119.42.122.151

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 119.42.122.151 to port 445	2019-12-23 15:08:49

Comments on same subnet:

IP	Type	Details	Datetime
119.42.122.239	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 119.42.122.239 (TH/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:03:52 [error] 482759#0: 840352 [client 119.42.122.239] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801143266.523321"] [ref ""], client: 119.42.122.239, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27+AND+++9747+%3D+0 HTTP/1.1" [redacted]	2020-08-22 00:21:11
119.42.122.85	attackspambots	Unauthorized IMAP connection attempt	2020-06-10 19:09:26
119.42.122.196	attackbots	119.42.122.196 has been banned from MailServer for Abuse ...	2019-10-12 20:16:45
119.42.122.244	attackbots	445/tcp [2019-06-27]1pkt	2019-06-27 21:22:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.122.151
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52274
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.122.151.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122300 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 23 15:08:44 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 151.122.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 151.122.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.165.230.118	attackspam	188.165.230.118 - - [17/Aug/2020:16:13:51 +0100] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [17/Aug/2020:16:17:03 +0100] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [17/Aug/2020:16:18:42 +0100] "POST /wp-login.php HTTP/1.1" 200 6354 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-17 23:37:30
51.77.220.127	attack	51.77.220.127 - - [17/Aug/2020:18:32:16 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-08-17 23:56:59
188.131.138.175	attackspam	Aug 17 17:16:10 sshd\[27861\]: User root from 188.131.138.175 not allowed because not listed in AllowUsersAug 17 17:16:13 sshd\[27861\]: Failed password for invalid user root from 188.131.138.175 port 54650 ssh2 ...	2020-08-17 23:35:39
212.70.149.82	attack	Aug 17 17:34:50 vmanager6029 postfix/smtpd\[1082\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 17 17:35:19 vmanager6029 postfix/smtpd\[1082\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-17 23:38:43
106.12.89.173	attack	Aug 17 14:03:38 vps639187 sshd\[24404\]: Invalid user shipping from 106.12.89.173 port 53400 Aug 17 14:03:38 vps639187 sshd\[24404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.89.173 Aug 17 14:03:40 vps639187 sshd\[24404\]: Failed password for invalid user shipping from 106.12.89.173 port 53400 ssh2 ...	2020-08-17 23:54:44
213.183.101.89	attack	Aug 17 17:29:39 PorscheCustomer sshd[12239]: Failed password for root from 213.183.101.89 port 53338 ssh2 Aug 17 17:32:07 PorscheCustomer sshd[12333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.183.101.89 Aug 17 17:32:10 PorscheCustomer sshd[12333]: Failed password for invalid user lixiang from 213.183.101.89 port 35338 ssh2 ...	2020-08-17 23:39:37
198.100.146.179	attack	198.100.146.179 - - [17/Aug/2020:14:03:52 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.100.146.179 - - [17/Aug/2020:14:03:53 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.100.146.179 - - [17/Aug/2020:14:03:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-17 23:39:04
221.165.252.143	attackbots	Aug 17 08:03:44 Tower sshd[36414]: Connection from 221.165.252.143 port 37650 on 192.168.10.220 port 22 rdomain "" Aug 17 08:03:48 Tower sshd[36414]: Invalid user chef from 221.165.252.143 port 37650 Aug 17 08:03:48 Tower sshd[36414]: error: Could not get shadow information for NOUSER Aug 17 08:03:48 Tower sshd[36414]: Failed password for invalid user chef from 221.165.252.143 port 37650 ssh2 Aug 17 08:03:48 Tower sshd[36414]: Received disconnect from 221.165.252.143 port 37650:11: Bye Bye [preauth] Aug 17 08:03:48 Tower sshd[36414]: Disconnected from invalid user chef 221.165.252.143 port 37650 [preauth]	2020-08-17 23:42:22
158.69.163.156	attackbots	5 failures	2020-08-17 23:55:42
162.247.74.200	attackbotsspam	Aug 17 14:03:28 ncomp sshd[31487]: Invalid user admin from 162.247.74.200 Aug 17 14:03:28 ncomp sshd[31487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.247.74.200 Aug 17 14:03:28 ncomp sshd[31487]: Invalid user admin from 162.247.74.200 Aug 17 14:03:30 ncomp sshd[31487]: Failed password for invalid user admin from 162.247.74.200 port 46622 ssh2	2020-08-18 00:08:25
103.70.199.9	attackspam	1597665814 - 08/17/2020 14:03:34 Host: 103.70.199.9/103.70.199.9 Port: 445 TCP Blocked	2020-08-18 00:02:39
165.22.69.147	attackbotsspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-18 00:01:46
106.12.161.118	attack	Aug 17 16:05:24 nextcloud sshd\[16250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.161.118 user=backup Aug 17 16:05:26 nextcloud sshd\[16250\]: Failed password for backup from 106.12.161.118 port 34658 ssh2 Aug 17 16:09:01 nextcloud sshd\[19978\]: Invalid user confluence from 106.12.161.118 Aug 17 16:09:01 nextcloud sshd\[19978\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.161.118	2020-08-17 23:56:39
117.192.91.104	attackspam	Icarus honeypot on github	2020-08-17 23:35:04
31.209.21.17	attackspambots	Aug 17 16:07:56 electroncash sshd[61388]: Invalid user ubnt from 31.209.21.17 port 45656 Aug 17 16:07:56 electroncash sshd[61388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.209.21.17 Aug 17 16:07:56 electroncash sshd[61388]: Invalid user ubnt from 31.209.21.17 port 45656 Aug 17 16:07:58 electroncash sshd[61388]: Failed password for invalid user ubnt from 31.209.21.17 port 45656 ssh2 Aug 17 16:11:54 electroncash sshd[62443]: Invalid user jeff from 31.209.21.17 port 55802 ...	2020-08-18 00:07:24

Recently Reported IPs

41.34.184.190	1.160.177.215	41.238.136.214	41.238.178.89
156.195.254.199	160.20.111.156	156.206.243.152	62.197.10.212
93.46.16.98	41.237.222.250	156.220.118.247	197.35.222.111
14.240.21.148	156.199.244.190	228.176.222.237	45.95.33.177
202.189.235.18	230.99.144.116	41.237.129.19	3.173.231.154