49.149.105.107

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: DSL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	1580014307 - 01/26/2020 05:51:47 Host: 49.149.105.107/49.149.105.107 Port: 445 TCP Blocked	2020-01-26 15:04:18

Comments on same subnet:

IP	Type	Details	Datetime
49.149.105.72	attackbots	Brute Force	2020-08-27 20:11:46
49.149.105.17	attackbotsspam	Honeypot attack, port: 445, PTR: dsl.49.149.105.17.pldt.net.	2020-02-27 21:25:12
49.149.105.252	attack	Unauthorized connection attempt from IP address 49.149.105.252 on Port 445(SMB)	2020-01-26 05:40:21
49.149.105.108	attackspam	unauthorized connection attempt	2020-01-09 14:07:03
49.149.105.85	attack	Unauthorized connection attempt detected from IP address 49.149.105.85 to port 445	2019-12-23 15:21:26
49.149.105.140	attack	Jul 23 05:17:00 localhost kernel: [15117613.725906] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=49.149.105.140 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=10037 DF PROTO=TCP SPT=3680 DPT=8291 SEQ=1139354978 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405840103030201010402) Jul 23 05:17:06 localhost kernel: [15117619.497581] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=49.149.105.140 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=6454 DF PROTO=TCP SPT=3784 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jul 23 05:17:06 localhost kernel: [15117619.497607] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=49.149.105.140 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=6454 DF PROTO=TCP SPT=3784 DPT=8291 SEQ=219521053 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405840103030201010402)	2019-07-23 21:22:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.149.105.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62197
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.149.105.107.			IN	A

;; AUTHORITY SECTION:
.			373	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012600 1800 900 604800 86400

;; Query time: 43 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 15:04:11 CST 2020
;; MSG SIZE  rcvd: 118

Host info

107.105.149.49.in-addr.arpa domain name pointer dsl.49.149.105.107.pldt.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
107.105.149.49.in-addr.arpa	name = dsl.49.149.105.107.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.19.66.195	attackbots	B: Abusive content scan (301)	2019-10-10 21:32:38
197.50.71.117	attack	Invalid user admin from 197.50.71.117 port 60512	2019-10-10 20:48:23
107.189.2.90	attack	www.handydirektreparatur.de 107.189.2.90 \[10/Oct/2019:13:58:40 +0200\] "POST /wp-login.php HTTP/1.1" 200 5665 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 107.189.2.90 \[10/Oct/2019:13:58:40 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4114 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-10 21:17:21
62.210.101.81	attackspam	Oct 10 14:58:53 [host] sshd[23163]: Invalid user Adrian[at]2017 from 62.210.101.81 Oct 10 14:58:53 [host] sshd[23163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.210.101.81 Oct 10 14:58:55 [host] sshd[23163]: Failed password for invalid user Adrian[at]2017 from 62.210.101.81 port 34458 ssh2	2019-10-10 21:17:57
37.139.21.75	attackbots	$f2bV_matches	2019-10-10 20:55:25
5.10.100.238	attackbotsspam	10/10/2019-09:07:11.060755 5.10.100.238 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-10 21:19:40
5.196.110.170	attack	Invalid user applmgr from 5.196.110.170 port 59238	2019-10-10 20:46:38
60.184.164.48	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/60.184.164.48/ CN - 1H : (529) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 60.184.164.48 CIDR : 60.184.0.0/14 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 WYKRYTE ATAKI Z ASN4134 : 1H - 10 3H - 27 6H - 62 12H - 123 24H - 231 DateTime : 2019-10-10 13:58:24 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-10 21:26:59
14.207.124.106	attackspambots	Invalid user admin from 14.207.124.106 port 45568	2019-10-10 21:08:06
140.206.104.62	attackspambots	10/10/2019-13:58:31.946616 140.206.104.62 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-10 21:22:41
221.162.255.86	attack	$f2bV_matches	2019-10-10 21:14:40
218.241.236.108	attack	Oct 10 15:00:33 bouncer sshd\[17717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.236.108 user=root Oct 10 15:00:36 bouncer sshd\[17717\]: Failed password for root from 218.241.236.108 port 55687 ssh2 Oct 10 15:05:33 bouncer sshd\[17729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.236.108 user=root ...	2019-10-10 21:25:24
149.56.109.57	attackspambots	Oct 10 13:51:27 dev0-dcde-rnet sshd[20287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.109.57 Oct 10 13:51:29 dev0-dcde-rnet sshd[20287]: Failed password for invalid user Super2017 from 149.56.109.57 port 54514 ssh2 Oct 10 13:59:00 dev0-dcde-rnet sshd[20295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.109.57	2019-10-10 21:09:00
54.37.205.162	attackbotsspam	Oct 10 13:07:05 anodpoucpklekan sshd[26812]: Invalid user ftp from 54.37.205.162 port 50038 Oct 10 13:07:07 anodpoucpklekan sshd[26812]: Failed password for invalid user ftp from 54.37.205.162 port 50038 ssh2 ...	2019-10-10 21:07:50
211.159.152.252	attackbots	Oct 10 02:33:26 hanapaa sshd\[10655\]: Invalid user marketing from 211.159.152.252 Oct 10 02:33:26 hanapaa sshd\[10655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.152.252 Oct 10 02:33:28 hanapaa sshd\[10655\]: Failed password for invalid user marketing from 211.159.152.252 port 21447 ssh2 Oct 10 02:43:05 hanapaa sshd\[11552\]: Invalid user yahoo from 211.159.152.252 Oct 10 02:43:05 hanapaa sshd\[11552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.152.252	2019-10-10 20:47:35

Recently Reported IPs

190.62.210.233	5.251.31.178	167.114.36.165	171.35.167.186
59.102.252.31	36.72.212.28	93.190.142.157	172.74.103.26
47.110.58.14	147.159.231.196	90.103.18.119	95.37.246.115
168.11.129.206	213.61.168.43	197.248.102.161	109.94.116.251
40.117.153.174	91.162.248.249	101.200.62.154	13.230.250.154