49.145.109.19 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Philippines

运营商(isp): Philippine Long Distance Telephone Company

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Honeypot attack, port: 445, PTR: dsl.49.145.109.19.pldt.net.	2020-02-27 16:37:52

相同子网IP讨论:

IP	类型	评论内容	时间
49.145.109.102	attackbotsspam	20/8/30@23:59:43: FAIL: Alarm-Network address from=49.145.109.102 ...	2020-08-31 12:08:30
49.145.109.57	attack	Brute-force general attack.	2020-03-07 13:34:44
49.145.109.18	attack	1580273589 - 01/29/2020 05:53:09 Host: 49.145.109.18/49.145.109.18 Port: 445 TCP Blocked	2020-01-29 15:23:26
49.145.109.205	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 12:35:27.	2019-10-18 03:26:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.145.109.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63840
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.145.109.19.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022700 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 16:37:46 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

19.109.145.49.in-addr.arpa domain name pointer dsl.49.145.109.19.pldt.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
19.109.145.49.in-addr.arpa	name = dsl.49.145.109.19.pldt.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
180.250.248.170	attack	Aug 24 23:00:21 tdfoods sshd\[31266\]: Invalid user sls from 180.250.248.170 Aug 24 23:00:21 tdfoods sshd\[31266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.248.170 Aug 24 23:00:22 tdfoods sshd\[31266\]: Failed password for invalid user sls from 180.250.248.170 port 36772 ssh2 Aug 24 23:05:42 tdfoods sshd\[31821\]: Invalid user jboss from 180.250.248.170 Aug 24 23:05:42 tdfoods sshd\[31821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.248.170	2019-08-25 19:48:41
5.160.99.72	attackspambots	Unauthorized connection attempt from IP address 5.160.99.72 on Port 445(SMB)	2019-08-25 20:05:31
218.92.0.161	attackspambots	Aug 25 12:39:14 fr01 sshd[11113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.161 user=root Aug 25 12:39:16 fr01 sshd[11113]: Failed password for root from 218.92.0.161 port 52542 ssh2 Aug 25 12:39:18 fr01 sshd[11113]: Failed password for root from 218.92.0.161 port 52542 ssh2 Aug 25 12:39:14 fr01 sshd[11113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.161 user=root Aug 25 12:39:16 fr01 sshd[11113]: Failed password for root from 218.92.0.161 port 52542 ssh2 Aug 25 12:39:18 fr01 sshd[11113]: Failed password for root from 218.92.0.161 port 52542 ssh2 Aug 25 12:39:14 fr01 sshd[11113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.161 user=root Aug 25 12:39:16 fr01 sshd[11113]: Failed password for root from 218.92.0.161 port 52542 ssh2 Aug 25 12:39:18 fr01 sshd[11113]: Failed password for root from 218.92.0.161 port 52542 ssh2 Aug 25 12:39:21 fr01 sshd[11	2019-08-25 20:05:59
68.183.193.46	attackbotsspam	Aug 24 10:45:36 pl3server sshd[2859350]: Invalid user user2 from 68.183.193.46 Aug 24 10:45:36 pl3server sshd[2859350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.193.46 Aug 24 10:45:37 pl3server sshd[2859350]: Failed password for invalid user user2 from 68.183.193.46 port 54716 ssh2 Aug 24 10:45:37 pl3server sshd[2859350]: Received disconnect from 68.183.193.46: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=68.183.193.46	2019-08-25 20:11:31
117.102.105.202	attackbots	Aug 25 01:01:53 auw2 sshd\[23955\]: Invalid user fernie from 117.102.105.202 Aug 25 01:01:53 auw2 sshd\[23955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.105.202 Aug 25 01:01:55 auw2 sshd\[23955\]: Failed password for invalid user fernie from 117.102.105.202 port 39750 ssh2 Aug 25 01:07:48 auw2 sshd\[24497\]: Invalid user zhangl from 117.102.105.202 Aug 25 01:07:48 auw2 sshd\[24497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.102.105.202	2019-08-25 20:07:19
77.247.110.216	attackspambots	\[2019-08-25 06:54:46\] NOTICE\[1829\] chan_sip.c: Registration from '"2008" \' failed for '77.247.110.216:5986' - Wrong password \[2019-08-25 06:54:46\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-25T06:54:46.229-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2008",SessionID="0x7f7b30fa67f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.216/5986",Challenge="4064dba8",ReceivedChallenge="4064dba8",ReceivedHash="db61e56e7cfea54dba79efe0f6bc6541" \[2019-08-25 06:54:46\] NOTICE\[1829\] chan_sip.c: Registration from '"2008" \' failed for '77.247.110.216:5986' - Wrong password \[2019-08-25 06:54:46\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-25T06:54:46.381-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2008",SessionID="0x7f7b304de1f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4	2019-08-25 19:38:05
206.189.221.160	attackspambots	Aug 24 21:57:39 php2 sshd\[20338\]: Invalid user webadmin from 206.189.221.160 Aug 24 21:57:39 php2 sshd\[20338\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=desligar.me Aug 24 21:57:41 php2 sshd\[20338\]: Failed password for invalid user webadmin from 206.189.221.160 port 44666 ssh2 Aug 24 22:01:50 php2 sshd\[20814\]: Invalid user postgres from 206.189.221.160 Aug 24 22:01:50 php2 sshd\[20814\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=desligar.me	2019-08-25 20:06:29
185.216.140.27	attackbotsspam	08/25/2019-05:00:49.551448 185.216.140.27 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-25 19:33:44
178.128.14.26	attackbots	Aug 25 09:47:40 thevastnessof sshd[6788]: Failed password for root from 178.128.14.26 port 38880 ssh2 ...	2019-08-25 20:03:30
45.55.12.248	attack	Invalid user ftpuser from 45.55.12.248 port 38860	2019-08-25 20:16:31
176.107.131.245	attackspambots	Automatic report - Port Scan Attack	2019-08-25 19:49:44
172.221.169.246	attack	2019-08-25 02:34:22 H=(172.221.169.246) [172.221.169.246]:42138 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-08-25 02:56:35 H=(172.221.169.246) [172.221.169.246]:34611 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-08-25 03:02:03 H=(172.221.169.246) [172.221.169.246]:38211 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/172.221.169.246) ...	2019-08-25 19:50:06
185.175.93.19	attack	08/25/2019-07:09:20.571571 185.175.93.19 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-25 20:15:16
120.197.244.39	attack	SASL broute force	2019-08-25 20:20:28
110.138.89.75	attack	Unauthorized connection attempt from IP address 110.138.89.75 on Port 445(SMB)	2019-08-25 20:14:58

最近上报的IP列表

187.211.52.63	49.157.238.55	65.104.100.190	169.132.241.212
78.80.160.187	236.52.8.88	72.133.153.119	42.112.147.87
182.253.213.10	182.74.198.99	61.92.237.150	41.39.129.205
180.241.9.128	219.77.233.243	36.65.4.113	180.242.2.73
125.27.51.125	89.244.177.26	14.253.148.30	123.19.243.178