49.49.245.78 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Triple T Internet PCL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 16:33:34

Comments on same subnet:

IP	Type	Details	Datetime
49.49.245.225	attackspambots	WordPress brute force	2020-08-25 05:37:17
49.49.245.40	attack	Unauthorized connection attempt from IP address 49.49.245.40 on Port 445(SMB)	2020-08-22 03:34:33
49.49.245.93	attackspambots	Unauthorised access (May 24) SRC=49.49.245.93 LEN=52 TTL=114 ID=15200 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-25 04:29:23
49.49.245.84	attackspam	Invalid user admin from 49.49.245.84 port 51591	2020-05-23 12:31:17
49.49.245.103	attackbots	Lines containing failures of 49.49.245.103 Jan 17 13:48:06 shared05 sshd[8729]: Invalid user ubnt from 49.49.245.103 port 30995 Jan 17 13:48:07 shared05 sshd[8729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.49.245.103 Jan 17 13:48:08 shared05 sshd[8729]: Failed password for invalid user ubnt from 49.49.245.103 port 30995 ssh2 Jan 17 13:48:09 shared05 sshd[8729]: Connection closed by invalid user ubnt 49.49.245.103 port 30995 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.49.245.103	2020-01-17 22:02:11
49.49.245.71	attackbots	Unauthorized connection attempt detected from IP address 49.49.245.71 to port 445	2020-01-02 20:50:45
49.49.245.155	attack	Dec 1 12:05:11 nginx sshd[74095]: Invalid user admin from 49.49.245.155 Dec 1 12:05:11 nginx sshd[74095]: Connection closed by 49.49.245.155 port 59906 [preauth]	2019-12-01 20:56:41
49.49.245.132	attackbots	445/tcp [2019-11-06]1pkt	2019-11-06 14:19:45
49.49.245.5	attackbotsspam	Sat, 20 Jul 2019 21:55:27 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 10:28:54
49.49.245.238	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2019-07-02 12:41:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.49.245.78
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.49.245.78.			IN	A

;; AUTHORITY SECTION:
.			196	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021801 1800 900 604800 86400

;; Query time: 436 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 16:33:31 CST 2020
;; MSG SIZE  rcvd: 116

Host info

78.245.49.49.in-addr.arpa domain name pointer mx-ll-49.49.245-78.dynamic.3bb.in.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
78.245.49.49.in-addr.arpa	name = mx-ll-49.49.245-78.dynamic.3bb.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.83.32.232	attack	Invalid user admin from 51.83.32.232 port 34204	2019-09-28 18:47:26
173.231.212.225	attackbotsspam	xmlrpc attack	2019-09-28 18:38:18
51.77.245.181	attackspambots	DATE:2019-09-28 11:43:54,IP:51.77.245.181,MATCHES:11,PORT:ssh	2019-09-28 18:55:46
115.238.236.74	attackspambots	Sep 28 13:30:29 server sshd\[12281\]: Invalid user bank from 115.238.236.74 port 52818 Sep 28 13:30:29 server sshd\[12281\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.236.74 Sep 28 13:30:31 server sshd\[12281\]: Failed password for invalid user bank from 115.238.236.74 port 52818 ssh2 Sep 28 13:35:27 server sshd\[15243\]: Invalid user transfer from 115.238.236.74 port 32596 Sep 28 13:35:27 server sshd\[15243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.238.236.74	2019-09-28 18:43:49
95.178.156.240	attackbotsspam	Telnetd brute force attack detected by fail2ban	2019-09-28 18:30:41
123.135.221.253	attack	Unauthorised access (Sep 28) SRC=123.135.221.253 LEN=40 TTL=49 ID=61005 TCP DPT=8080 WINDOW=6591 SYN Unauthorised access (Sep 28) SRC=123.135.221.253 LEN=40 TOS=0x08 PREC=0x20 TTL=49 ID=54851 TCP DPT=8080 WINDOW=35438 SYN Unauthorised access (Sep 28) SRC=123.135.221.253 LEN=40 TTL=49 ID=29619 TCP DPT=8080 WINDOW=6591 SYN Unauthorised access (Sep 26) SRC=123.135.221.253 LEN=40 TTL=49 ID=824 TCP DPT=8080 WINDOW=57033 SYN Unauthorised access (Sep 25) SRC=123.135.221.253 LEN=40 TTL=49 ID=8172 TCP DPT=8080 WINDOW=35438 SYN	2019-09-28 18:29:38
123.21.73.218	attackbotsspam	88/tcp [2019-09-28]1pkt	2019-09-28 18:38:42
52.255.224.124	attackbotsspam	Sep 27 23:48:24 localhost kernel: [3380323.196222] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=52.255.224.124 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=21322 PROTO=UDP SPT=30105 DPT=111 LEN=48 Sep 27 23:48:24 localhost kernel: [3380323.196243] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=52.255.224.124 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=21322 PROTO=UDP SPT=30105 DPT=111 LEN=48 Sep 27 23:48:30 localhost kernel: [3380329.156193] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=52.255.224.124 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=25125 PROTO=UDP SPT=30105 DPT=111 LEN=48 Sep 27 23:48:30 localhost kernel: [3380329.156224] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=52.255.224.124 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=25125 PROTO=UDP SPT=30105 DPT=111 LEN=48	2019-09-28 18:42:28
139.199.168.184	attackspam	Automatic report - Banned IP Access	2019-09-28 18:32:27
109.194.199.28	attackbots	Sep 28 09:23:40 tux-35-217 sshd\[6203\]: Invalid user xiong from 109.194.199.28 port 14712 Sep 28 09:23:40 tux-35-217 sshd\[6203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.194.199.28 Sep 28 09:23:43 tux-35-217 sshd\[6203\]: Failed password for invalid user xiong from 109.194.199.28 port 14712 ssh2 Sep 28 09:30:50 tux-35-217 sshd\[6209\]: Invalid user www from 109.194.199.28 port 54066 Sep 28 09:30:50 tux-35-217 sshd\[6209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.194.199.28 ...	2019-09-28 18:19:39
115.178.24.72	attackspam	Sep 28 00:43:25 aat-srv002 sshd[10626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.178.24.72 Sep 28 00:43:27 aat-srv002 sshd[10626]: Failed password for invalid user nishant from 115.178.24.72 port 35070 ssh2 Sep 28 00:51:09 aat-srv002 sshd[10882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.178.24.72 Sep 28 00:51:11 aat-srv002 sshd[10882]: Failed password for invalid user jeffchen from 115.178.24.72 port 44982 ssh2 ...	2019-09-28 18:26:30
54.37.88.73	attackbots	Sep 28 07:13:59 web8 sshd\[28880\]: Invalid user luma from 54.37.88.73 Sep 28 07:13:59 web8 sshd\[28880\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.88.73 Sep 28 07:14:01 web8 sshd\[28880\]: Failed password for invalid user luma from 54.37.88.73 port 42116 ssh2 Sep 28 07:17:16 web8 sshd\[30525\]: Invalid user dw from 54.37.88.73 Sep 28 07:17:16 web8 sshd\[30525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.88.73	2019-09-28 18:28:43
149.202.55.18	attackbots	Sep 28 12:08:51 MK-Soft-VM3 sshd[5096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.55.18 Sep 28 12:08:54 MK-Soft-VM3 sshd[5096]: Failed password for invalid user 1qaz2wsx3edc4rfv from 149.202.55.18 port 56726 ssh2 ...	2019-09-28 18:38:57
201.16.165.236	attack	445/tcp [2019-09-28]1pkt	2019-09-28 18:21:21
182.61.40.17	attackbots	Sep 28 05:48:21 v22018076622670303 sshd\[25082\]: Invalid user www from 182.61.40.17 port 38698 Sep 28 05:48:21 v22018076622670303 sshd\[25082\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.40.17 Sep 28 05:48:22 v22018076622670303 sshd\[25082\]: Failed password for invalid user www from 182.61.40.17 port 38698 ssh2 ...	2019-09-28 18:50:17

Recently Reported IPs

218.66.205.244	123.148.146.132	49.37.133.40	27.66.81.102
49.245.50.12	1.34.209.63	106.58.169.162	237.166.249.197
59.89.216.123	184.178.32.178	205.26.207.100	153.136.44.39
81.175.147.133	116.93.82.66	49.245.100.3	42.127.20.194
39.244.219.147	11.0.28.70	49.244.159.26	79.76.27.84