119.42.90.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 119.42.90.2 on Port 445(SMB)	2020-02-13 19:16:51

Comments on same subnet:

IP	Type	Details	Datetime
119.42.90.233	attackbots	1594778676 - 07/15/2020 04:04:36 Host: 119.42.90.233/119.42.90.233 Port: 445 TCP Blocked	2020-07-15 11:08:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.90.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41515
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.90.2.			IN	A

;; AUTHORITY SECTION:
.			166	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021300 1800 900 604800 86400

;; Query time: 495 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 19:16:44 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 2.90.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.90.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
98.142.139.4	attack	Sep 12 18:58:42 mail sshd[22529]: Failed password for root from 98.142.139.4 port 54476 ssh2	2020-09-13 05:17:35
178.237.128.7	attackbotsspam	20/9/12@12:58:30: FAIL: Alarm-Network address from=178.237.128.7 ...	2020-09-13 05:27:08
61.177.172.168	attackbots	Sep 12 21:27:32 marvibiene sshd[52593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root Sep 12 21:27:35 marvibiene sshd[52593]: Failed password for root from 61.177.172.168 port 11782 ssh2 Sep 12 21:27:38 marvibiene sshd[52593]: Failed password for root from 61.177.172.168 port 11782 ssh2 Sep 12 21:27:32 marvibiene sshd[52593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root Sep 12 21:27:35 marvibiene sshd[52593]: Failed password for root from 61.177.172.168 port 11782 ssh2 Sep 12 21:27:38 marvibiene sshd[52593]: Failed password for root from 61.177.172.168 port 11782 ssh2	2020-09-13 05:32:59
200.66.82.250	attack	$f2bV_matches	2020-09-13 05:57:02
42.104.109.194	attack	Sep 12 23:38:27 rancher-0 sshd[10342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.104.109.194 user=root Sep 12 23:38:29 rancher-0 sshd[10342]: Failed password for root from 42.104.109.194 port 53816 ssh2 ...	2020-09-13 05:51:19
141.98.9.163	attackspambots	TCP (SYN) 141.98.9.163:43911 -> port 22, len 60	2020-09-13 05:44:25
111.229.142.192	attackbotsspam	Sep 12 21:38:05 ns382633 sshd\[18406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.142.192 user=root Sep 12 21:38:07 ns382633 sshd\[18406\]: Failed password for root from 111.229.142.192 port 49152 ssh2 Sep 12 21:49:43 ns382633 sshd\[20551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.142.192 user=root Sep 12 21:49:45 ns382633 sshd\[20551\]: Failed password for root from 111.229.142.192 port 40256 ssh2 Sep 12 21:53:43 ns382633 sshd\[21435\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.142.192 user=root	2020-09-13 05:19:55
111.92.52.207	attackspambots	Telnet Honeypot -> Telnet Bruteforce / Login	2020-09-13 05:56:14
206.217.128.106	attack	Unauthorized access detected from black listed ip!	2020-09-13 05:38:01
49.234.78.175	attackspambots	failed root login	2020-09-13 05:31:08
1.194.235.196	attackspam	1599929891 - 09/12/2020 18:58:11 Host: 1.194.235.196/1.194.235.196 Port: 445 TCP Blocked	2020-09-13 05:47:56
45.95.168.96	attack	2020-09-12 23:24:15 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=orders@nopcommerce.it$ 2020-09-12 23:25:23 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=orders@opso.it$ 2020-09-12 23:25:23 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=orders@nophost.com$ 2020-09-12 23:27:48 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=orders@nopcommerce.it$ 2020-09-12 23:28:55 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=orders@opso.it$ 2020-09-12 23:28:55 dovecot_login authenticator failed for pr.predictams.live $USER$ \[45.95.168.96\]: 535 Incorrect authentication data $set_id=orders@nophost.com$	2020-09-13 05:31:54
77.27.168.117	attackbots	2020-09-12T21:21[Censored Hostname] sshd[38271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.168.27.77.dynamic.reverse-mundo-r.com user=root 2020-09-12T21:21[Censored Hostname] sshd[38271]: Failed password for root from 77.27.168.117 port 50542 ssh2 2020-09-12T21:25[Censored Hostname] sshd[38284]: Invalid user test from 77.27.168.117 port 56604[...]	2020-09-13 05:14:57
117.247.238.10	attackbotsspam	2020-09-13T00:17:49.808366lavrinenko.info sshd[1127]: Failed password for invalid user vinay from 117.247.238.10 port 45656 ssh2 2020-09-13T00:22:26.010123lavrinenko.info sshd[1243]: Invalid user mqm from 117.247.238.10 port 38738 2020-09-13T00:22:26.015202lavrinenko.info sshd[1243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.247.238.10 2020-09-13T00:22:26.010123lavrinenko.info sshd[1243]: Invalid user mqm from 117.247.238.10 port 38738 2020-09-13T00:22:27.546802lavrinenko.info sshd[1243]: Failed password for invalid user mqm from 117.247.238.10 port 38738 ssh2 ...	2020-09-13 05:57:28
103.87.253.106	attack	Brute forcing RDP port 3389	2020-09-13 05:23:53

Recently Reported IPs

93.157.204.156	117.102.66.187	106.120.127.15	180.252.252.191
46.182.19.49	124.46.249.196	125.33.80.128	123.205.58.221
103.103.212.191	1.2.237.225	133.203.58.185	183.91.4.208
2607:f298:5:100f::2de:63f6	171.242.112.177	110.137.82.209	50.239.145.20
186.72.199.180	192.241.227.75	5.101.59.70	93.40.3.134