49.145.106.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: Philippine Long Distance Telephone Company

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	1598876977 - 08/31/2020 14:29:37 Host: 49.145.106.18/49.145.106.18 Port: 445 TCP Blocked	2020-09-01 04:03:42

Comments on same subnet:

IP	Type	Details	Datetime
49.145.106.122	attackspam	High volume WP login attempts -eld	2020-07-28 04:12:40
49.145.106.182	attackspam	unauthorized connection attempt	2020-01-28 14:00:03
49.145.106.34	attack	1579899004 - 01/24/2020 21:50:04 Host: 49.145.106.34/49.145.106.34 Port: 445 TCP Blocked	2020-01-25 07:44:10
49.145.106.162	attackbots	Unauthorized connection attempt from IP address 49.145.106.162 on Port 445(SMB)	2020-01-11 20:03:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.145.106.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55300
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.145.106.18.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 04:03:38 CST 2020
;; MSG SIZE  rcvd: 117

Host info

18.106.145.49.in-addr.arpa domain name pointer dsl.49.145.106.18.pldt.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.106.145.49.in-addr.arpa	name = dsl.49.145.106.18.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.211.87.40	attackspambots	Oct 12 08:15:32 xtremcommunity sshd\[447295\]: Invalid user 0okmnji98uhb from 80.211.87.40 port 56946 Oct 12 08:15:32 xtremcommunity sshd\[447295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.87.40 Oct 12 08:15:33 xtremcommunity sshd\[447295\]: Failed password for invalid user 0okmnji98uhb from 80.211.87.40 port 56946 ssh2 Oct 12 08:19:32 xtremcommunity sshd\[447357\]: Invalid user 0okmnji98uhb from 80.211.87.40 port 41088 Oct 12 08:19:32 xtremcommunity sshd\[447357\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.87.40 ...	2019-10-12 20:20:58
178.57.86.206	attack	[portscan] Port scan	2019-10-12 19:47:49
140.143.69.34	attackspam	Oct 12 10:19:16 [host] sshd[10267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.69.34 user=root Oct 12 10:19:17 [host] sshd[10267]: Failed password for root from 140.143.69.34 port 51459 ssh2 Oct 12 10:23:55 [host] sshd[10303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.69.34 user=root	2019-10-12 20:01:51
124.158.7.220	attackspam	firewall-block, port(s): 389/udp	2019-10-12 19:57:05
46.61.13.90	attackbots	Honeypot hit.	2019-10-12 20:07:50
77.42.110.39	attackbots	Automatic report - Port Scan Attack	2019-10-12 20:26:11
115.75.36.129	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 12-10-2019 06:55:16.	2019-10-12 19:50:12
84.216.197.41	attack	Multiple SASL authentication failures. Date: 2019 Oct 12. 02:16:45 -- Source IP: 84.216.197.41 Portion of the log(s): Oct 12 02:16:45 vserv postfix/smtps/smtpd[8730]: warning: c-29c5d854.04-57-73746f61.bbcust.telenor.se[84.216.197.41]: SASL PLAIN authentication failed Oct 12 02:16:34 vserv postfix/smtps/smtpd[8730]: warning: c-29c5d854.04-57-73746f61.bbcust.telenor.se[84.216.197.41]: SASL PLAIN authentication failed: Connection lost to authentication server Oct 12 02:16:34 vserv postfix/smtps/smtpd[8730]: warning: c-29c5d854.04-57-73746f61.bbcust.telenor.se[84.216.197.41]: SASL PLAIN authentication failed: Connection lost to authentication server Oct 12 02:16:23 vserv postfix/smtps/smtpd[8730]: warning: c-29c5d854.04-57-73746f61.bbcust.telenor.se[84.216.197.41]: SASL PLAIN authentication failed: Connection lost to authentication server Oct 12 02:16:23 vserv postfix/smtps/smtpd[8730]: warning: c-29c5d854.04-57-73746f61.bbcust.telenor.se[84.216.197.41]: SASL PLAIN authentication failed	2019-10-12 20:03:19
89.185.81.100	attackspambots	[portscan] Port scan	2019-10-12 20:02:52
194.28.52.136	attack	" "	2019-10-12 20:01:11
122.154.46.4	attackbotsspam	Oct 12 11:49:52 localhost sshd\[100356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.46.4 user=root Oct 12 11:49:54 localhost sshd\[100356\]: Failed password for root from 122.154.46.4 port 35174 ssh2 Oct 12 11:54:04 localhost sshd\[100531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.46.4 user=root Oct 12 11:54:05 localhost sshd\[100531\]: Failed password for root from 122.154.46.4 port 44862 ssh2 Oct 12 11:58:20 localhost sshd\[100722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.46.4 user=root ...	2019-10-12 20:07:33
49.206.8.156	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 12-10-2019 06:55:18.	2019-10-12 19:46:08
51.159.7.98	attack	Port Scan: UDP/5060	2019-10-12 19:57:20
187.127.59.154	attack	Automatic report - Port Scan Attack	2019-10-12 19:49:18
58.87.114.103	attack	Oct 7 09:21:42 mailserver sshd[9487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.114.103 user=r.r Oct 7 09:21:44 mailserver sshd[9487]: Failed password for r.r from 58.87.114.103 port 53130 ssh2 Oct 7 09:21:45 mailserver sshd[9487]: Received disconnect from 58.87.114.103 port 53130:11: Bye Bye [preauth] Oct 7 09:21:45 mailserver sshd[9487]: Disconnected from 58.87.114.103 port 53130 [preauth] Oct 7 09:41:05 mailserver sshd[11697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.114.103 user=r.r Oct 7 09:41:07 mailserver sshd[11697]: Failed password for r.r from 58.87.114.103 port 37194 ssh2 Oct 7 09:41:07 mailserver sshd[11697]: Received disconnect from 58.87.114.103 port 37194:11: Bye Bye [preauth] Oct 7 09:41:07 mailserver sshd[11697]: Disconnected from 58.87.114.103 port 37194 [preauth] Oct 7 09:45:43 mailserver sshd[12198]: pam_unix(sshd:auth): authentication ........ -------------------------------	2019-10-12 19:54:52

Recently Reported IPs

201.209.135.238	50.135.203.106	255.47.46.28	69.46.9.16
95.44.77.87	195.130.55.230	196.56.198.145	46.9.2.165
78.164.2.5	154.125.43.135	52.28.200.82	103.47.65.217
76.120.190.55	164.102.91.150	251.89.118.171	5.127.38.197
185.171.91.90	131.196.94.226	23.123.201.85	178.176.176.205