49.49.1.217 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.49.198.226	attackbots	TCP (SYN) 49.49.198.226:30546 -> port 23, len 44	2020-08-10 18:40:54
49.49.183.91	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-03 19:25:46
49.49.194.104	attackspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: mx-ll-49.49.194-104.dynamic.3bb.co.th.	2020-07-07 20:42:05
49.49.139.146	attack	Unauthorized connection attempt detected from IP address 49.49.139.146 to port 23	2020-06-29 04:28:33
49.49.183.7	attackspambots	" "	2020-06-15 10:07:36
49.49.195.145	attackbots	LAMP,DEF GET /shell?/bin/busybox+ABCD	2020-06-12 23:36:12
49.49.113.92	attackspam	Unauthorized connection attempt detected from IP address 49.49.113.92 to port 80 [T]	2020-05-09 04:21:00
49.49.193.156	attackspambots	"SMTP brute force auth login attempt."	2020-04-19 05:56:21
49.49.146.110	attackspam	Unauthorized connection attempt detected from IP address 49.49.146.110 to port 445	2020-04-16 12:52:03
49.49.192.165	attack	Apr 11 05:55:35 debian-2gb-nbg1-2 kernel: \[8836340.593888\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=49.49.192.165 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=15719 PROTO=TCP SPT=37981 DPT=23 WINDOW=43195 RES=0x00 SYN URGP=0	2020-04-11 12:50:02
49.49.153.26	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 16:35:31
49.49.112.178	attackspam	Unauthorized connection attempt detected from IP address 49.49.112.178 to port 8080 [J]	2020-01-29 05:33:23
49.49.12.122	attackbots	Honeypot attack, port: 81, PTR: mx-ll-49.49.12-122.dynamic.3bb.co.th.	2020-01-20 03:58:34
49.49.191.187	attack	Unauthorized connection attempt detected from IP address 49.49.191.187 to port 9090 [T]	2020-01-16 02:12:58
49.49.17.170	attackbots	Scanning random ports - tries to find possible vulnerable services	2020-01-10 20:20:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.49.1.217
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42758
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.49.1.217.			IN	A

;; AUTHORITY SECTION:
.			291	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 05:01:09 CST 2022
;; MSG SIZE  rcvd: 104

Host info

217.1.49.49.in-addr.arpa domain name pointer mx-ll-49.49.1-217.dynamic.3bb.in.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
217.1.49.49.in-addr.arpa	name = mx-ll-49.49.1-217.dynamic.3bb.in.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.201.169	attack	8123/tcp 56043/tcp 39832/tcp... [2019-09-12/10-29]43pkt,37pt.(tcp),2pt.(udp)	2019-10-30 14:13:55
45.82.153.76	attack	2019-10-30T06:55:31.288027mail01 postfix/smtpd[2892]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-10-30T06:55:57.061773mail01 postfix/smtpd[16842]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-10-30T06:56:15.448050mail01 postfix/smtpd[2892]: warning: unknown[45.82.153.76]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-30 13:59:07
167.172.82.223	attack	Oct 30 07:10:57 www4 sshd\[44389\]: Invalid user web123$%\^ from 167.172.82.223 Oct 30 07:10:57 www4 sshd\[44389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.82.223 Oct 30 07:10:59 www4 sshd\[44389\]: Failed password for invalid user web123$%\^ from 167.172.82.223 port 55562 ssh2 ...	2019-10-30 13:46:23
203.156.169.236	attackbots	Brute forcing RDP port 3389	2019-10-30 14:04:48
187.32.4.66	attack	Automatic report - XMLRPC Attack	2019-10-30 13:51:42
216.218.206.74	attack	445/tcp 27017/tcp 23/tcp... [2019-08-29/10-29]38pkt,15pt.(tcp),1pt.(udp)	2019-10-30 14:08:43
159.203.201.88	attack	Unauthorized connection attempt from IP address 159.203.201.88 on Port 110(POP3)	2019-10-30 14:17:24
187.172.170.42	attack	Total attacks: 2	2019-10-30 13:49:45
167.249.42.226	attackbots	blogonese.net 167.249.42.226 \[30/Oct/2019:04:53:42 +0100\] "POST /wp-login.php HTTP/1.1" 200 5769 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" blogonese.net 167.249.42.226 \[30/Oct/2019:04:53:44 +0100\] "POST /wp-login.php HTTP/1.1" 200 5768 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-30 14:15:29
184.105.139.113	attackspambots	" "	2019-10-30 14:07:16
129.158.73.144	attack	detected by Fail2Ban	2019-10-30 13:56:52
159.203.74.227	attackbotsspam	Oct 30 08:09:10 sauna sshd[103757]: Failed password for root from 159.203.74.227 port 51034 ssh2 ...	2019-10-30 14:17:50
146.88.240.4	attackbotsspam	30.10.2019 05:54:59 Connection to port 1194 blocked by firewall	2019-10-30 14:07:30
218.4.196.178	attackbots	$f2bV_matches	2019-10-30 13:47:23
184.105.139.102	attackspam	30005/tcp 445/tcp 23/tcp... [2019-08-31/10-30]39pkt,9pt.(tcp),2pt.(udp)	2019-10-30 14:01:16

Recently Reported IPs

190.245.17.204	189.212.122.130	91.193.175.169	120.56.113.226
78.164.77.164	93.170.171.134	113.25.25.33	179.228.113.39
171.97.201.134	124.163.27.48	116.75.212.31	70.79.156.173
220.198.205.11	112.26.121.53	45.241.58.15	79.127.88.154
5.138.247.32	31.59.206.71	177.44.16.111	156.214.77.174