackbots	TCP (SYN) 49.49.198.226:30546 -> port 23, len 44	2020-08-10 18:40:54
49.49.183.91	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-03 19:25:46
49.49.194.104	attackspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: mx-ll-49.49.194-104.dynamic.3bb.co.th.	2020-07-07 20:42:05
49.49.139.146	attack	Unauthorized connection attempt detected from IP address 49.49.139.146 to port 23	2020-06-29 04:28:33
49.49.183.7	attackspambots	" "	2020-06-15 10:07:36
49.49.195.145	attackbots	LAMP,DEF GET /shell?/bin/busybox+ABCD	2020-06-12 23:36:12
49.49.113.92	attackspam	Unauthorized connection attempt detected from IP address 49.49.113.92 to port 80 [T]	2020-05-09 04:21:00
49.49.193.156	attackspambots	"SMTP brute force auth login attempt."	2020-04-19 05:56:21
49.49.146.110	attackspam	Unauthorized connection attempt detected from IP address 49.49.146.110 to port 445	2020-04-16 12:52:03
49.49.192.165	attack	Apr 11 05:55:35 debian-2gb-nbg1-2 kernel: \[8836340.593888\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=49.49.192.165 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=15719 PROTO=TCP SPT=37981 DPT=23 WINDOW=43195 RES=0x00 SYN URGP=0	2020-04-11 12:50:02
49.49.153.26	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 16:35:31
49.49.112.178	attackspam	Unauthorized connection attempt detected from IP address 49.49.112.178 to port 8080 [J]	2020-01-29 05:33:23
49.49.12.122	attackbots	Honeypot attack, port: 81, PTR: mx-ll-49.49.12-122.dynamic.3bb.co.th.	2020-01-20 03:58:34
49.49.191.187	attack	Unauthorized connection attempt detected from IP address 49.49.191.187 to port 9090 [T]	2020-01-16 02:12:58
49.49.17.170	attackbots	Scanning random ports - tries to find possible vulnerable services	2020-01-10 20:20:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.49.1.217
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42758
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.49.1.217.			IN	A

;; AUTHORITY SECTION:
.			291	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 05:01:09 CST 2022
;; MSG SIZE  rcvd: 104

Host info

217.1.49.49.in-addr.arpa domain name pointer mx-ll-49.49.1-217.dynamic.3bb.in.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
217.1.49.49.in-addr.arpa	name = mx-ll-49.49.1-217.dynamic.3bb.in.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
93.149.79.247	attackspambots	Dec 27 23:49:05 sd-53420 sshd\[2455\]: Invalid user guest from 93.149.79.247 Dec 27 23:49:05 sd-53420 sshd\[2455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.79.247 Dec 27 23:49:08 sd-53420 sshd\[2455\]: Failed password for invalid user guest from 93.149.79.247 port 43860 ssh2 Dec 27 23:54:21 sd-53420 sshd\[4645\]: User root from 93.149.79.247 not allowed because none of user's groups are listed in AllowGroups Dec 27 23:54:21 sd-53420 sshd\[4645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.149.79.247 user=root ...	2019-12-28 08:42:22
222.186.173.226	attack	19/12/27@19:05:34: FAIL: Alarm-SSH address from=222.186.173.226 ...	2019-12-28 08:26:02
31.168.196.56	attackbotsspam	Automatic report - Port Scan Attack	2019-12-28 08:48:06
197.51.157.106	attackbotsspam	Telnet Server BruteForce Attack	2019-12-28 08:35:00
223.204.176.253	attackspambots	Unauthorized IMAP connection attempt	2019-12-28 08:51:11
222.186.180.6	attackbots	SSH-BruteForce	2019-12-28 08:30:25
222.186.175.150	attackbotsspam	Dec 28 00:22:49 zeus sshd[1806]: Failed password for root from 222.186.175.150 port 56864 ssh2 Dec 28 00:22:53 zeus sshd[1806]: Failed password for root from 222.186.175.150 port 56864 ssh2 Dec 28 00:22:58 zeus sshd[1806]: Failed password for root from 222.186.175.150 port 56864 ssh2 Dec 28 00:23:02 zeus sshd[1806]: Failed password for root from 222.186.175.150 port 56864 ssh2 Dec 28 00:23:06 zeus sshd[1806]: Failed password for root from 222.186.175.150 port 56864 ssh2	2019-12-28 08:24:43
118.89.48.251	attack	Dec 28 00:27:35 sd-53420 sshd\[18749\]: Invalid user alma from 118.89.48.251 Dec 28 00:27:35 sd-53420 sshd\[18749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 Dec 28 00:27:37 sd-53420 sshd\[18749\]: Failed password for invalid user alma from 118.89.48.251 port 54394 ssh2 Dec 28 00:32:36 sd-53420 sshd\[20819\]: Invalid user spallin from 118.89.48.251 Dec 28 00:32:36 sd-53420 sshd\[20819\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 ...	2019-12-28 08:22:14
94.247.168.8	attackspambots	Automatic report - Banned IP Access	2019-12-28 08:33:06
185.232.67.5	attack	--- report --- Dec 27 21:14:44 sshd: Connection from 185.232.67.5 port 43534 Dec 27 21:14:47 sshd: Invalid user admin from 185.232.67.5 Dec 27 21:14:49 sshd: Failed password for invalid user admin from 185.232.67.5 port 43534 ssh2	2019-12-28 08:51:33
2001:41d0:2:af56::	attackbots	Automatic report - XMLRPC Attack	2019-12-28 08:45:55
213.222.245.253	attackbotsspam	Automatic report - Port Scan Attack	2019-12-28 08:23:26
178.218.163.110	attackspambots	Dec 28 02:06:14 taivassalofi sshd[223075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.218.163.110 Dec 28 02:06:16 taivassalofi sshd[223075]: Failed password for invalid user guest from 178.218.163.110 port 64030 ssh2 Dec 28 02:06:16 taivassalofi sshd[223075]: error: Received disconnect from 178.218.163.110 port 64030:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2019-12-28 08:30:43
203.162.13.68	attackspam	Dec 28 01:38:54 lnxweb61 sshd[30670]: Failed password for root from 203.162.13.68 port 38774 ssh2 Dec 28 01:38:54 lnxweb61 sshd[30670]: Failed password for root from 203.162.13.68 port 38774 ssh2	2019-12-28 08:40:42
114.67.80.39	attack	Dec 27 17:53:52 Tower sshd[23795]: Connection from 114.67.80.39 port 36014 on 192.168.10.220 port 22 rdomain "" Dec 27 17:53:54 Tower sshd[23795]: Invalid user lisa from 114.67.80.39 port 36014 Dec 27 17:53:54 Tower sshd[23795]: error: Could not get shadow information for NOUSER Dec 27 17:53:54 Tower sshd[23795]: Failed password for invalid user lisa from 114.67.80.39 port 36014 ssh2 Dec 27 17:53:54 Tower sshd[23795]: Received disconnect from 114.67.80.39 port 36014:11: Bye Bye [preauth] Dec 27 17:53:54 Tower sshd[23795]: Disconnected from invalid user lisa 114.67.80.39 port 36014 [preauth]	2019-12-28 08:47:03

Recently Reported IPs

190.245.17.204	189.212.122.130	91.193.175.169	120.56.113.226
78.164.77.164	93.170.171.134	113.25.25.33	179.228.113.39
171.97.201.134	124.163.27.48	116.75.212.31	70.79.156.173
220.198.205.11	112.26.121.53	45.241.58.15	79.127.88.154
5.138.247.32	31.59.206.71	177.44.16.111	156.214.77.174