119.42.123.108

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-06-01T12:07:12.550475odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure 2020-06-01T12:07:15.617829odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure 2020-06-01T12:07:16.299207odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure ...	2020-06-01 22:52:56

Type

Details

Datetime

attack

2020-06-01T12:07:12.550475odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure
2020-06-01T12:07:15.617829odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure
2020-06-01T12:07:16.299207odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure
...

2020-06-01 22:52:56

Comments on same subnet:

IP	Type	Details	Datetime
119.42.123.186	attack	20/6/25@08:24:45: FAIL: Alarm-Network address from=119.42.123.186 20/6/25@08:24:45: FAIL: Alarm-Network address from=119.42.123.186 ...	2020-06-26 00:38:32
119.42.123.14	attack	1591501924 - 06/07/2020 05:52:04 Host: 119.42.123.14/119.42.123.14 Port: 445 TCP Blocked	2020-06-07 16:32:16
119.42.123.181	attackbotsspam	Automatic report - Port Scan Attack	2020-03-09 16:08:55
119.42.123.209	attack	1581742349 - 02/15/2020 05:52:29 Host: 119.42.123.209/119.42.123.209 Port: 445 TCP Blocked	2020-02-15 16:09:56
119.42.123.235	attack	" "	2019-12-24 23:14:26
119.42.123.123	attackbots	Unauthorized connection attempt from IP address 119.42.123.123 on Port 445(SMB)	2019-09-08 02:11:53
119.42.123.101	attack	19/8/6@07:20:42: FAIL: Alarm-Intrusion address from=119.42.123.101 ...	2019-08-06 22:46:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.123.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57326
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.123.108.			IN	A

;; AUTHORITY SECTION:
.			172	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060100 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 01 22:52:50 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 108.123.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 108.123.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.85.60.251	attackspam	Sep 24 17:27:29 mail sshd[28365]: Invalid user guest from 95.85.60.251 Sep 24 17:27:29 mail sshd[28365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 Sep 24 17:27:29 mail sshd[28365]: Invalid user guest from 95.85.60.251 Sep 24 17:27:31 mail sshd[28365]: Failed password for invalid user guest from 95.85.60.251 port 59194 ssh2 Sep 24 17:45:25 mail sshd[23447]: Invalid user damian from 95.85.60.251 ...	2019-09-25 02:40:04
24.227.36.74	attack	Sep 24 15:41:59 nextcloud sshd\[7443\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.227.36.74 user=mail Sep 24 15:42:01 nextcloud sshd\[7443\]: Failed password for mail from 24.227.36.74 port 41626 ssh2 Sep 24 15:46:26 nextcloud sshd\[14671\]: Invalid user qc from 24.227.36.74 Sep 24 15:46:26 nextcloud sshd\[14671\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.227.36.74 ...	2019-09-25 02:59:44
186.31.116.78	attack	Sep 24 18:21:06 venus sshd\[17170\]: Invalid user cuc from 186.31.116.78 port 54604 Sep 24 18:21:06 venus sshd\[17170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.31.116.78 Sep 24 18:21:08 venus sshd\[17170\]: Failed password for invalid user cuc from 186.31.116.78 port 54604 ssh2 ...	2019-09-25 02:41:09
222.186.31.136	attackspam	Sep 24 20:55:41 dcd-gentoo sshd[11702]: User root from 222.186.31.136 not allowed because none of user's groups are listed in AllowGroups Sep 24 20:55:43 dcd-gentoo sshd[11702]: error: PAM: Authentication failure for illegal user root from 222.186.31.136 Sep 24 20:55:41 dcd-gentoo sshd[11702]: User root from 222.186.31.136 not allowed because none of user's groups are listed in AllowGroups Sep 24 20:55:43 dcd-gentoo sshd[11702]: error: PAM: Authentication failure for illegal user root from 222.186.31.136 Sep 24 20:55:41 dcd-gentoo sshd[11702]: User root from 222.186.31.136 not allowed because none of user's groups are listed in AllowGroups Sep 24 20:55:43 dcd-gentoo sshd[11702]: error: PAM: Authentication failure for illegal user root from 222.186.31.136 Sep 24 20:55:43 dcd-gentoo sshd[11702]: Failed keyboard-interactive/pam for invalid user root from 222.186.31.136 port 26950 ssh2 ...	2019-09-25 02:57:16
106.53.88.247	attackbotsspam	Sep 24 17:47:50 nextcloud sshd\[16245\]: Invalid user subway from 106.53.88.247 Sep 24 17:47:50 nextcloud sshd\[16245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.88.247 Sep 24 17:47:52 nextcloud sshd\[16245\]: Failed password for invalid user subway from 106.53.88.247 port 42414 ssh2 ...	2019-09-25 02:33:39
125.67.237.251	attackspambots	Sep 24 14:39:21 anodpoucpklekan sshd[6856]: Invalid user backup1 from 125.67.237.251 port 55602 ...	2019-09-25 02:38:22
59.61.206.221	attackbotsspam	2019-09-24T15:17:21.878691abusebot-6.cloudsearch.cf sshd\[7857\]: Invalid user browser from 59.61.206.221 port 38232	2019-09-25 02:17:39
104.236.28.167	attackbots	Sep 24 06:12:52 auw2 sshd\[26740\]: Invalid user magic from 104.236.28.167 Sep 24 06:12:52 auw2 sshd\[26740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.28.167 Sep 24 06:12:54 auw2 sshd\[26740\]: Failed password for invalid user magic from 104.236.28.167 port 46190 ssh2 Sep 24 06:17:11 auw2 sshd\[27259\]: Invalid user eladio from 104.236.28.167 Sep 24 06:17:11 auw2 sshd\[27259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.28.167	2019-09-25 02:45:43
106.13.74.162	attack	Too many connections or unauthorized access detected from Arctic banned ip	2019-09-25 02:41:23
177.205.196.158	attackbotsspam	Too many connections or unauthorized access detected from Arctic banned ip	2019-09-25 02:55:43
45.136.109.228	attack	09/24/2019-11:23:36.988507 45.136.109.228 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-25 02:26:44
146.185.162.244	attackspambots	detected by Fail2Ban	2019-09-25 02:41:47
211.136.105.74	attack	Sep 24 17:14:57 heissa sshd\[14741\]: Invalid user mbari-qa from 211.136.105.74 port 35221 Sep 24 17:14:57 heissa sshd\[14741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.136.105.74 Sep 24 17:14:59 heissa sshd\[14741\]: Failed password for invalid user mbari-qa from 211.136.105.74 port 35221 ssh2 Sep 24 17:20:04 heissa sshd\[15256\]: Invalid user odroid from 211.136.105.74 port 51976 Sep 24 17:20:04 heissa sshd\[15256\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.136.105.74	2019-09-25 02:47:15
176.31.191.61	attack	Sep 22 22:41:48 tuxlinux sshd[41252]: Invalid user sergey from 176.31.191.61 port 60958 Sep 22 22:41:48 tuxlinux sshd[41252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.191.61 Sep 22 22:41:48 tuxlinux sshd[41252]: Invalid user sergey from 176.31.191.61 port 60958 Sep 22 22:41:48 tuxlinux sshd[41252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.191.61 Sep 22 22:41:48 tuxlinux sshd[41252]: Invalid user sergey from 176.31.191.61 port 60958 Sep 22 22:41:48 tuxlinux sshd[41252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.191.61 Sep 22 22:41:50 tuxlinux sshd[41252]: Failed password for invalid user sergey from 176.31.191.61 port 60958 ssh2 ...	2019-09-25 02:49:51
117.80.212.113	attackspam	Sep 24 14:36:30 legacy sshd[18477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.80.212.113 Sep 24 14:36:32 legacy sshd[18477]: Failed password for invalid user abc1234 from 117.80.212.113 port 55096 ssh2 Sep 24 14:39:35 legacy sshd[18533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.80.212.113 ...	2019-09-25 02:30:53

Recently Reported IPs

132.16.165.14	61.177.127.20	183.89.211.242	219.240.104.209
64.244.59.157	206.123.179.160	213.214.178.3	113.172.100.241
104.52.180.105	121.63.55.232	148.95.52.134	153.121.200.54
154.18.252.166	223.125.148.251	93.46.214.226	115.51.22.172
109.59.5.40	61.223.236.244	200.18.26.80	76.10.37.16