49.145.198.248

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: Philippine Long Distance Telephone Company

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
spamproxy	i cant access facebook website	2020-02-18 11:50:46
attack	Unauthorized connection attempt from IP address 49.145.198.248 on Port 445(SMB)	2020-01-26 22:10:07

Comments on same subnet:

IP	Type	Details	Datetime
49.145.198.181	attack	20/8/24@23:51:47: FAIL: Alarm-Network address from=49.145.198.181 ...	2020-08-25 17:40:00
49.145.198.134	attackbotsspam	Unauthorized connection attempt from IP address 49.145.198.134 on Port 445(SMB)	2020-04-27 00:57:57
49.145.198.121	attackspam	Honeypot attack, port: 445, PTR: dsl.49.145.198.121.pldt.net.	2020-03-02 01:35:31

Type

Details

Datetime

49.145.198.181

attack

20/8/24@23:51:47: FAIL: Alarm-Network address from=49.145.198.181
...

2020-08-25 17:40:00

49.145.198.134

attackbotsspam

Unauthorized connection attempt from IP address 49.145.198.134 on Port 445(SMB)

2020-04-27 00:57:57

49.145.198.121

attackspam

Honeypot attack, port: 445, PTR: dsl.49.145.198.121.pldt.net.

2020-03-02 01:35:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.145.198.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12585
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.145.198.248.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012600 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 22:10:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

248.198.145.49.in-addr.arpa domain name pointer dsl.49.145.198.248.pldt.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.198.145.49.in-addr.arpa	name = dsl.49.145.198.248.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
164.90.226.205	attackspambots	Invalid user oracle from 164.90.226.205 port 35626	2020-09-22 23:47:38
161.35.11.118	attack	Sep 22 17:17:12 markkoudstaal sshd[3608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.11.118 Sep 22 17:17:15 markkoudstaal sshd[3608]: Failed password for invalid user user from 161.35.11.118 port 43902 ssh2 Sep 22 17:22:25 markkoudstaal sshd[5112]: Failed password for root from 161.35.11.118 port 55510 ssh2 ...	2020-09-23 00:03:46
201.242.70.73	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-22 23:56:48
163.172.44.194	attack	vps:sshd-InvalidUser	2020-09-22 23:42:39
104.153.96.154	attackspambots	Time: Tue Sep 22 11:15:32 2020 00 IP: 104.153.96.154 (US/United States/www.huangdf.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 22 10:56:59 -11 sshd[10826]: Invalid user cron from 104.153.96.154 port 48022 Sep 22 10:57:01 -11 sshd[10826]: Failed password for invalid user cron from 104.153.96.154 port 48022 ssh2 Sep 22 11:08:09 -11 sshd[11342]: Invalid user ftpuser1 from 104.153.96.154 port 43118 Sep 22 11:08:23 -11 sshd[11342]: Failed password for invalid user ftpuser1 from 104.153.96.154 port 43118 ssh2 Sep 22 11:15:30 -11 sshd[11638]: Invalid user git from 104.153.96.154 port 54620	2020-09-23 00:01:19
86.100.88.76	attack	Unauthorized access to SSH at 22/Sep/2020:12:00:56 +0000.	2020-09-22 23:45:23
118.222.10.218	attackbotsspam	Sep 22 19:02:02 root sshd[29429]: Invalid user admin from 118.222.10.218 ...	2020-09-23 00:10:32
20.185.47.152	attackspambots	Sep 22 15:47:25 XXX sshd[19528]: Invalid user osmc from 20.185.47.152 port 35798	2020-09-23 00:21:14
199.195.249.184	attackbotsspam	TCP (SYN) 199.195.249.184:29127 -> port 23, len 40	2020-09-22 23:57:54
182.103.27.104	attackspam	1600707729 - 09/21/2020 19:02:09 Host: 182.103.27.104/182.103.27.104 Port: 445 TCP Blocked	2020-09-22 23:53:01
218.166.139.215	attack	Sep 21 17:01:31 ssh2 sshd[36026]: User root from 218-166-139-215.dynamic-ip.hinet.net not allowed because not listed in AllowUsers Sep 21 17:01:31 ssh2 sshd[36026]: Failed password for invalid user root from 218.166.139.215 port 49524 ssh2 Sep 21 17:01:31 ssh2 sshd[36026]: Connection closed by invalid user root 218.166.139.215 port 49524 [preauth] ...	2020-09-23 00:12:15
191.6.112.53	attackbotsspam	SSH 191.6.112.53 [22/Sep/2020:06:41:56 "-" "POST /wp-login.php 200 6062 191.6.112.53 [22/Sep/2020:06:41:58 "-" "GET /wp-login.php 200 5999 191.6.112.53 [22/Sep/2020:06:42:00 "-" "POST /wp-login.php 200 6046	2020-09-22 23:57:00
180.176.212.84	attack	Unauthorized connection attempt from IP address 180.176.212.84 on Port 445(SMB)	2020-09-22 23:49:29
213.150.206.88	attackspambots	Time: Tue Sep 22 10:58:17 2020 00 IP: 213.150.206.88 (ZA/South Africa/static-public-213.150.206.bronbergwisp.co.za) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 22 10:51:01 -11 sshd[10586]: Invalid user test from 213.150.206.88 port 41020 Sep 22 10:51:03 -11 sshd[10586]: Failed password for invalid user test from 213.150.206.88 port 41020 ssh2 Sep 22 10:55:36 -11 sshd[10762]: Invalid user bitnami from 213.150.206.88 port 38184 Sep 22 10:55:38 -11 sshd[10762]: Failed password for invalid user bitnami from 213.150.206.88 port 38184 ssh2 Sep 22 10:58:12 -11 sshd[10860]: Invalid user mg from 213.150.206.88 port 45196	2020-09-23 00:13:05
218.92.0.224	attackspam	"Unauthorized connection attempt on SSHD detected"	2020-09-22 23:51:00

Recently Reported IPs

222.18.42.151	54.177.60.11	101.119.235.0	152.195.127.126
76.171.250.81	80.71.188.46	206.1.188.109	125.231.103.69
43.164.166.2	157.20.243.234	157.86.1.250	120.244.56.136
74.205.115.127	66.23.221.153	60.187.184.5	220.135.190.144
105.112.183.102	212.13.123.179	114.62.252.147	49.252.194.122