49.149.107.129

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Philippines

运营商(isp): DSL

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 08-02-2020 14:20:43.	2020-02-09 06:22:17
attackbots	1580619033 - 02/02/2020 05:50:33 Host: 49.149.107.129/49.149.107.129 Port: 445 TCP Blocked	2020-02-02 19:47:56

相同子网IP讨论:

IP	类型	评论内容	时间
49.149.107.209	attackbots	20/6/6@00:19:38: FAIL: Alarm-Network address from=49.149.107.209 ...	2020-06-06 12:57:50
49.149.107.142	attackspam	Honeypot attack, port: 445, PTR: dsl.49.149.107.142.pldt.net.	2020-03-07 21:07:52
49.149.107.216	attackbotsspam	Unauthorized connection attempt detected from IP address 49.149.107.216 to port 445	2020-01-01 22:26:00

类型

评论内容

时间

49.149.107.209

attackbots

20/6/6@00:19:38: FAIL: Alarm-Network address from=49.149.107.209
...

2020-06-06 12:57:50

49.149.107.142

attackspam

Honeypot attack, port: 445, PTR: dsl.49.149.107.142.pldt.net.

2020-03-07 21:07:52

49.149.107.216

attackbotsspam

Unauthorized connection attempt detected from IP address 49.149.107.216 to port 445

2020-01-01 22:26:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.149.107.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7261
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.149.107.129.			IN	A

;; AUTHORITY SECTION:
.			535	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020200 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 19:47:51 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

129.107.149.49.in-addr.arpa domain name pointer dsl.49.149.107.129.pldt.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
129.107.149.49.in-addr.arpa	name = dsl.49.149.107.129.pldt.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
124.115.173.253	attack	Invalid user carlos from 124.115.173.253 port 11706	2020-03-09 15:28:10
185.211.245.198	attackbotsspam	Mar 9 07:44:28 mail.srvfarm.net postfix/smtpd[3911625]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Mar 9 07:44:28 mail.srvfarm.net postfix/smtpd[3907941]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Mar 9 07:44:28 mail.srvfarm.net postfix/smtpd[3906416]: warning: unknown[185.211.245.198]: SASL PLAIN authentication failed: Mar 9 07:44:28 mail.srvfarm.net postfix/smtpd[3906416]: lost connection after AUTH from unknown[185.211.245.198] Mar 9 07:44:28 mail.srvfarm.net postfix/smtpd[3907941]: lost connection after AUTH from unknown[185.211.245.198]	2020-03-09 15:00:28
218.92.0.171	attackspam	2020-03-09T06:42:04.909201dmca.cloudsearch.cf sshd[634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2020-03-09T06:42:06.992013dmca.cloudsearch.cf sshd[634]: Failed password for root from 218.92.0.171 port 58767 ssh2 2020-03-09T06:42:09.868597dmca.cloudsearch.cf sshd[634]: Failed password for root from 218.92.0.171 port 58767 ssh2 2020-03-09T06:42:04.909201dmca.cloudsearch.cf sshd[634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2020-03-09T06:42:06.992013dmca.cloudsearch.cf sshd[634]: Failed password for root from 218.92.0.171 port 58767 ssh2 2020-03-09T06:42:09.868597dmca.cloudsearch.cf sshd[634]: Failed password for root from 218.92.0.171 port 58767 ssh2 2020-03-09T06:42:04.909201dmca.cloudsearch.cf sshd[634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2020-03-09T06:42:06.992013dmc ...	2020-03-09 14:52:46
154.8.209.64	attackbots	Mar 9 08:01:33 h1745522 sshd[23847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.209.64 user=root Mar 9 08:01:35 h1745522 sshd[23847]: Failed password for root from 154.8.209.64 port 36854 ssh2 Mar 9 08:04:27 h1745522 sshd[23916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.209.64 user=root Mar 9 08:04:30 h1745522 sshd[23916]: Failed password for root from 154.8.209.64 port 40662 ssh2 Mar 9 08:07:25 h1745522 sshd[24038]: Invalid user air from 154.8.209.64 port 44488 Mar 9 08:07:25 h1745522 sshd[24038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.209.64 Mar 9 08:07:25 h1745522 sshd[24038]: Invalid user air from 154.8.209.64 port 44488 Mar 9 08:07:27 h1745522 sshd[24038]: Failed password for invalid user air from 154.8.209.64 port 44488 ssh2 Mar 9 08:10:23 h1745522 sshd[24210]: pam_unix(sshd:auth): authentication failure; logname ...	2020-03-09 15:11:08
180.124.79.252	attack	Email rejected due to spam filtering	2020-03-09 15:12:39
183.166.82.100	attackspam	Mar 9 04:31:05 mail.srvfarm.net postfix/submission/smtpd[3829920]: lost connection after CONNECT from unknown[183.166.82.100] Mar 9 04:31:08 mail.srvfarm.net postfix/submission/smtpd[3830426]: warning: unknown[183.166.82.100]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 9 04:31:08 mail.srvfarm.net postfix/submission/smtpd[3830426]: lost connection after AUTH from unknown[183.166.82.100] Mar 9 04:31:18 mail.srvfarm.net postfix/submission/smtpd[3829920]: warning: unknown[183.166.82.100]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 9 04:31:18 mail.srvfarm.net postfix/submission/smtpd[3829920]: lost connection after AUTH from unknown[183.166.82.100]	2020-03-09 15:00:55
187.225.194.180	attackspambots	Mar 9 05:17:00 vmd17057 sshd[23169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.225.194.180 Mar 9 05:17:02 vmd17057 sshd[23169]: Failed password for invalid user java from 187.225.194.180 port 37987 ssh2 ...	2020-03-09 14:50:52
222.186.190.2	attack	Mar 9 12:48:37 areeb-Workstation sshd[23724]: Failed password for root from 222.186.190.2 port 5428 ssh2 Mar 9 12:48:40 areeb-Workstation sshd[23724]: Failed password for root from 222.186.190.2 port 5428 ssh2 ...	2020-03-09 15:20:38
123.16.249.28	attackspambots	Email rejected due to spam filtering	2020-03-09 14:43:53
185.36.81.57	attack	Mar 9 07:30:01 mail postfix/smtpd\[19573\]: warning: unknown\[185.36.81.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 9 07:36:08 mail postfix/smtpd\[19565\]: warning: unknown\[185.36.81.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 9 08:09:05 mail postfix/smtpd\[20306\]: warning: unknown\[185.36.81.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 9 08:15:49 mail postfix/smtpd\[20410\]: warning: unknown\[185.36.81.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-03-09 15:16:20
185.177.104.132	attack	Email rejected due to spam filtering	2020-03-09 14:47:08
49.233.152.22	attackbotsspam	Port scan detected on ports: 1433[TCP], 1433[TCP], 65529[TCP]	2020-03-09 14:52:12
63.82.48.158	attack	Mar 9 04:27:33 web01 postfix/smtpd[11537]: connect from warehouse.vidyad.com[63.82.48.158] Mar 9 04:27:34 web01 policyd-spf[12324]: None; identhostnamey=helo; client-ip=63.82.48.158; helo=warehouse.ofertasvalidas.co; envelope-from=x@x Mar 9 04:27:34 web01 policyd-spf[12324]: Pass; identhostnamey=mailfrom; client-ip=63.82.48.158; helo=warehouse.ofertasvalidas.co; envelope-from=x@x Mar x@x Mar 9 04:27:34 web01 postfix/smtpd[11537]: disconnect from warehouse.vidyad.com[63.82.48.158] Mar 9 04:31:01 web01 postfix/smtpd[12378]: connect from warehouse.vidyad.com[63.82.48.158] Mar 9 04:31:01 web01 policyd-spf[12382]: None; identhostnamey=helo; client-ip=63.82.48.158; helo=warehouse.ofertasvalidas.co; envelope-from=x@x Mar 9 04:31:01 web01 policyd-spf[12382]: Pass; identhostnamey=mailfrom; client-ip=63.82.48.158; helo=warehouse.ofertasvalidas.co; envelope-from=x@x Mar x@x Mar 9 04:31:02 web01 postfix/smtpd[12378]: disconnect from warehouse.vidyad.com[63.82.48.158] Mar 9........ -------------------------------	2020-03-09 15:05:59
49.233.136.245	attackbotsspam	Mar 9 07:10:09 h2779839 sshd[28203]: Invalid user hfbx from 49.233.136.245 port 60800 Mar 9 07:10:09 h2779839 sshd[28203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.136.245 Mar 9 07:10:09 h2779839 sshd[28203]: Invalid user hfbx from 49.233.136.245 port 60800 Mar 9 07:10:11 h2779839 sshd[28203]: Failed password for invalid user hfbx from 49.233.136.245 port 60800 ssh2 Mar 9 07:12:33 h2779839 sshd[28222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.136.245 user=daemon Mar 9 07:12:35 h2779839 sshd[28222]: Failed password for daemon from 49.233.136.245 port 58466 ssh2 Mar 9 07:14:52 h2779839 sshd[28251]: Invalid user admin from 49.233.136.245 port 56128 Mar 9 07:14:52 h2779839 sshd[28251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.136.245 Mar 9 07:14:52 h2779839 sshd[28251]: Invalid user admin from 49.233.136.245 port 56128 M ...	2020-03-09 15:22:27
211.106.110.49	attack	fail2ban	2020-03-09 15:11:57

最近上报的IP列表

156.236.119.225	110.93.91.175	93.99.154.134	138.197.65.235
122.225.107.15	94.220.232.62	37.24.174.77	183.45.118.21
51.47.179.204	83.31.4.161	73.34.181.92	191.54.60.94
207.235.27.4	142.248.5.170	172.172.30.150	189.96.94.185
132.60.48.82	171.109.117.67	141.8.97.161	176.44.109.146