49.49.245.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Triple T Internet PCL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sat, 20 Jul 2019 21:55:27 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 10:28:54

Comments on same subnet:

IP	Type	Details	Datetime
49.49.245.225	attackspambots	WordPress brute force	2020-08-25 05:37:17
49.49.245.40	attack	Unauthorized connection attempt from IP address 49.49.245.40 on Port 445(SMB)	2020-08-22 03:34:33
49.49.245.93	attackspambots	Unauthorised access (May 24) SRC=49.49.245.93 LEN=52 TTL=114 ID=15200 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-25 04:29:23
49.49.245.84	attackspam	Invalid user admin from 49.49.245.84 port 51591	2020-05-23 12:31:17
49.49.245.78	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 16:33:34
49.49.245.103	attackbots	Lines containing failures of 49.49.245.103 Jan 17 13:48:06 shared05 sshd[8729]: Invalid user ubnt from 49.49.245.103 port 30995 Jan 17 13:48:07 shared05 sshd[8729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.49.245.103 Jan 17 13:48:08 shared05 sshd[8729]: Failed password for invalid user ubnt from 49.49.245.103 port 30995 ssh2 Jan 17 13:48:09 shared05 sshd[8729]: Connection closed by invalid user ubnt 49.49.245.103 port 30995 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.49.245.103	2020-01-17 22:02:11
49.49.245.71	attackbots	Unauthorized connection attempt detected from IP address 49.49.245.71 to port 445	2020-01-02 20:50:45
49.49.245.155	attack	Dec 1 12:05:11 nginx sshd[74095]: Invalid user admin from 49.49.245.155 Dec 1 12:05:11 nginx sshd[74095]: Connection closed by 49.49.245.155 port 59906 [preauth]	2019-12-01 20:56:41
49.49.245.132	attackbots	445/tcp [2019-11-06]1pkt	2019-11-06 14:19:45
49.49.245.238	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-07-02 12:41:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.49.245.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56938
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.49.245.5.			IN	A

;; AUTHORITY SECTION:
.			1773	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072001 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 21 10:28:42 CST 2019
;; MSG SIZE  rcvd: 115

Host info

5.245.49.49.in-addr.arpa domain name pointer mx-ll-49.49.245-5.dynamic.3bb.in.th.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
5.245.49.49.in-addr.arpa	name = mx-ll-49.49.245-5.dynamic.3bb.in.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.82.70.239	attack	02/21/2020-08:26:03.864152 80.82.70.239 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82	2020-02-21 21:30:26
41.254.42.74	attackbots	Mail sent to address hacked/leaked from Gamigo	2020-02-21 21:41:48
80.82.77.189	attackspambots	02/21/2020-08:20:32.356648 80.82.77.189 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-21 21:55:17
120.71.145.166	attackbots	Feb 21 14:48:34 dedicated sshd[2226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.71.145.166 user=root Feb 21 14:48:37 dedicated sshd[2226]: Failed password for root from 120.71.145.166 port 33983 ssh2	2020-02-21 22:06:43
67.227.152.142	attackspam	Feb 21 14:20:39 debian-2gb-nbg1-2 kernel: \[4550447.328070\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=67.227.152.142 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=64954 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-21 21:50:40
123.126.82.7	attackspambots	Feb 21 10:26:40 ws22vmsma01 sshd[170638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.126.82.7 Feb 21 10:26:42 ws22vmsma01 sshd[170638]: Failed password for invalid user remote from 123.126.82.7 port 2699 ssh2 ...	2020-02-21 22:07:20
106.13.86.236	attackspam	Feb 21 18:20:59 gw1 sshd[9413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.86.236 Feb 21 18:21:00 gw1 sshd[9413]: Failed password for invalid user wangxue from 106.13.86.236 port 40508 ssh2 ...	2020-02-21 21:28:48
185.220.101.46	attack	Unauthorized access detected from black listed ip!	2020-02-21 22:00:14
71.189.47.10	attackbotsspam	$f2bV_matches	2020-02-21 21:57:10
187.12.167.85	attack	2020-02-21T08:16:23.426454xentho-1 sshd[132419]: Invalid user john from 187.12.167.85 port 56952 2020-02-21T08:16:25.496635xentho-1 sshd[132419]: Failed password for invalid user john from 187.12.167.85 port 56952 ssh2 2020-02-21T08:18:33.459403xentho-1 sshd[132432]: Invalid user uno85 from 187.12.167.85 port 44726 2020-02-21T08:18:33.466491xentho-1 sshd[132432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.167.85 2020-02-21T08:18:33.459403xentho-1 sshd[132432]: Invalid user uno85 from 187.12.167.85 port 44726 2020-02-21T08:18:35.372128xentho-1 sshd[132432]: Failed password for invalid user uno85 from 187.12.167.85 port 44726 ssh2 2020-02-21T08:20:42.237308xentho-1 sshd[132454]: Invalid user robert from 187.12.167.85 port 60734 2020-02-21T08:20:42.247547xentho-1 sshd[132454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.167.85 2020-02-21T08:20:42.237308xentho-1 sshd[132454]: Invalid user ...	2020-02-21 21:43:11
222.186.42.136	attackbots	2020-02-21T14:33:37.5240651240 sshd\[1406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root 2020-02-21T14:33:38.8659001240 sshd\[1406\]: Failed password for root from 222.186.42.136 port 18758 ssh2 2020-02-21T14:33:41.0447501240 sshd\[1406\]: Failed password for root from 222.186.42.136 port 18758 ssh2 ...	2020-02-21 21:33:59
212.129.17.32	attackbotsspam	firewall-block, port(s): 5060/udp	2020-02-21 22:04:33
207.180.214.173	attack	Feb 21 16:04:35 master sshd[15936]: Failed password for invalid user a from 207.180.214.173 port 51046 ssh2 Feb 21 16:04:38 master sshd[15938]: Failed password for invalid user oracle from 207.180.214.173 port 59632 ssh2 Feb 21 16:04:42 master sshd[15940]: Failed password for invalid user nagios from 207.180.214.173 port 40102 ssh2 Feb 21 16:04:45 master sshd[15944]: Failed password for invalid user postgres from 207.180.214.173 port 49598 ssh2 Feb 21 16:04:49 master sshd[15946]: Failed password for invalid user postgres from 207.180.214.173 port 57738 ssh2 Feb 21 16:04:53 master sshd[15948]: Failed password for invalid user vnc from 207.180.214.173 port 38852 ssh2 Feb 21 16:04:56 master sshd[15950]: Failed password for invalid user git from 207.180.214.173 port 47084 ssh2 Feb 21 16:04:59 master sshd[15952]: Failed password for invalid user nagios from 207.180.214.173 port 53354 ssh2 Feb 21 16:05:04 master sshd[15954]: Failed password for root from 207.180.214.173 port 35220 ssh2	2020-02-21 22:05:52
159.65.219.210	attackbots	suspicious action Fri, 21 Feb 2020 10:20:21 -0300	2020-02-21 22:02:58
222.186.30.167	attackspambots	Feb 21 14:42:12 MK-Soft-VM5 sshd[21471]: Failed password for root from 222.186.30.167 port 31271 ssh2 Feb 21 14:42:14 MK-Soft-VM5 sshd[21471]: Failed password for root from 222.186.30.167 port 31271 ssh2 ...	2020-02-21 21:59:05

Recently Reported IPs

218.161.113.50	125.167.130.117	124.123.75.41	5.54.91.195
200.96.78.102	180.251.236.169	80.38.218.134	59.91.193.242
37.111.130.189	178.221.234.169	176.100.191.79	119.252.170.138
113.22.176.82	190.79.97.227	154.126.166.85	125.163.119.34
113.161.167.11	39.45.235.140	221.162.255.86	209.163.163.80