119.2.48.42 - IPInfo

Basic Info

City: Denpasar

Region: Bali

Country: Indonesia

Internet Service Provider: PT Media Sarana Data

Hostname: unknown

Organization: PT Media Sarana Data

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Brute force attempt	2019-10-13 15:58:12
attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 02:34:37

Comments on same subnet:

IP	Type	Details	Datetime
119.2.48.224	attack	Unauthorized connection attempt from IP address 119.2.48.224 on Port 445(SMB)	2019-08-03 02:43:52

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.2.48.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57721
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.2.48.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 19:49:50 +08 2019
;; MSG SIZE  rcvd: 115

Host info

42.48.2.119.in-addr.arpa domain name pointer ipv4-42-48-2.as55666.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
42.48.2.119.in-addr.arpa	name = ipv4-42-48-2.as55666.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.52.212.117	attackspam	Jun 3 06:08:12 server1 sshd\[10593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 3 06:08:14 server1 sshd\[10593\]: Failed password for root from 106.52.212.117 port 38604 ssh2 Jun 3 06:11:38 server1 sshd\[11516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root Jun 3 06:11:40 server1 sshd\[11516\]: Failed password for root from 106.52.212.117 port 49026 ssh2 Jun 3 06:15:10 server1 sshd\[12465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.212.117 user=root ...	2020-06-03 20:25:37
95.111.240.169	attackspambots	2020-06-03T14:57:12.444426ollin.zadara.org sshd[21713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.111.240.169 user=root 2020-06-03T14:57:14.106790ollin.zadara.org sshd[21713]: Failed password for root from 95.111.240.169 port 33138 ssh2 ...	2020-06-03 20:36:22
45.226.50.245	attack	BR_EMPRESA DE SERVICOS ADM. DE ITUBERA LTD_<177>1591189256 [1:2403354:57740] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 28 [Classification: Misc Attack] [Priority: 2]: {TCP} 45.226.50.245:16409	2020-06-03 21:02:30
111.67.197.173	attack	2020-06-03T12:22:02.956651shield sshd\[5769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.197.173 user=root 2020-06-03T12:22:04.501927shield sshd\[5769\]: Failed password for root from 111.67.197.173 port 33424 ssh2 2020-06-03T12:23:16.018120shield sshd\[6001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.197.173 user=root 2020-06-03T12:23:17.720204shield sshd\[6001\]: Failed password for root from 111.67.197.173 port 45988 ssh2 2020-06-03T12:24:32.373439shield sshd\[6149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.197.173 user=root	2020-06-03 20:27:29
49.235.193.207	attackbotsspam	Jun 3 13:51:56 prod4 sshd\[586\]: Failed password for root from 49.235.193.207 port 55160 ssh2 Jun 3 13:55:59 prod4 sshd\[2115\]: Failed password for root from 49.235.193.207 port 39764 ssh2 Jun 3 13:57:18 prod4 sshd\[2592\]: Failed password for root from 49.235.193.207 port 53496 ssh2 ...	2020-06-03 20:33:42
176.10.144.25	attackbotsspam	Unauthorized connection attempt detected from IP address 176.10.144.25 to port 23	2020-06-03 20:22:15
222.186.15.18	attack	Jun 3 08:08:04 ny01 sshd[31541]: Failed password for root from 222.186.15.18 port 57754 ssh2 Jun 3 08:08:06 ny01 sshd[31541]: Failed password for root from 222.186.15.18 port 57754 ssh2 Jun 3 08:08:08 ny01 sshd[31541]: Failed password for root from 222.186.15.18 port 57754 ssh2	2020-06-03 20:24:08
161.35.61.129	attackspam	" "	2020-06-03 20:50:25
82.100.239.100	attackbots	Brute forcing RDP port 3389	2020-06-03 20:38:47
203.230.6.175	attackbotsspam	no	2020-06-03 20:35:21
222.186.30.218	attackspambots	Jun 3 14:46:33 legacy sshd[13512]: Failed password for root from 222.186.30.218 port 34552 ssh2 Jun 3 14:46:36 legacy sshd[13512]: Failed password for root from 222.186.30.218 port 34552 ssh2 Jun 3 14:46:38 legacy sshd[13512]: Failed password for root from 222.186.30.218 port 34552 ssh2 ...	2020-06-03 20:46:50
202.175.250.218	attackbotsspam	Jun 3 14:26:52 vps647732 sshd[2118]: Failed password for root from 202.175.250.218 port 42392 ssh2 ...	2020-06-03 20:40:20
222.186.175.163	attackspambots	Jun 3 22:27:25 web1 sshd[17983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Jun 3 22:27:26 web1 sshd[17983]: Failed password for root from 222.186.175.163 port 23284 ssh2 Jun 3 22:27:25 web1 sshd[17980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Jun 3 22:27:26 web1 sshd[17980]: Failed password for root from 222.186.175.163 port 28628 ssh2 Jun 3 22:27:25 web1 sshd[17983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Jun 3 22:27:26 web1 sshd[17983]: Failed password for root from 222.186.175.163 port 23284 ssh2 Jun 3 22:27:30 web1 sshd[17983]: Failed password for root from 222.186.175.163 port 23284 ssh2 Jun 3 22:27:25 web1 sshd[17983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Jun 3 22:27:26 web1 ...	2020-06-03 20:29:53
46.38.145.253	attack	Jun 3 14:28:57 srv01 postfix/smtpd\[6139\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 3 14:29:16 srv01 postfix/smtpd\[6139\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 3 14:29:31 srv01 postfix/smtpd\[11729\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 3 14:29:46 srv01 postfix/smtpd\[6139\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 3 14:30:32 srv01 postfix/smtpd\[11729\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-03 20:35:36
101.108.123.44	attackspambots	Automatic report - Port Scan Attack	2020-06-03 20:53:04

Recently Reported IPs

201.1.136.142	74.29.49.135	198.101.238.71	97.138.82.209
46.60.248.72	102.165.53.51	196.135.159.219	85.143.156.121
187.137.106.27	14.161.47.128	14.28.131.20	205.235.205.68
188.131.245.112	88.189.12.125	167.99.4.97	101.78.181.231
209.82.216.12	177.19.181.169	193.225.27.63	55.244.237.28