119.42.75.240 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH Brute-Force reported by Fail2Ban	2019-10-27 19:44:21

Comments on same subnet:

IP	Type	Details	Datetime
119.42.75.140	attack	Unauthorized connection attempt from IP address 119.42.75.140 on Port 445(SMB)	2019-07-09 12:12:40
119.42.75.52	attackspam	Unauthorized connection attempt from IP address 119.42.75.52 on Port 445(SMB)	2019-06-28 21:24:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.75.240
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25586
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.75.240.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 19:44:16 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 240.75.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 240.75.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.45.164.2	attackspambots	Dec 23 05:51:30 auw2 sshd\[20994\]: Invalid user dibler from 173.45.164.2 Dec 23 05:51:30 auw2 sshd\[20994\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=br1.atl5-vlan34.as22384.net Dec 23 05:51:32 auw2 sshd\[20994\]: Failed password for invalid user dibler from 173.45.164.2 port 37586 ssh2 Dec 23 05:56:49 auw2 sshd\[21491\]: Invalid user minah from 173.45.164.2 Dec 23 05:56:49 auw2 sshd\[21491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=br1.atl5-vlan34.as22384.net	2019-12-24 04:50:40
129.204.150.180	attack	Aug 2 21:48:35 yesfletchmain sshd\[6754\]: User root from 129.204.150.180 not allowed because not listed in AllowUsers Aug 2 21:48:36 yesfletchmain sshd\[6754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.150.180 user=root Aug 2 21:48:37 yesfletchmain sshd\[6754\]: Failed password for invalid user root from 129.204.150.180 port 40516 ssh2 Aug 2 21:58:11 yesfletchmain sshd\[6944\]: Invalid user test from 129.204.150.180 port 43214 Aug 2 21:58:11 yesfletchmain sshd\[6944\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.150.180 ...	2019-12-24 04:27:51
183.83.135.98	attack	Unauthorized connection attempt from IP address 183.83.135.98 on Port 445(SMB)	2019-12-24 04:22:54
222.186.175.181	attackbotsspam	2019-12-23T21:35:49.0246821240 sshd\[12830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.181 user=root 2019-12-23T21:35:51.0986421240 sshd\[12830\]: Failed password for root from 222.186.175.181 port 33283 ssh2 2019-12-23T21:35:54.1344291240 sshd\[12830\]: Failed password for root from 222.186.175.181 port 33283 ssh2 ...	2019-12-24 04:38:50
61.19.108.118	attack	445/tcp 1433/tcp... [2019-11-04/12-22]16pkt,2pt.(tcp)	2019-12-24 04:28:47
51.77.140.36	attackbots	Dec 23 10:55:47 ny01 sshd[26744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36 Dec 23 10:55:49 ny01 sshd[26744]: Failed password for invalid user callyann from 51.77.140.36 port 46648 ssh2 Dec 23 11:00:50 ny01 sshd[27440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.36	2019-12-24 04:22:05
36.103.243.247	attack	Oct 22 14:52:02 vtv3 sshd[20095]: Invalid user godbole from 36.103.243.247 port 47393 Oct 22 14:52:02 vtv3 sshd[20095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.243.247 Oct 22 14:52:05 vtv3 sshd[20095]: Failed password for invalid user godbole from 36.103.243.247 port 47393 ssh2 Oct 22 15:03:43 vtv3 sshd[26400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.243.247 user=root Oct 22 15:03:45 vtv3 sshd[26400]: Failed password for root from 36.103.243.247 port 59311 ssh2 Oct 22 15:09:31 vtv3 sshd[29608]: Invalid user mmm from 36.103.243.247 port 50903 Oct 22 15:09:31 vtv3 sshd[29608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.243.247 Oct 22 15:09:32 vtv3 sshd[29608]: Failed password for invalid user mmm from 36.103.243.247 port 50903 ssh2 Dec 23 14:45:36 vtv3 sshd[10698]: Failed password for root from 36.103.243.247 port 43435 ssh2 Dec 23 14:50:52 vtv3 sshd[	2019-12-24 04:55:01
83.87.13.64	attackspambots	SSH Brute Force, server-1 sshd[14612]: Failed password for invalid user user from 83.87.13.64 port 39756 ssh2	2019-12-24 04:37:38
82.119.121.58	attackspam	$f2bV_matches	2019-12-24 04:36:02
139.138.132.244	attackbots	1433/tcp 445/tcp... [2019-10-27/12-23]14pkt,2pt.(tcp)	2019-12-24 04:49:23
129.204.194.249	attack	Sep 19 02:27:16 yesfletchmain sshd\[19242\]: User root from 129.204.194.249 not allowed because not listed in AllowUsers Sep 19 02:27:16 yesfletchmain sshd\[19242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.194.249 user=root Sep 19 02:27:18 yesfletchmain sshd\[19242\]: Failed password for invalid user root from 129.204.194.249 port 49440 ssh2 Sep 19 02:32:49 yesfletchmain sshd\[19553\]: Invalid user lie from 129.204.194.249 port 35894 Sep 19 02:32:49 yesfletchmain sshd\[19553\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.194.249 ...	2019-12-24 04:20:23
159.203.201.211	attack	firewall-block, port(s): 36118/tcp	2019-12-24 04:34:49
218.92.0.171	attackbotsspam	Dec 23 21:16:53 vps691689 sshd[807]: Failed password for root from 218.92.0.171 port 5679 ssh2 Dec 23 21:17:03 vps691689 sshd[807]: Failed password for root from 218.92.0.171 port 5679 ssh2 Dec 23 21:17:06 vps691689 sshd[807]: Failed password for root from 218.92.0.171 port 5679 ssh2 Dec 23 21:17:06 vps691689 sshd[807]: error: maximum authentication attempts exceeded for root from 218.92.0.171 port 5679 ssh2 [preauth] ...	2019-12-24 04:26:45
192.3.177.213	attackspambots	Dec 23 05:50:50 sachi sshd\[2059\]: Invalid user johandar from 192.3.177.213 Dec 23 05:50:50 sachi sshd\[2059\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.177.213 Dec 23 05:50:52 sachi sshd\[2059\]: Failed password for invalid user johandar from 192.3.177.213 port 48024 ssh2 Dec 23 05:56:06 sachi sshd\[2515\]: Invalid user edmxtest from 192.3.177.213 Dec 23 05:56:06 sachi sshd\[2515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.177.213	2019-12-24 04:45:42
58.248.232.35	attackbots	ssh failed login	2019-12-24 04:52:48

Recently Reported IPs

78.188.168.199	114.250.139.124	173.212.216.103	62.125.213.236
109.126.4.89	114.225.220.117	60.183.74.37	200.161.173.52
23.247.98.142	194.13.246.221	114.227.145.235	67.63.163.1
195.125.231.52	76.2.71.142	33.6.157.238	201.18.141.156
226.220.44.237	95.94.153.145	187.162.46.154	66.139.249.22