119.42.114.96 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 119.42.114.96 on Port 445(SMB)	2020-08-11 03:06:39

Comments on same subnet:

IP	Type	Details	Datetime
119.42.114.42	attack	Unauthorized connection attempt from IP address 119.42.114.42 on Port 445(SMB)	2020-04-23 22:50:55
119.42.114.249	attack	firewall-block, port(s): 23/tcp	2020-03-11 20:22:20
119.42.114.36	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-09 19:41:53
119.42.114.58	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 15:35:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.114.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11980
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.114.96.			IN	A

;; AUTHORITY SECTION:
.			174	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081001 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 11 03:06:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 96.114.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 96.114.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.133.105.65	attack	$f2bV_matches	2020-08-06 02:07:48
151.26.99.104	attack	TCP (SYN) 151.26.99.104:60501 -> port 23, len 44	2020-08-06 02:19:15
36.85.204.173	attack	1596629656 - 08/05/2020 14:14:16 Host: 36.85.204.173/36.85.204.173 Port: 445 TCP Blocked	2020-08-06 02:02:16
62.151.177.85	attackbotsspam	(sshd) Failed SSH login from 62.151.177.85 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 5 19:36:22 srv sshd[1007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.151.177.85 user=root Aug 5 19:36:24 srv sshd[1007]: Failed password for root from 62.151.177.85 port 56614 ssh2 Aug 5 19:40:41 srv sshd[1078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.151.177.85 user=root Aug 5 19:40:43 srv sshd[1078]: Failed password for root from 62.151.177.85 port 34916 ssh2 Aug 5 19:43:13 srv sshd[1111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.151.177.85 user=root	2020-08-06 02:07:32
49.88.112.113	attackbotsspam	Aug 5 03:24:05 php1 sshd\[5765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Aug 5 03:24:08 php1 sshd\[5765\]: Failed password for root from 49.88.112.113 port 31482 ssh2 Aug 5 03:24:10 php1 sshd\[5765\]: Failed password for root from 49.88.112.113 port 31482 ssh2 Aug 5 03:24:12 php1 sshd\[5765\]: Failed password for root from 49.88.112.113 port 31482 ssh2 Aug 5 03:25:07 php1 sshd\[5844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root	2020-08-06 02:05:00
177.155.248.159	attackbotsspam	Aug 05 10:37:10 askasleikir sshd[108662]: Failed password for root from 177.155.248.159 port 60668 ssh2	2020-08-06 02:03:48
114.67.102.123	attack	SSH invalid-user multiple login attempts	2020-08-06 01:55:57
77.98.179.228	attack	77.98.179.228 - - [05/Aug/2020:14:30:27 +0100] "POST /wp-login.php HTTP/1.1" 403 6364 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 77.98.179.228 - - [05/Aug/2020:14:40:31 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 77.98.179.228 - - [05/Aug/2020:14:40:32 +0100] "POST /wp-login.php HTTP/1.1" 403 6364 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-08-06 02:04:10
189.80.37.70	attackspambots	Lines containing failures of 189.80.37.70 Aug 4 14:29:19 jarvis sshd[16387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.80.37.70 user=r.r Aug 4 14:29:22 jarvis sshd[16387]: Failed password for r.r from 189.80.37.70 port 40706 ssh2 Aug 4 14:29:23 jarvis sshd[16387]: Received disconnect from 189.80.37.70 port 40706:11: Bye Bye [preauth] Aug 4 14:29:23 jarvis sshd[16387]: Disconnected from authenticating user r.r 189.80.37.70 port 40706 [preauth] Aug 4 14:42:15 jarvis sshd[17317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.80.37.70 user=r.r Aug 4 14:42:17 jarvis sshd[17317]: Failed password for r.r from 189.80.37.70 port 50044 ssh2 Aug 4 14:42:18 jarvis sshd[17317]: Received disconnect from 189.80.37.70 port 50044:11: Bye Bye [preauth] Aug 4 14:42:18 jarvis sshd[17317]: Disconnected from authenticating user r.r 189.80.37.70 port 50044 [preauth] Aug 4 14:46:38 jarvis ........ ------------------------------	2020-08-06 01:54:25
106.54.98.89	attackspam	Unauthorized SSH login attempts	2020-08-06 02:06:41
193.112.139.159	attack	Aug 5 22:58:49 gw1 sshd[25676]: Failed password for root from 193.112.139.159 port 42370 ssh2 ...	2020-08-06 02:13:23
67.213.88.27	attackspambots	TCP (SYN) 67.213.88.27:40801 -> port 623, len 44	2020-08-06 02:24:06
209.85.167.65	normal	sending fraudulent emails: Hallo, ich bin Omar Ali, ich bin Banker hier in Dubai. Ich habe Sie bezüglich eines Kontos eines Staatsbürgers Ihres Landes kontaktiert. Dieser Mann starb vor 12 Jahren und erwähnte niemanden, der sein bei unserer Bank hinterlegtes Geld geerbt hatte. Die Bank erlaubte mir, den nächsten Verwandten mit einem verstorbenen Kunden zu finden, aber ich fand ihn nicht. Dieses Konto wird beschlagnahmt, wenn niemand erklärt, dass das Bankkonto der nächste Angehörige ist. Ich habe mich daher entschlossen, Sie zum gegenseitigen Nutzen zu kontaktieren. Ich warte auf Ihre Antwort für weitere Details. Respektvoll, Omar Ali	2020-08-06 02:29:05
213.32.70.208	attack	SSH auth scanning - multiple failed logins	2020-08-06 02:25:29
69.10.39.228	attackbots	Received obvious spam mail with links to malicious servers.	2020-08-06 02:02:58

Recently Reported IPs

107.175.64.15	87.123.224.200	200.233.206.214	88.230.46.243
31.173.120.227	195.222.46.20	1.171.129.121	52.243.94.224
122.118.3.119	220.124.95.72	88.20.47.119	230.1.58.58
14.177.78.45	138.185.36.35	192.210.132.152	107.175.240.151
2.185.124.239	186.89.83.34	36.18.117.156	118.251.89.219