49.149.107.142

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: DSL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: dsl.49.149.107.142.pldt.net.	2020-03-07 21:07:52

Comments on same subnet:

IP	Type	Details	Datetime
49.149.107.209	attackbots	20/6/6@00:19:38: FAIL: Alarm-Network address from=49.149.107.209 ...	2020-06-06 12:57:50
49.149.107.129	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 08-02-2020 14:20:43.	2020-02-09 06:22:17
49.149.107.129	attackbots	1580619033 - 02/02/2020 05:50:33 Host: 49.149.107.129/49.149.107.129 Port: 445 TCP Blocked	2020-02-02 19:47:56
49.149.107.216	attackbotsspam	Unauthorized connection attempt detected from IP address 49.149.107.216 to port 445	2020-01-01 22:26:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.149.107.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53369
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.149.107.142.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030700 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 21:07:48 CST 2020
;; MSG SIZE  rcvd: 118

Host info

142.107.149.49.in-addr.arpa domain name pointer dsl.49.149.107.142.pldt.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.107.149.49.in-addr.arpa	name = dsl.49.149.107.142.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.64.165.9	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 12:15:38,798 INFO [shellcode_manager] (182.64.165.9) no match, writing hexdump (c0979547c4ba5fdcfb0161ed31f4ff6a :2035019) - MS17010 (EternalBlue)	2019-09-11 07:44:33
132.232.19.122	attackbotsspam	Sep 11 01:40:22 localhost sshd\[18455\]: Invalid user 123 from 132.232.19.122 port 49208 Sep 11 01:40:22 localhost sshd\[18455\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.19.122 Sep 11 01:40:24 localhost sshd\[18455\]: Failed password for invalid user 123 from 132.232.19.122 port 49208 ssh2	2019-09-11 07:47:57
184.82.154.122	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 12:17:12,943 INFO [shellcode_manager] (184.82.154.122) no match, writing hexdump (b756120bbb6b06d8188263ae0b2dc595 :2106669) - MS17010 (EternalBlue)	2019-09-11 08:14:47
95.58.194.141	attack	" "	2019-09-11 07:43:02
62.83.87.120	attackspambots	ES - 1H : (23) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN12430 IP : 62.83.87.120 CIDR : 62.83.0.0/17 PREFIX COUNT : 131 UNIQUE IP COUNT : 3717120 WYKRYTE ATAKI Z ASN12430 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 4 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-11 08:06:02
164.132.205.21	attackspambots	Sep 11 01:55:49 vps647732 sshd[29539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.205.21 Sep 11 01:55:51 vps647732 sshd[29539]: Failed password for invalid user steam from 164.132.205.21 port 33712 ssh2 ...	2019-09-11 07:56:57
121.168.248.218	attack	Sep 11 01:53:09 vps691689 sshd[4344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.168.248.218 Sep 11 01:53:11 vps691689 sshd[4344]: Failed password for invalid user steam from 121.168.248.218 port 54278 ssh2 ...	2019-09-11 08:11:46
78.199.19.118	attack	Sep 10 13:35:36 php1 sshd\[14849\]: Invalid user guest from 78.199.19.118 Sep 10 13:35:36 php1 sshd\[14849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=sot53-1-78-199-19-118.fbx.proxad.net Sep 10 13:35:38 php1 sshd\[14849\]: Failed password for invalid user guest from 78.199.19.118 port 40252 ssh2 Sep 10 13:41:17 php1 sshd\[16016\]: Invalid user demo from 78.199.19.118 Sep 10 13:41:17 php1 sshd\[16016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=sot53-1-78-199-19-118.fbx.proxad.net	2019-09-11 07:46:14
122.175.55.196	attackspambots	Sep 10 23:34:11 hb sshd\[32288\]: Invalid user jira from 122.175.55.196 Sep 10 23:34:11 hb sshd\[32288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.175.55.196 Sep 10 23:34:13 hb sshd\[32288\]: Failed password for invalid user jira from 122.175.55.196 port 27777 ssh2 Sep 10 23:41:36 hb sshd\[609\]: Invalid user hduser from 122.175.55.196 Sep 10 23:41:36 hb sshd\[609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.175.55.196	2019-09-11 08:03:07
222.186.15.101	attackspambots	Sep 10 18:09:28 debian sshd[2043]: Unable to negotiate with 222.186.15.101 port 50078: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Sep 10 19:39:59 debian sshd[6072]: Unable to negotiate with 222.186.15.101 port 16670: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-09-11 07:47:39
218.98.40.133	attack	$f2bV_matches	2019-09-11 07:36:50
82.165.64.156	attackbotsspam	Sep 10 13:48:42 hanapaa sshd\[30424\]: Invalid user ec2-user@123 from 82.165.64.156 Sep 10 13:48:42 hanapaa sshd\[30424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.165.64.156 Sep 10 13:48:44 hanapaa sshd\[30424\]: Failed password for invalid user ec2-user@123 from 82.165.64.156 port 41842 ssh2 Sep 10 13:57:30 hanapaa sshd\[31219\]: Invalid user qweasd123 from 82.165.64.156 Sep 10 13:57:30 hanapaa sshd\[31219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.165.64.156	2019-09-11 08:03:31
123.20.136.135	attackspam	port scan and connect, tcp 8080 (http-proxy)	2019-09-11 08:17:25
182.61.43.223	attackspambots	Sep 11 01:18:16 tux-35-217 sshd\[6323\]: Invalid user smbguest from 182.61.43.223 port 47500 Sep 11 01:18:16 tux-35-217 sshd\[6323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.43.223 Sep 11 01:18:18 tux-35-217 sshd\[6323\]: Failed password for invalid user smbguest from 182.61.43.223 port 47500 ssh2 Sep 11 01:25:02 tux-35-217 sshd\[6402\]: Invalid user stats from 182.61.43.223 port 51596 Sep 11 01:25:02 tux-35-217 sshd\[6402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.43.223 ...	2019-09-11 08:10:36
77.247.110.156	attack	[portscan] Port scan	2019-09-11 07:42:41

Recently Reported IPs

184.39.232.128	17.170.170.38	222.252.92.177	89.41.40.254
123.24.206.156	124.78.131.223	63.225.137.20	141.136.90.21
1.22.55.154	186.49.65.66	183.220.146.248	195.16.49.170
37.254.88.54	193.104.205.80	66.134.235.156	165.22.223.82
128.1.91.90	69.59.155.204	114.105.178.242	104.79.159.208