49.149.107.142

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: DSL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: dsl.49.149.107.142.pldt.net.	2020-03-07 21:07:52

Comments on same subnet:

IP	Type	Details	Datetime
49.149.107.209	attackbots	20/6/6@00:19:38: FAIL: Alarm-Network address from=49.149.107.209 ...	2020-06-06 12:57:50
49.149.107.129	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 08-02-2020 14:20:43.	2020-02-09 06:22:17
49.149.107.129	attackbots	1580619033 - 02/02/2020 05:50:33 Host: 49.149.107.129/49.149.107.129 Port: 445 TCP Blocked	2020-02-02 19:47:56
49.149.107.216	attackbotsspam	Unauthorized connection attempt detected from IP address 49.149.107.216 to port 445	2020-01-01 22:26:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.149.107.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53369
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.149.107.142.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030700 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 21:07:48 CST 2020
;; MSG SIZE  rcvd: 118

Host info

142.107.149.49.in-addr.arpa domain name pointer dsl.49.149.107.142.pldt.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.107.149.49.in-addr.arpa	name = dsl.49.149.107.142.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.169.78.100	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:26:39,018 INFO [amun_request_handler] PortScan Detected on Port: 445 (1.169.78.100)	2019-06-30 09:03:42
103.118.48.19	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:32:27,592 INFO [amun_request_handler] PortScan Detected on Port: 445 (103.118.48.19)	2019-06-30 08:38:02
177.69.44.193	attackbotsspam	$f2bV_matches	2019-06-30 09:02:49
200.75.2.170	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:29:40,464 INFO [amun_request_handler] PortScan Detected on Port: 445 (200.75.2.170)	2019-06-30 08:46:17
106.13.107.106	attackspambots	Invalid user emeraude from 106.13.107.106 port 44050 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 Failed password for invalid user emeraude from 106.13.107.106 port 44050 ssh2 Invalid user stream from 106.13.107.106 port 38178 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106	2019-06-30 08:23:56
36.65.10.120	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:32:36,615 INFO [amun_request_handler] PortScan Detected on Port: 445 (36.65.10.120)	2019-06-30 08:36:01
187.45.217.3	attack	These are people / users who try to send programs for data capture (spy), see examples below, there are no limits: From riquemodestomoreira@fiatfattore.com.br Sat Jun 29 03:02:10 2019 Received: from hm3563-218.email.locaweb.com.br ([186.202.21.218]:53522 helo=hm3563.email.locaweb.com.br) (envelope-from ) Received: from apu0002.locaweb.com.br (apu0002.email.locaweb.com.br [187.45.217.3]) Received: from POLLUX13-0006.locaweb-net.locaweb.com.br (unknown [191.252.19.130]) From: =?UTF-8?B?QmFuY28gZG8gQnJhc2ls?= Subject: =?UTF-8?B?QXR1YWxpemHDp8OjbyBuZWNlc3PDoXJpYS4gQmFuY28gZG8gQnJhc2lsIFs=?=2286201] X-PHP-Originating-Script: 0:envia.php	2019-06-30 08:44:46
51.91.18.45	attack	Port Scan detected from 51.91.18.45 (FR/France/ns3149559.ip-51-91-18.eu). 4 hits in the last 270 seconds	2019-06-30 08:31:20
45.254.25.181	attack	3306/tcp 8080/tcp... [2019-06-25/29]8pkt,2pt.(tcp)	2019-06-30 08:31:36
91.197.21.158	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:28:09,015 INFO [amun_request_handler] PortScan Detected on Port: 445 (91.197.21.158)	2019-06-30 08:55:13
138.197.66.204	attack	Telnet/23 MH Probe, BF, Hack -	2019-06-30 08:47:45
49.231.13.190	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 18:31:54,521 INFO [amun_request_handler] PortScan Detected on Port: 445 (49.231.13.190)	2019-06-30 08:39:50
89.3.236.207	attack	$f2bV_matches	2019-06-30 09:05:44
46.166.151.47	attackbots	\[2019-06-29 18:48:15\] SECURITY\[5156\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-06-29T18:48:15.830-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="981046363302946",SessionID="0x7f13a8e39958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/50923",ACLName="no_extension_match" \[2019-06-29 18:50:38\] SECURITY\[5156\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-06-29T18:50:38.498-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0046363302946",SessionID="0x7f13a8e39958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/53362",ACLName="no_extension_match" \[2019-06-29 18:52:57\] SECURITY\[5156\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-06-29T18:52:57.446-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00046363302946",SessionID="0x7f13a8d3cb78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/57026",ACLName="no_extens	2019-06-30 08:55:31
58.247.132.58	attack	Jun 29 23:44:54 ns37 sshd[25565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.247.132.58 Jun 29 23:44:54 ns37 sshd[25565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.247.132.58	2019-06-30 08:24:33

Recently Reported IPs

184.39.232.128	17.170.170.38	222.252.92.177	89.41.40.254
123.24.206.156	124.78.131.223	63.225.137.20	141.136.90.21
1.22.55.154	186.49.65.66	183.220.146.248	195.16.49.170
37.254.88.54	193.104.205.80	66.134.235.156	165.22.223.82
128.1.91.90	69.59.155.204	114.105.178.242	104.79.159.208