119.2.48.42 - IPInfo

Basic Info

City: Denpasar

Region: Bali

Country: Indonesia

Internet Service Provider: PT Media Sarana Data

Hostname: unknown

Organization: PT Media Sarana Data

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Brute force attempt	2019-10-13 15:58:12
attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 02:34:37

Comments on same subnet:

IP	Type	Details	Datetime
119.2.48.224	attack	Unauthorized connection attempt from IP address 119.2.48.224 on Port 445(SMB)	2019-08-03 02:43:52

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.2.48.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57721
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.2.48.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 02 19:49:50 +08 2019
;; MSG SIZE  rcvd: 115

Host info

42.48.2.119.in-addr.arpa domain name pointer ipv4-42-48-2.as55666.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
42.48.2.119.in-addr.arpa	name = ipv4-42-48-2.as55666.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.204.153.151	attackbotsspam	20 attempts against mh-ssh on river	2020-07-04 01:56:01
93.87.73.118	attack	Jun 30 00:32:54 ahost sshd[26353]: Invalid user nj from 93.87.73.118 Jun 30 00:32:54 ahost sshd[26353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.87.73.118 Jun 30 00:32:56 ahost sshd[26353]: Failed password for invalid user nj from 93.87.73.118 port 58890 ssh2 Jun 30 00:32:56 ahost sshd[26353]: Received disconnect from 93.87.73.118: 11: Bye Bye [preauth] Jun 30 00:35:05 ahost sshd[26407]: Invalid user admin from 93.87.73.118 Jun 30 00:35:05 ahost sshd[26407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.87.73.118 Jun 30 00:35:07 ahost sshd[26407]: Failed password for invalid user admin from 93.87.73.118 port 41078 ssh2 Jun 30 00:50:41 ahost sshd[27652]: Invalid user wordpress from 93.87.73.118 Jun 30 00:50:41 ahost sshd[27652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.87.73.118 Jun 30 00:50:43 ahost sshd[27652]: Failed passwo........ ------------------------------	2020-07-04 02:14:35
60.6.57.239	attackspam	Jul 1 00:06:01 extapp sshd[21931]: Invalid user umar from 60.6.57.239 Jul 1 00:06:03 extapp sshd[21931]: Failed password for invalid user umar from 60.6.57.239 port 38688 ssh2 Jul 1 00:08:44 extapp sshd[23998]: Invalid user thiago from 60.6.57.239 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=60.6.57.239	2020-07-04 02:25:14
195.209.48.1	attack	2020-07-0303:46:131jrAmK-0005s1-Oh\<=info@whatsup2013.chH=\(localhost\)[222.175.5.114]:40353P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4984id=2e24e8b8b3984dbe9d6395c6cd19208caf4db27116@whatsup2013.chT="Meetupwithrealladiesforsexnow"forervin.v0211@gmail.comluis76051@gmail.comomgspongebob1@gmail.com2020-07-0303:46:371jrAmi-0005uI-Ps\<=info@whatsup2013.chH=\(localhost\)[195.209.48.1]:56392P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4937id=a55cf2a1aa8154587f3a8cdf2bec666a51a2245a@whatsup2013.chT="Screwahoenearyou"foryjoshua500@gmail.compleitezmike83@yahoo.comharveyben1947@gmail.com2020-07-0303:45:461jrAlu-0005ob-6r\<=info@whatsup2013.chH=224.sub-166-149-245.myvzw.com\(localhost\)[166.149.245.224]:31800P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4962id=a852e4b7bc97bdb5292c9a36d1a58f9b237fc2@whatsup2013.chT="Signuprightnowtodiscoverbeavertonite"forscrivenswaste@bellsout	2020-07-04 02:05:54
161.35.224.10	attackspambots	Jul 3 17:32:35 rush sshd[18579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.224.10 Jul 3 17:32:38 rush sshd[18579]: Failed password for invalid user ric from 161.35.224.10 port 62686 ssh2 Jul 3 17:35:57 rush sshd[18780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.224.10 ...	2020-07-04 02:18:04
180.242.182.166	attackbotsspam	1593740726 - 07/03/2020 03:45:26 Host: 180.242.182.166/180.242.182.166 Port: 445 TCP Blocked	2020-07-04 02:24:53
113.167.236.223	attackbots	1593740715 - 07/03/2020 03:45:15 Host: 113.167.236.223/113.167.236.223 Port: 445 TCP Blocked	2020-07-04 02:27:15
193.228.91.105	attackspam	Unauthorized connection attempt detected from IP address 193.228.91.105 to port 22 [T]	2020-07-04 02:00:45
113.173.177.82	attackspam	2020-07-0303:44:511jrAl1-0005jO-5K\<=info@whatsup2013.chH=\(localhost\)[113.173.177.82]:60544P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4975id=866fe1020922f70427d92f7c77a39a3615f7232471@whatsup2013.chT="Signuptodaytofindmeattonite"forben67000@outlook.comnickwright5@yahoo.comreesex12345@gmail.com2020-07-0303:45:291jrAlc-0005mi-CM\<=info@whatsup2013.chH=\(localhost\)[113.172.26.16]:49058P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4955id=2e35172b200bde2d0ef006555e8ab31f3cde10aa1b@whatsup2013.chT="Layarealwhoreinyourneighborhood"forrodriguezarilescliton@gmail.comdave1985.420@gmail.commbuzo76@gmail.com2020-07-0303:44:561jrAl5-0005k4-NC\<=info@whatsup2013.chH=\(localhost\)[185.233.78.180]:54666P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4964id=08e95f0c072c060e9297218d6a1e34206eac6a@whatsup2013.chT="Matchrealfemalesforsextonite"formrglasgow52@gmail.comelmo5815@gmail.comk	2020-07-04 02:23:03
128.199.92.187	attackbots	TCP (SYN) 128.199.92.187:50903 -> port 29832, len 44	2020-07-04 02:00:16
49.232.29.120	attackspambots	2020-07-02T01:25:36.990808hostname sshd[79765]: Failed password for root from 49.232.29.120 port 51048 ssh2 ...	2020-07-04 02:18:45
185.233.78.180	attack	2020-07-0303:44:511jrAl1-0005jO-5K\<=info@whatsup2013.chH=\(localhost\)[113.173.177.82]:60544P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4975id=866fe1020922f70427d92f7c77a39a3615f7232471@whatsup2013.chT="Signuptodaytofindmeattonite"forben67000@outlook.comnickwright5@yahoo.comreesex12345@gmail.com2020-07-0303:45:291jrAlc-0005mi-CM\<=info@whatsup2013.chH=\(localhost\)[113.172.26.16]:49058P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4955id=2e35172b200bde2d0ef006555e8ab31f3cde10aa1b@whatsup2013.chT="Layarealwhoreinyourneighborhood"forrodriguezarilescliton@gmail.comdave1985.420@gmail.commbuzo76@gmail.com2020-07-0303:44:561jrAl5-0005k4-NC\<=info@whatsup2013.chH=\(localhost\)[185.233.78.180]:54666P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=4964id=08e95f0c072c060e9297218d6a1e34206eac6a@whatsup2013.chT="Matchrealfemalesforsextonite"formrglasgow52@gmail.comelmo5815@gmail.comk	2020-07-04 02:21:40
190.104.26.202	attack	1593740811 - 07/03/2020 03:46:51 Host: 190.104.26.202/190.104.26.202 Port: 445 TCP Blocked	2020-07-04 02:14:22
5.135.94.191	attack	2020-07-01 18:25:28 server sshd[70664]: Failed password for invalid user sato from 5.135.94.191 port 35954 ssh2	2020-07-04 02:23:43
106.54.48.208	attackbots	Jun 30 00:52:29 ns sshd[13447]: Connection from 106.54.48.208 port 57708 on 134.119.39.98 port 22 Jun 30 00:52:32 ns sshd[13447]: Invalid user test123 from 106.54.48.208 port 57708 Jun 30 00:52:32 ns sshd[13447]: Failed password for invalid user test123 from 106.54.48.208 port 57708 ssh2 Jun 30 00:52:32 ns sshd[13447]: Received disconnect from 106.54.48.208 port 57708:11: Bye Bye [preauth] Jun 30 00:52:32 ns sshd[13447]: Disconnected from 106.54.48.208 port 57708 [preauth] Jun 30 00:58:09 ns sshd[18151]: Connection from 106.54.48.208 port 56746 on 134.119.39.98 port 22 Jun 30 00:58:12 ns sshd[18151]: Invalid user admin from 106.54.48.208 port 56746 Jun 30 00:58:12 ns sshd[18151]: Failed password for invalid user admin from 106.54.48.208 port 56746 ssh2 Jun 30 00:58:12 ns sshd[18151]: Received disconnect from 106.54.48.208 port 56746:11: Bye Bye [preauth] Jun 30 00:58:12 ns sshd[18151]: Disconnected from 106.54.48.208 port 56746 [preauth] Jun 30 01:01:38 ns sshd[24216]: ........ -------------------------------	2020-07-04 02:07:32

Recently Reported IPs

201.1.136.142	74.29.49.135	198.101.238.71	97.138.82.209
46.60.248.72	102.165.53.51	196.135.159.219	85.143.156.121
187.137.106.27	14.161.47.128	14.28.131.20	205.235.205.68
188.131.245.112	88.189.12.125	167.99.4.97	101.78.181.231
209.82.216.12	177.19.181.169	193.225.27.63	55.244.237.28