49.49.242.109 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Triple T Internet PCL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	1586349776 - 04/08/2020 14:42:56 Host: 49.49.242.109/49.49.242.109 Port: 445 TCP Blocked	2020-04-08 21:41:06

Comments on same subnet:

IP	Type	Details	Datetime
49.49.242.15	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-03 01:28:07
49.49.242.15	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 16:53:58
49.49.242.130	attackbotsspam	Honeypot attack, port: 445, PTR: mx-ll-49.49.242-130.dynamic.3bb.in.th.	2020-03-26 00:27:19
49.49.242.237	attackbotsspam	Unauthorized connection attempt detected from IP address 49.49.242.237 to port 1022 [T]	2020-01-07 00:12:50
49.49.242.104	attack	Lines containing failures of 49.49.242.104 Sep 4 04:41:51 server sshd[12449]: Connection from 49.49.242.104 port 53283 on 62.116.165.82 port 22 Sep 4 04:41:51 server sshd[12449]: Did not receive identification string from 49.49.242.104 port 53283 Sep 4 04:41:53 server sshd[12451]: Connection from 49.49.242.104 port 50382 on 62.116.165.82 port 22 Sep 4 04:41:54 server sshd[12451]: reveeclipse mapping checking getaddrinfo for mx-ll-49.49.242-104.dynamic.3bb.in.th [49.49.242.104] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 4 04:41:54 server sshd[12451]: Invalid user noc from 49.49.242.104 port 50382 Sep 4 04:41:54 server sshd[12451]: Connection closed by 49.49.242.104 port 50382 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.49.242.104	2019-09-04 19:03:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.49.242.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43069
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.49.242.109.			IN	A

;; AUTHORITY SECTION:
.			376	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040800 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 08 21:41:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

109.242.49.49.in-addr.arpa domain name pointer mx-ll-49.49.242-109.dynamic.3bb.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
109.242.49.49.in-addr.arpa	name = mx-ll-49.49.242-109.dynamic.3bb.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.55.180.7	attackbots	Aug 8 21:49:30 home sshd[670242]: Failed password for root from 45.55.180.7 port 55521 ssh2 Aug 8 21:51:45 home sshd[670973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.180.7 user=root Aug 8 21:51:47 home sshd[670973]: Failed password for root from 45.55.180.7 port 60415 ssh2 Aug 8 21:54:09 home sshd[672023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.180.7 user=root Aug 8 21:54:11 home sshd[672023]: Failed password for root from 45.55.180.7 port 36634 ssh2 ...	2020-08-09 04:06:13
40.85.122.27	attackbots	Aug 8 16:21:07 host sshd[25737]: Invalid user uoHkrtwU from 40.85.122.27 port 40102 ...	2020-08-09 03:51:44
222.186.3.249	attack	Aug 8 21:48:59 minden010 sshd[9507]: Failed password for root from 222.186.3.249 port 25462 ssh2 Aug 8 21:49:55 minden010 sshd[9803]: Failed password for root from 222.186.3.249 port 62669 ssh2 ...	2020-08-09 03:54:07
59.127.50.240	attackspambots	Port Scan ...	2020-08-09 04:00:14
121.162.235.44	attack	2020-08-08T20:34:08.202685amanda2.illicoweb.com sshd\[17030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.235.44 user=root 2020-08-08T20:34:10.255963amanda2.illicoweb.com sshd\[17030\]: Failed password for root from 121.162.235.44 port 34866 ssh2 2020-08-08T20:38:25.183197amanda2.illicoweb.com sshd\[17521\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.235.44 user=root 2020-08-08T20:38:27.518122amanda2.illicoweb.com sshd\[17521\]: Failed password for root from 121.162.235.44 port 44162 ssh2 2020-08-08T20:42:34.356466amanda2.illicoweb.com sshd\[17786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.235.44 user=root ...	2020-08-09 03:37:27
45.236.129.157	attackspam	Lines containing failures of 45.236.129.157 (max 1000) Aug 3 04:39:45 UTC__SANYALnet-Labs__cac12 sshd[2468]: Connection from 45.236.129.157 port 46254 on 64.137.176.96 port 22 Aug 3 04:39:47 UTC__SANYALnet-Labs__cac12 sshd[2468]: Address 45.236.129.157 maps to angelchile.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 3 04:39:47 UTC__SANYALnet-Labs__cac12 sshd[2468]: User r.r from 45.236.129.157 not allowed because not listed in AllowUsers Aug 3 04:39:47 UTC__SANYALnet-Labs__cac12 sshd[2468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.236.129.157 user=r.r Aug 3 04:39:50 UTC__SANYALnet-Labs__cac12 sshd[2468]: Failed password for invalid user r.r from 45.236.129.157 port 46254 ssh2 Aug 3 04:39:50 UTC__SANYALnet-Labs__cac12 sshd[2468]: Received disconnect from 45.236.129.157 port 46254:11: Bye Bye [preauth] Aug 3 04:39:50 UTC__SANYALnet-Labs__cac12 sshd[2468]: Disconnected from 45.236.12........ ------------------------------	2020-08-09 03:50:35
209.163.117.175	attack	Automatic report - Banned IP Access	2020-08-09 04:13:05
192.144.199.158	attackbots	Aug 7 00:24:06 hidden sshd[29714]: Failed password for hidden from 192.144.199.158 port 57282 ssh2 Aug 7 00:30:28 hidden sshd[31836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.199.158 user=root Aug 7 00:30:30 hidden sshd[31836]: Failed password for hidden from 192.144.199.158 port 39006 ssh2	2020-08-09 04:15:04
218.28.244.242	attackspambots	2020-08-07T11:34:45.270190hostname sshd[50726]: Failed password for root from 218.28.244.242 port 45718 ssh2 ...	2020-08-09 03:58:32
193.112.100.92	attackspambots	Port scan: Attack repeated for 24 hours	2020-08-09 04:13:35
219.92.7.187	attackspambots	$f2bV_matches	2020-08-09 03:58:16
36.82.106.238	attackbotsspam	Aug 7 04:19:17 hidden sshd[50971]: Failed password for hidden from 36.82.106.238 port 45102 ssh2 Aug 7 04:23:00 hidden sshd[52200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.82.106.238 user=root Aug 7 04:23:02 hidden sshd[52200]: Failed password for hidden from 36.82.106.238 port 35764 ssh2	2020-08-09 03:48:48
35.241.152.211	attackbots	Aug 7 00:28:00 hidden sshd[30934]: Failed password for hidden from 35.241.152.211 port 36570 ssh2 Aug 7 00:36:29 hidden sshd[33848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.241.152.211 user=root Aug 7 00:36:31 hidden sshd[33848]: Failed password for hidden from 35.241.152.211 port 49190 ssh2	2020-08-09 03:50:54
220.128.159.121	attack	Aug 8 20:08:38 nextcloud sshd\[15158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.128.159.121 user=root Aug 8 20:08:40 nextcloud sshd\[15158\]: Failed password for root from 220.128.159.121 port 39494 ssh2 Aug 8 20:10:09 nextcloud sshd\[16664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.128.159.121 user=root	2020-08-09 03:56:44
39.105.125.122	attack	Aug 7 11:58:21 hidden sshd[3843]: Failed password for hidden from 39.105.125.122 port 39600 ssh2 Aug 7 11:59:44 hidden sshd[3914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.105.125.122 user=root Aug 7 11:59:47 hidden sshd[3914]: Failed password for hidden from 39.105.125.122 port 56612 ssh2	2020-08-09 03:47:28

Recently Reported IPs

241.157.121.255	115.164.202.202	23.80.97.116	42.200.173.192
23.106.219.15	51.15.254.159	45.236.131.185	85.99.228.42
80.78.68.57	45.95.168.131	180.124.78.36	134.19.46.235
93.81.163.48	51.15.110.205	13.209.133.97	145.239.199.46
122.51.161.239	91.77.160.195	51.75.75.240	14.63.162.98