JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.228.97.131

49.228.97.131 was found in our database!

This IP was reported 101 times. Confidence of Abuse is 0%: ?

ISP	AIS Fibre
Usage Type	Fixed Line ISP
ASN	AS133481
Hostname(s)	49-228-97-0.24.nat.cwdc-cgn02.myaisfibre.com
Domain Name	ais.th
Country	🇹🇭 Thailand
City	Bangkok, Bangkok

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.228.97.131

Whois 49.228.97.131

IP Abuse Reports for 49.228.97.131:

This IP address has been reported a total of 101 times from 78 distinct sources. 49.228.97.131 was first reported on November 10th 2021, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ItitanPot	2026-03-18 13:35:25 (3 months ago)	Malicious actor attempting SSH password spray	Brute-Force SSH
🇩🇪 FBI_CyberUnit	2026-03-13 18:11:24 (3 months ago)	Compromised host performing SSH brute force	Brute-Force SSH
🇹🇷 rtbh.com.tr	2026-02-05 20:11:24 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇱🇺 SiteXL	2026-02-01 03:42:02 (4 months ago)	{"event":{"DateTime":"2026-01-30T03:58:36Z","RemoteAddr":"49.228.97.131:35856","Protocol":"SSH","Com ... show more {"event":{"DateTime":"2026-01-30T03:58:36Z","RemoteAddr":"49.228.97.131:35856","Protocol":"SSH","Command":"","CommandOutput":"","Status":"Stateless","Msg":"New SSH Login Attempt","ID":"df74a7c4-cdb3-4783-b724-78ee30a4018f","Environ":"","User":"gmodserver","Password":"gmodserver@123","Client":"SSH-2.0-libssh_0.11.1","Headers":"","HeadersMap":null,"Cookies":"","UserAgent":"","HostHTTPRequest":"","Body":"","HTTPMethod":"","RequestURI":"","Description":"SSH interactive","SourceIp":"49.228.97.131","SourcePort":"35856","TLSServerName":"","Handler":""},"level":"info","msg":"New Event","status":"Stateless"} {"event":{"DateTime":"2026-01-30T04:01:38Z","RemoteAddr":"49.228.97.131:35314","Protocol":"SSH","Command":"","CommandOutput":"","Status":"Stateless","Msg":"New SSH Login Attempt","ID":"5cbdc186-ebbd-4892-b3b9-c344c7bae738","Environ":"","User":"diana","Password":"123","Client":"SSH-2.0-libssh_0.11.1","Headers":"","HeadersMap":null,"Cookies":"","UserAgent":"","HostHTTPRequest":"","Body":"","HTTPMethod":"","RequestUR show less	Port Scan Hacking Brute-Force SSH
🇹🇷 rtbh.com.tr	2026-01-31 20:11:19 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇨🇳 ThreatBook.io	2026-01-30 23:34:14 (4 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/49.228.97.131	SSH
🇹🇷 rtbh.com.tr	2026-01-30 20:11:19 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2026-01-30 09:51:09 (4 months ago)	Jan 30 09:41:12 wary-description sshd[1010984]: pam_unix(sshd:auth): authentication failure; logname ... show more Jan 30 09:41:12 wary-description sshd[1010984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.228.97.131 Jan 30 09:41:14 wary-description sshd[1010984]: Failed password for invalid user losts from 49.228.97.131 port 33962 ssh2 Jan 30 09:51:08 wary-description sshd[1011532]: Invalid user sir from 49.228.97.131 port 60476 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-01-30 09:48:49 (4 months ago)	(sshd) Failed SSH login from 49.228.97.131 (TH/Thailand/49-228-97-0.24.nat.cwdc-cgn02.myaisfibre.com ... show more (sshd) Failed SSH login from 49.228.97.131 (TH/Thailand/49-228-97-0.24.nat.cwdc-cgn02.myaisfibre.com): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Jan 30 03:42:06 14119 sshd[20932]: Invalid user losts from 49.228.97.131 port 51258 Jan 30 03:42:08 14119 sshd[20932]: Failed password for invalid user losts from 49.228.97.131 port 51258 ssh2 Jan 30 03:45:49 14119 sshd[21228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.228.97.131 user=root Jan 30 03:45:51 14119 sshd[21228]: Failed password for root from 49.228.97.131 port 59834 ssh2 Jan 30 03:48:30 14119 sshd[21451]: Invalid user scan from 49.228.97.131 port 38356 show less	Brute-Force SSH
🇫🇷 kleine babykatze	2026-01-30 09:47:19 (4 months ago)	2026-01-30T10:39:44.833698+01:00 vmd172806 sshd[541752]: pam_unix(sshd:auth): authentication failure ... show more 2026-01-30T10:39:44.833698+01:00 vmd172806 sshd[541752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.228.97.131 2026-01-30T10:39:47.005218+01:00 vmd172806 sshd[541752]: Failed password for invalid user losts from 49.228.97.131 port 37316 ssh2 2026-01-30T10:47:17.674338+01:00 vmd172806 sshd[543374]: Invalid user buildbot from 49.228.97.131 port 37916 ... show less	FTP Brute-Force Brute-Force SSH
🇺🇸 bigscoots.com	2026-01-30 09:20:48 (4 months ago)	(sshd) Failed SSH login from 49.228.97.131 (TH/Thailand/49-228-97-0.24.nat.cwdc-cgn02.myaisfibre.com ... show more (sshd) Failed SSH login from 49.228.97.131 (TH/Thailand/49-228-97-0.24.nat.cwdc-cgn02.myaisfibre.com): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Jan 30 03:13:42 14159 sshd[12253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.228.97.131 user=adm Jan 30 03:13:44 14159 sshd[12253]: Failed password for adm from 49.228.97.131 port 40828 ssh2 Jan 30 03:20:04 14159 sshd[12767]: Invalid user bso from 49.228.97.131 port 58038 Jan 30 03:20:06 14159 sshd[12767]: Failed password for invalid user bso from 49.228.97.131 port 58038 ssh2 Jan 30 03:20:34 14159 sshd[12800]: Invalid user check from 49.228.97.131 port 51344 show less	Brute-Force SSH
🇫🇷 sh97	2026-01-30 09:17:22 (4 months ago)	2026-01-30T14:42:09.335727+05:30 fr1-racknerd sshd[808350]: pam_unix(sshd:auth): authentication fail ... show more 2026-01-30T14:42:09.335727+05:30 fr1-racknerd sshd[808350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.228.97.131 2026-01-30T14:42:11.301148+05:30 fr1-racknerd sshd[808350]: Failed password for invalid user adm from 49.228.97.131 port 42590 ssh2 2026-01-30T14:47:21.807813+05:30 fr1-racknerd sshd[871038]: Invalid user cloud from 49.228.97.131 port 34514 ... show less	Brute-Force SSH
🇺🇸 Kim_KA1WCC_OZ1ARQ	2026-01-30 09:02:39 (4 months ago)	Jan 30 08:58:57 stn7875 sshd[1988]: Invalid user ron from 49.228.97.131 port 41278 Jan 30 09:02:37 s ... show more Jan 30 08:58:57 stn7875 sshd[1988]: Invalid user ron from 49.228.97.131 port 41278 Jan 30 09:02:37 stn7875 sshd[2510]: Invalid user admin4 from 49.228.97.131 port 36368 ... show less	Brute-Force SSH
🇩🇪 SELECT-IT Beratung und IT Dienstleistung GmbH	2026-01-30 08:51:16 (4 months ago)	2026-01-30T09:44:57.519508+01:00 www sshd[2814920]: Failed password for invalid user hath from 49.22 ... show more 2026-01-30T09:44:57.519508+01:00 www sshd[2814920]: Failed password for invalid user hath from 49.228.97.131 port 60936 ssh2 2026-01-30T09:51:09.752827+01:00 www sshd[2815648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.228.97.131 user=root 2026-01-30T09:51:12.079857+01:00 www sshd[2815648]: Failed password for root from 49.228.97.131 port 41032 ssh2 ... show less	Brute-Force SSH
🇳🇱 FlyerOne	2026-01-30 08:50:02 (4 months ago)	IP blocked	Brute-Force SSH

Showing 1 to 15 of 101 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 155.4.245.222

🇹🇼 118.163.132.212

🇸🇬 97.74.87.152

🇷🇴 92.118.39.74

🇺🇸 65.49.20.121

🇬🇧 62.232.33.45

🇳🇿 45.133.7.88

🇳🇿 45.133.7.87

🇨🇳 42.236.209.217

🇮🇩 36.74.220.168

🇺🇸 195.184.76.233

🇫🇮 178.20.210.208

🇭🇰 65.181.79.60

🇸🇬 47.82.13.139

🇳🇿 45.133.7.86

🇳🇿 45.133.7.85

🇳🇿 45.133.7.84

🇺🇸 3.238.172.232

🇺🇸 216.73.160.171

🇹🇭 202.183.141.189