119.42.68.109 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
119.42.68.155	attackbots	Aug 26 04:52:54 shivevps sshd[3965]: Bad protocol version identification '\024' from 119.42.68.155 port 58134 Aug 26 04:53:01 shivevps sshd[4632]: Bad protocol version identification '\024' from 119.42.68.155 port 58443 Aug 26 04:54:44 shivevps sshd[7837]: Bad protocol version identification '\024' from 119.42.68.155 port 34088 ...	2020-08-26 13:15:13
119.42.68.15	attackspambots	Automatic report - Port Scan Attack	2020-03-01 00:54:15

Type

Details

Datetime

119.42.68.155

attackbots

Aug 26 04:52:54 shivevps sshd[3965]: Bad protocol version identification '\024' from 119.42.68.155 port 58134
Aug 26 04:53:01 shivevps sshd[4632]: Bad protocol version identification '\024' from 119.42.68.155 port 58443
Aug 26 04:54:44 shivevps sshd[7837]: Bad protocol version identification '\024' from 119.42.68.155 port 34088
...

2020-08-26 13:15:13

119.42.68.15

attackspambots

Automatic report - Port Scan Attack

2020-03-01 00:54:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.68.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10446
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;119.42.68.109.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030900 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 14:44:57 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 109.68.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 109.68.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
50.70.229.239	attack	Lines containing failures of 50.70.229.239 Nov 25 19:26:13 * sshd[72698]: Invalid user jacob from 50.70.229.239 port 39168 Nov 25 19:26:13 * sshd[72698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.70.229.239 Nov 25 19:26:15 * sshd[72698]: Failed password for invalid user jacob from 50.70.229.239 port 39168 ssh2 Nov 25 19:26:15 * sshd[72698]: Received disconnect from 50.70.229.239 port 39168:11: Bye Bye [preauth] Nov 25 19:26:15 * sshd[72698]: Disconnected from invalid user jacob 50.70.229.239 port 39168 [preauth] Nov 25 19:54:00 * sshd[74184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.70.229.239 user=r.r Nov 25 19:54:02 * sshd[74184]: Failed password for r.r from 50.70.229.239 port 45052 ssh2 Nov 25 19:54:03 * sshd[74184]: Received disconnect from 50.70.229.239 port 45052:11: Bye Bye [preauth] Nov 25 19:54:03 *** sshd[74184]: Disconnected from authenticating ........ ------------------------------	2019-11-26 07:06:28
85.248.42.101	attack	Nov 25 23:46:31 vmanager6029 sshd\[1689\]: Invalid user joice from 85.248.42.101 port 58813 Nov 25 23:46:31 vmanager6029 sshd\[1689\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.248.42.101 Nov 25 23:46:34 vmanager6029 sshd\[1689\]: Failed password for invalid user joice from 85.248.42.101 port 58813 ssh2	2019-11-26 07:23:50
210.12.215.225	attackbotsspam	Nov 25 16:02:31 shadeyouvpn sshd[21724]: Invalid user zenz from 210.12.215.225 Nov 25 16:02:31 shadeyouvpn sshd[21724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.215.225 Nov 25 16:02:33 shadeyouvpn sshd[21724]: Failed password for invalid user zenz from 210.12.215.225 port 47733 ssh2 Nov 25 16:02:33 shadeyouvpn sshd[21724]: Received disconnect from 210.12.215.225: 11: Bye Bye [preauth] Nov 25 16:28:54 shadeyouvpn sshd[8530]: Received disconnect from 210.12.215.225: 11: Bye Bye [preauth] Nov 25 16:32:57 shadeyouvpn sshd[11167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.215.225 user=r.r Nov 25 16:32:59 shadeyouvpn sshd[11167]: Failed password for r.r from 210.12.215.225 port 42283 ssh2 Nov 25 16:32:59 shadeyouvpn sshd[11167]: Received disconnect from 210.12.215.225: 11: Bye Bye [preauth] Nov 25 16:37:17 shadeyouvpn sshd[15418]: Invalid user carline from 210.12.215.2........ -------------------------------	2019-11-26 07:27:57
106.13.204.251	attack	Nov 25 23:37:25 roki sshd[7341]: Invalid user pcap from 106.13.204.251 Nov 25 23:37:25 roki sshd[7341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.251 Nov 25 23:37:27 roki sshd[7341]: Failed password for invalid user pcap from 106.13.204.251 port 52896 ssh2 Nov 26 00:03:06 roki sshd[9031]: Invalid user admin from 106.13.204.251 Nov 26 00:03:06 roki sshd[9031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.251 ...	2019-11-26 07:12:05
51.254.115.80	attack	51.254.115.80 was recorded 208 times by 34 hosts attempting to connect to the following ports: 2376,2375,4243,2377. Incident counter (4h, 24h, all-time): 208, 1230, 3134	2019-11-26 07:24:27
111.231.69.18	attack	Nov 25 18:06:21 www6-3 sshd[8883]: Invalid user adminweb from 111.231.69.18 port 47612 Nov 25 18:06:21 www6-3 sshd[8883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.69.18 Nov 25 18:06:23 www6-3 sshd[8883]: Failed password for invalid user adminweb from 111.231.69.18 port 47612 ssh2 Nov 25 18:06:23 www6-3 sshd[8883]: Received disconnect from 111.231.69.18 port 47612:11: Bye Bye [preauth] Nov 25 18:06:23 www6-3 sshd[8883]: Disconnected from 111.231.69.18 port 47612 [preauth] Nov 25 18:58:35 www6-3 sshd[11834]: Invalid user wcddl from 111.231.69.18 port 48094 Nov 25 18:58:35 www6-3 sshd[11834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.69.18 Nov 25 18:58:37 www6-3 sshd[11834]: Failed password for invalid user wcddl from 111.231.69.18 port 48094 ssh2 Nov 25 18:58:38 www6-3 sshd[11834]: Received disconnect from 111.231.69.18 port 48094:11: Bye Bye [preauth] Nov 25 18:58........ -------------------------------	2019-11-26 07:14:27
222.186.173.142	attackbotsspam	Nov 25 23:47:14 srv206 sshd[13957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Nov 25 23:47:15 srv206 sshd[13957]: Failed password for root from 222.186.173.142 port 18364 ssh2 ...	2019-11-26 06:52:30
138.186.251.52	attack	Nov 25 22:47:14 hermescis postfix/smtpd\[24014\]: NOQUEUE: reject: RCPT from unknown\[138.186.251.52\]: 550 5.1.1 \: Recipient address rejected:* from=\ to=\ proto=ESMTP helo=\<\[138.186.251.52\]\>	2019-11-26 06:50:28
188.32.85.234	attackspambots	Nov 26 01:46:48 server sshd\[5865\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-188-32-85-234.ip.moscow.rt.ru user=root Nov 26 01:46:50 server sshd\[5865\]: Failed password for root from 188.32.85.234 port 38622 ssh2 Nov 26 01:46:52 server sshd\[5865\]: Failed password for root from 188.32.85.234 port 38622 ssh2 Nov 26 01:46:54 server sshd\[5865\]: Failed password for root from 188.32.85.234 port 38622 ssh2 Nov 26 01:46:56 server sshd\[5865\]: Failed password for root from 188.32.85.234 port 38622 ssh2 ...	2019-11-26 07:05:15
35.187.23.223	attackspam	35.187.23.223 - - \[25/Nov/2019:23:47:14 +0100\] "GET /index.php/eiskunstlaufen-aktuell.html HTTP/1.1" 404 3233 "-" "Mozilla/5.0 $compatible\; Googlebot/2.1\; +http://www.google.com/bot.html$" ...	2019-11-26 06:54:23
27.69.242.187	attackbots	Nov 26 01:01:40 ncomp sshd[672]: Invalid user squid from 27.69.242.187 Nov 26 01:01:40 ncomp sshd[672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.69.242.187 Nov 26 01:01:40 ncomp sshd[672]: Invalid user squid from 27.69.242.187 Nov 26 01:01:42 ncomp sshd[672]: Failed password for invalid user squid from 27.69.242.187 port 59256 ssh2	2019-11-26 07:04:59
172.105.89.161	attack	172.105.89.161 was recorded 11 times by 11 hosts attempting to connect to the following ports: 55896. Incident counter (4h, 24h, all-time): 11, 84, 1915	2019-11-26 06:51:00
143.137.177.253	attackbots	port scan/probe/communication attempt; port 23	2019-11-26 06:57:12
129.204.95.39	attack	$f2bV_matches	2019-11-26 07:03:06
68.32.83.238	attackbotsspam	Nov 25 22:46:50 *** sshd[8099]: Invalid user pi from 68.32.83.238	2019-11-26 07:09:13

Recently Reported IPs

79.23.172.146	119.42.68.11	119.42.68.110	119.42.68.112
119.42.68.114	119.42.68.116	119.42.68.118	119.42.68.12
119.42.68.120	119.42.68.122	119.42.68.124	119.42.68.126
119.42.68.128	119.42.68.141	119.42.69.104	119.42.69.122
119.42.69.129	119.42.69.139	119.42.69.148	119.42.69.150