119.2.48.42 - IPInfo

Basic Info

City: Denpasar

Region: Bali

Country: Indonesia

Internet Service Provider: PT Media Sarana Data

Hostname: unknown

Organization: PT Media Sarana Data

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Brute force attempt	2019-10-13 15:58:12
attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 02:34:37

Comments on same subnet:

IP	Type	Details	Datetime
119.2.48.224	attack	Unauthorized connection attempt from IP address 119.2.48.224 on Port 445(SMB)	2019-08-03 02:43:52

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.2.48.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57721
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.2.48.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 19:49:50 +08 2019
;; MSG SIZE  rcvd: 115

Host info

42.48.2.119.in-addr.arpa domain name pointer ipv4-42-48-2.as55666.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
42.48.2.119.in-addr.arpa	name = ipv4-42-48-2.as55666.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.171.165.226	attack	Automatic report - XMLRPC Attack	2020-05-01 04:23:52
103.28.161.126	attack	20/4/30@08:24:39: FAIL: Alarm-Intrusion address from=103.28.161.126 ...	2020-05-01 04:02:18
185.50.149.11	attack	'IP reached maximum auth failures for a one day block'	2020-05-01 03:59:33
45.227.253.147	attackspambots	1 attempts against mh-modsecurity-ban on milky	2020-05-01 04:26:37
37.49.227.109	attackbots	Port scan(s) denied	2020-05-01 04:19:38
192.241.133.33	attackspam	prod11 ...	2020-05-01 04:06:10
159.203.189.152	attackspam	prod3 ...	2020-05-01 03:53:53
119.27.165.49	attackbots	Apr 30 20:41:22 DAAP sshd[13948]: Invalid user honey from 119.27.165.49 port 48534 Apr 30 20:41:22 DAAP sshd[13948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.165.49 Apr 30 20:41:22 DAAP sshd[13948]: Invalid user honey from 119.27.165.49 port 48534 Apr 30 20:41:23 DAAP sshd[13948]: Failed password for invalid user honey from 119.27.165.49 port 48534 ssh2 Apr 30 20:46:29 DAAP sshd[13978]: Invalid user shark from 119.27.165.49 port 46626 ...	2020-05-01 03:51:49
103.108.87.161	attackspambots	SSH Bruteforce attack	2020-05-01 04:14:29
92.169.67.98	attack	Apr 30 19:54:05 pve1 sshd[3121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.169.67.98 Apr 30 19:54:07 pve1 sshd[3121]: Failed password for invalid user guest from 92.169.67.98 port 41298 ssh2 ...	2020-05-01 04:03:25
2.36.136.146	attack	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-05-01 03:59:14
218.92.0.138	attackbots	2020-04-30T19:44:56.415358shield sshd\[1170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root 2020-04-30T19:44:57.791375shield sshd\[1170\]: Failed password for root from 218.92.0.138 port 22124 ssh2 2020-04-30T19:45:00.821858shield sshd\[1170\]: Failed password for root from 218.92.0.138 port 22124 ssh2 2020-04-30T19:45:03.589853shield sshd\[1170\]: Failed password for root from 218.92.0.138 port 22124 ssh2 2020-04-30T19:45:07.302002shield sshd\[1170\]: Failed password for root from 218.92.0.138 port 22124 ssh2	2020-05-01 03:56:05
122.228.19.79	attackbotsspam	122.228.19.79 was recorded 21 times by 4 hosts attempting to connect to the following ports: 1200,8025,3001,28017,8060,2121,9595,5601,49152,8006,8800,990,7000,9160,6667,9200,3000,5683,31,49153. Incident counter (4h, 24h, all-time): 21, 102, 19920	2020-05-01 04:11:45
163.172.185.44	attackbotsspam	xmlrpc attack	2020-05-01 04:06:24
13.71.21.167	attackbotsspam	(sshd) Failed SSH login from 13.71.21.167 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 30 21:45:21 amsweb01 sshd[31902]: Invalid user hem from 13.71.21.167 port 44978 Apr 30 21:45:23 amsweb01 sshd[31902]: Failed password for invalid user hem from 13.71.21.167 port 44978 ssh2 Apr 30 21:59:36 amsweb01 sshd[970]: Invalid user johan from 13.71.21.167 port 45280 Apr 30 21:59:37 amsweb01 sshd[970]: Failed password for invalid user johan from 13.71.21.167 port 45280 ssh2 Apr 30 22:03:51 amsweb01 sshd[1448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.21.167 user=root	2020-05-01 04:07:45

Recently Reported IPs

201.1.136.142	74.29.49.135	198.101.238.71	97.138.82.209
46.60.248.72	102.165.53.51	196.135.159.219	85.143.156.121
187.137.106.27	14.161.47.128	14.28.131.20	205.235.205.68
188.131.245.112	88.189.12.125	167.99.4.97	101.78.181.231
209.82.216.12	177.19.181.169	193.225.27.63	55.244.237.28