49.145.104.249

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: Philippine Long Distance Telephone Company

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	1582615057 - 02/25/2020 08:17:37 Host: 49.145.104.249/49.145.104.249 Port: 445 TCP Blocked	2020-02-25 22:54:00

Comments on same subnet:

IP	Type	Details	Datetime
49.145.104.168	attackspambots	Automatic report - XMLRPC Attack	2020-09-02 13:20:03
49.145.104.168	attackspam	Automatic report - XMLRPC Attack	2020-09-02 06:22:27
49.145.104.161	attack	1586952408 - 04/15/2020 14:06:48 Host: 49.145.104.161/49.145.104.161 Port: 445 TCP Blocked	2020-04-16 03:49:04
49.145.104.140	attackbotsspam	1583923296 - 03/11/2020 11:41:36 Host: 49.145.104.140/49.145.104.140 Port: 445 TCP Blocked	2020-03-12 01:54:02
49.145.104.143	attackspambots	Unauthorized connection attempt detected from IP address 49.145.104.143 to port 1433 [J]	2020-03-03 01:19:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.145.104.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52152
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.145.104.249.			IN	A

;; AUTHORITY SECTION:
.			262	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022500 1800 900 604800 86400

;; Query time: 173 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 25 22:53:54 CST 2020
;; MSG SIZE  rcvd: 118

Host info

249.104.145.49.in-addr.arpa domain name pointer dsl.49.145.104.249.pldt.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.104.145.49.in-addr.arpa	name = dsl.49.145.104.249.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.255.74.85	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 04:45:23.	2019-10-17 19:26:26
76.28.212.241	attack	CloudCIX Reconnaissance Scan Detected, PTR: c-76-28-212-241.hsd1.wa.comcast.net.	2019-10-17 19:38:30
182.37.50.38	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 04:45:24.	2019-10-17 19:25:21
187.104.146.99	attackspam	Multiple failed RDP login attempts	2019-10-17 19:10:50
192.3.140.202	attackspam	\[2019-10-17 07:29:07\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-17T07:29:07.010-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="72148323235002",SessionID="0x7fc3acc3d768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.3.140.202/5070",ACLName="no_extension_match" \[2019-10-17 07:31:18\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-17T07:31:18.690-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="16148323235002",SessionID="0x7fc3ac00c388",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.3.140.202/5071",ACLName="no_extension_match" \[2019-10-17 07:33:29\] SECURITY\[1898\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-17T07:33:29.010-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="441048323235002",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.3.140.202/5076",ACLName="no_extensio	2019-10-17 19:37:21
101.227.251.235	attackspambots	Oct 17 12:48:20 pornomens sshd\[15191\]: Invalid user h4x0r3d from 101.227.251.235 port 39702 Oct 17 12:48:20 pornomens sshd\[15191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.227.251.235 Oct 17 12:48:22 pornomens sshd\[15191\]: Failed password for invalid user h4x0r3d from 101.227.251.235 port 39702 ssh2 ...	2019-10-17 19:22:49
148.70.18.216	attackbots	Oct 17 05:20:54 Tower sshd[28769]: Connection from 148.70.18.216 port 41882 on 192.168.10.220 port 22 Oct 17 05:20:56 Tower sshd[28769]: Failed password for root from 148.70.18.216 port 41882 ssh2 Oct 17 05:20:57 Tower sshd[28769]: Received disconnect from 148.70.18.216 port 41882:11: Bye Bye [preauth] Oct 17 05:20:57 Tower sshd[28769]: Disconnected from authenticating user root 148.70.18.216 port 41882 [preauth]	2019-10-17 19:20:21
210.180.118.189	attackbotsspam	Automatic report - Banned IP Access	2019-10-17 19:36:21
39.109.214.192	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-17 19:32:00
8.9.15.143	attack	Oct 17 07:41:52 localhost sshd\[14721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=8.9.15.143 user=root Oct 17 07:41:54 localhost sshd\[14721\]: Failed password for root from 8.9.15.143 port 51104 ssh2 Oct 17 07:50:06 localhost sshd\[14869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=8.9.15.143 user=root ...	2019-10-17 19:18:32
51.38.224.46	attackspambots	Oct 17 13:08:38 server sshd\[13809\]: Invalid user deploy3 from 51.38.224.46 Oct 17 13:08:38 server sshd\[13809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.224.46 Oct 17 13:08:40 server sshd\[13809\]: Failed password for invalid user deploy3 from 51.38.224.46 port 50660 ssh2 Oct 17 13:23:42 server sshd\[17791\]: Invalid user csgoserver from 51.38.224.46 Oct 17 13:23:42 server sshd\[17791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.224.46 ...	2019-10-17 19:46:03
117.0.35.153	attack	Oct 17 13:47:12 [host] sshd[4607]: Invalid user jenkins from 117.0.35.153 Oct 17 13:47:12 [host] sshd[4607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.0.35.153 Oct 17 13:47:14 [host] sshd[4607]: Failed password for invalid user jenkins from 117.0.35.153 port 65204 ssh2	2019-10-17 19:49:41
86.123.125.203	attack	CloudCIX Reconnaissance Scan Detected, PTR: 86-123-125-203.rdsnet.ro.	2019-10-17 19:33:01
211.152.47.90	attack	Oct 17 07:38:52 firewall sshd[29209]: Failed password for invalid user elly from 211.152.47.90 port 34862 ssh2 Oct 17 07:44:48 firewall sshd[29300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.152.47.90 user=root Oct 17 07:44:50 firewall sshd[29300]: Failed password for root from 211.152.47.90 port 45580 ssh2 ...	2019-10-17 19:33:19
104.244.77.210	attack	Invalid user fake from 104.244.77.210 port 45100	2019-10-17 19:10:01

Recently Reported IPs

120.29.77.125	36.68.143.85	185.83.91.224	183.32.227.45
125.160.64.160	120.29.78.59	220.143.146.163	178.128.102.109
90.63.250.31	172.16.40.146	79.108.102.11	42.119.212.86
14.231.97.92	202.142.186.10	195.74.72.42	42.119.153.193
94.25.160.220	88.157.229.59	124.77.112.108	62.98.90.73