49.149.107.142

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: DSL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: dsl.49.149.107.142.pldt.net.	2020-03-07 21:07:52

Comments on same subnet:

IP	Type	Details	Datetime
49.149.107.209	attackbots	20/6/6@00:19:38: FAIL: Alarm-Network address from=49.149.107.209 ...	2020-06-06 12:57:50
49.149.107.129	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 08-02-2020 14:20:43.	2020-02-09 06:22:17
49.149.107.129	attackbots	1580619033 - 02/02/2020 05:50:33 Host: 49.149.107.129/49.149.107.129 Port: 445 TCP Blocked	2020-02-02 19:47:56
49.149.107.216	attackbotsspam	Unauthorized connection attempt detected from IP address 49.149.107.216 to port 445	2020-01-01 22:26:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.149.107.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53369
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.149.107.142.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030700 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 21:07:48 CST 2020
;; MSG SIZE  rcvd: 118

Host info

142.107.149.49.in-addr.arpa domain name pointer dsl.49.149.107.142.pldt.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.107.149.49.in-addr.arpa	name = dsl.49.149.107.142.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.46.224	attackbots	Sep 1 20:29:26 SilenceServices sshd[8831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.46.224 Sep 1 20:29:28 SilenceServices sshd[8831]: Failed password for invalid user 102938 from 159.65.46.224 port 48992 ssh2 Sep 1 20:33:16 SilenceServices sshd[11766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.46.224	2019-09-02 02:53:30
142.93.187.61	attack	Sep 1 18:37:21 hb sshd\[13402\]: Invalid user rony from 142.93.187.61 Sep 1 18:37:21 hb sshd\[13402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.187.61 Sep 1 18:37:23 hb sshd\[13402\]: Failed password for invalid user rony from 142.93.187.61 port 40724 ssh2 Sep 1 18:41:11 hb sshd\[13710\]: Invalid user zeppelin from 142.93.187.61 Sep 1 18:41:11 hb sshd\[13710\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.187.61	2019-09-02 02:54:28
86.237.102.114	attack	$f2bV_matches	2019-09-02 02:50:51
175.167.25.193	attackbotsspam	Unauthorised access (Sep 1) SRC=175.167.25.193 LEN=40 TTL=49 ID=16179 TCP DPT=8080 WINDOW=47921 SYN	2019-09-02 02:19:56
79.137.86.205	attack	Sep 1 20:40:08 MK-Soft-Root2 sshd\[18193\]: Invalid user beavis from 79.137.86.205 port 55866 Sep 1 20:40:08 MK-Soft-Root2 sshd\[18193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.86.205 Sep 1 20:40:10 MK-Soft-Root2 sshd\[18193\]: Failed password for invalid user beavis from 79.137.86.205 port 55866 ssh2 ...	2019-09-02 02:53:50
121.204.185.106	attack	Sep 1 19:34:15 tux-35-217 sshd\[18337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.185.106 user=root Sep 1 19:34:17 tux-35-217 sshd\[18337\]: Failed password for root from 121.204.185.106 port 50233 ssh2 Sep 1 19:37:24 tux-35-217 sshd\[18344\]: Invalid user teamspeak3 from 121.204.185.106 port 36316 Sep 1 19:37:24 tux-35-217 sshd\[18344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.204.185.106 ...	2019-09-02 02:05:04
194.182.65.169	attack	Sep 1 19:24:06 mail sshd\[27761\]: Failed password for invalid user nicola from 194.182.65.169 port 41072 ssh2 Sep 1 19:39:54 mail sshd\[28105\]: Invalid user travis from 194.182.65.169 port 49002 Sep 1 19:39:54 mail sshd\[28105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.182.65.169 ...	2019-09-02 02:51:31
60.19.238.30	attack	Unauthorised access (Sep 1) SRC=60.19.238.30 LEN=40 TTL=49 ID=22399 TCP DPT=8080 WINDOW=11914 SYN Unauthorised access (Sep 1) SRC=60.19.238.30 LEN=40 TTL=49 ID=28187 TCP DPT=8080 WINDOW=43691 SYN Unauthorised access (Sep 1) SRC=60.19.238.30 LEN=40 TTL=49 ID=60528 TCP DPT=8080 WINDOW=24699 SYN Unauthorised access (Sep 1) SRC=60.19.238.30 LEN=40 TTL=49 ID=5636 TCP DPT=8080 WINDOW=25211 SYN Unauthorised access (Aug 31) SRC=60.19.238.30 LEN=40 TTL=49 ID=59956 TCP DPT=8080 WINDOW=24387 SYN Unauthorised access (Aug 31) SRC=60.19.238.30 LEN=40 TTL=49 ID=38796 TCP DPT=8080 WINDOW=5274 SYN	2019-09-02 02:09:22
125.27.12.20	attackspambots	Sep 1 19:33:21 debian sshd\[25011\]: Invalid user gene from 125.27.12.20 port 54238 Sep 1 19:33:21 debian sshd\[25011\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.27.12.20 ...	2019-09-02 02:44:45
222.186.42.241	attackbotsspam	Sep 1 14:07:28 debian sshd[23724]: Unable to negotiate with 222.186.42.241 port 54332: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 1 14:20:09 debian sshd[24421]: Unable to negotiate with 222.186.42.241 port 34418: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-09-02 02:29:37
184.146.67.0	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-09-02 02:27:46
185.69.70.4	attackbotsspam	xmlrpc attack	2019-09-02 02:53:12
203.184.207.144	attackbotsspam	2019-09-01T18:07:32.929254abusebot-8.cloudsearch.cf sshd\[384\]: Invalid user buyer from 203.184.207.144 port 41633	2019-09-02 02:13:06
103.105.98.1	attack	Automatic report - Banned IP Access	2019-09-02 02:52:54
51.75.25.164	attackspambots	Sep 1 08:34:10 tdfoods sshd\[24234\]: Invalid user sandoze from 51.75.25.164 Sep 1 08:34:10 tdfoods sshd\[24234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.ip-51-75-25.eu Sep 1 08:34:12 tdfoods sshd\[24234\]: Failed password for invalid user sandoze from 51.75.25.164 port 40346 ssh2 Sep 1 08:38:02 tdfoods sshd\[24566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.ip-51-75-25.eu user=mysql Sep 1 08:38:04 tdfoods sshd\[24566\]: Failed password for mysql from 51.75.25.164 port 56172 ssh2	2019-09-02 02:40:03

Recently Reported IPs

184.39.232.128	17.170.170.38	222.252.92.177	89.41.40.254
123.24.206.156	124.78.131.223	63.225.137.20	141.136.90.21
1.22.55.154	186.49.65.66	183.220.146.248	195.16.49.170
37.254.88.54	193.104.205.80	66.134.235.156	165.22.223.82
128.1.91.90	69.59.155.204	114.105.178.242	104.79.159.208