119.42.94.133 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 119.42.94.133 on Port 445(SMB)	2020-02-03 19:58:45

Comments on same subnet:

IP	Type	Details	Datetime
119.42.94.194	attackbots	SMTP unauthorised login attempts	2020-01-28 19:43:50
119.42.94.36	attack	Jan 13 05:47:30 cvbnet sshd[13504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.94.36 Jan 13 05:47:32 cvbnet sshd[13504]: Failed password for invalid user admina from 119.42.94.36 port 50861 ssh2 ...	2020-01-13 19:09:31
119.42.94.130	attackspambots	445/tcp [2019-11-01]1pkt	2019-11-01 15:42:31
119.42.94.191	attackbotsspam	119.42.94.191 - - [18/Oct/2019:07:40:01 -0400] "GET /?page=products&action=../../../etc/passwd&manufacturerID=61&productID=4701-RIM&linkID=16812 HTTP/1.1" 200 17416 "https://exitdevice.com/?page=products&action=../../../etc/passwd&manufacturerID=61&productID=4701-RIM&linkID=16812" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-18 23:07:59
119.42.94.76	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 04:00:31,275 INFO [shellcode_manager] (119.42.94.76) no match, writing hexdump (63e4bd557ef625c2aa17460fe799c98e :2080238) - MS17010 (EternalBlue)	2019-06-27 19:16:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.94.133
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16899
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.94.133.			IN	A

;; AUTHORITY SECTION:
.			525	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020300 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 03 19:58:42 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 133.94.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 133.94.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.143.111.229	attack	Jul 19 18:04:29 lcl-usvr-02 sshd[14275]: Invalid user webftp from 181.143.111.229 port 44018 Jul 19 18:04:29 lcl-usvr-02 sshd[14275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.143.111.229 Jul 19 18:04:29 lcl-usvr-02 sshd[14275]: Invalid user webftp from 181.143.111.229 port 44018 Jul 19 18:04:31 lcl-usvr-02 sshd[14275]: Failed password for invalid user webftp from 181.143.111.229 port 44018 ssh2 Jul 19 18:10:19 lcl-usvr-02 sshd[15711]: Invalid user tim from 181.143.111.229 port 46599 ...	2019-07-19 23:41:11
193.70.72.249	attackbots	WordPress wp-login brute force :: 193.70.72.249 0.068 BYPASS [20/Jul/2019:00:17:32 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 4214 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-20 00:20:20
95.90.218.42	attackbotsspam	Jul 19 07:45:20 server postfix/smtpd[18837]: NOQUEUE: reject: RCPT from ip5f5ada2a.dynamic.kabel-deutschland.de[95.90.218.42]: 554 5.7.1 Service unavailable; Client host [95.90.218.42] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/95.90.218.42; from= to= proto=ESMTP helo=	2019-07-20 00:12:01
187.22.156.214	attackspambots	Lines containing failures of 187.22.156.214 Jul 16 12:41:19 benjouille sshd[21115]: Invalid user back from 187.22.156.214 port 51982 Jul 16 12:41:19 benjouille sshd[21115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.22.156.214 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=187.22.156.214	2019-07-20 00:48:56
187.149.67.66	attack	Automatic report - Port Scan Attack	2019-07-20 00:45:21
129.150.112.159	attack	Jul 19 18:27:17 arianus sshd\[488\]: Invalid user japca from 129.150.112.159 port 18280 ...	2019-07-20 00:33:03
104.238.116.94	attackbotsspam	Jul 19 16:40:51 debian sshd\[7524\]: Invalid user kayten from 104.238.116.94 port 46836 Jul 19 16:40:51 debian sshd\[7524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.238.116.94 ...	2019-07-20 00:00:08
90.5.34.23	attack	445/tcp [2019-07-19]1pkt	2019-07-20 00:32:37
77.68.197.227	attackbotsspam	Jul 19 17:25:25 [munged] sshd[27548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.68.197.227 user=root Jul 19 17:25:27 [munged] sshd[27548]: Failed password for root from 77.68.197.227 port 41628 ssh2	2019-07-20 00:04:34
50.39.106.98	attackspam	22/tcp [2019-07-19]1pkt	2019-07-20 00:27:06
186.206.134.122	attack	2019-07-19T15:43:54.553915lon01.zurich-datacenter.net sshd\[25374\]: Invalid user can from 186.206.134.122 port 60534 2019-07-19T15:43:54.558265lon01.zurich-datacenter.net sshd\[25374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.134.122 2019-07-19T15:43:56.906722lon01.zurich-datacenter.net sshd\[25374\]: Failed password for invalid user can from 186.206.134.122 port 60534 ssh2 2019-07-19T15:50:05.888690lon01.zurich-datacenter.net sshd\[25534\]: Invalid user guillaume from 186.206.134.122 port 51436 2019-07-19T15:50:05.895311lon01.zurich-datacenter.net sshd\[25534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.206.134.122 ...	2019-07-19 23:56:39
162.243.144.173	attackspambots	[httpReq only by ip - not DomainName] [bad UserAgent]	2019-07-20 00:15:29
120.199.34.58	attack	" "	2019-07-19 23:33:13
132.232.6.93	attack	Joomla HTTP User Agent Object Injection Vulnerability	2019-07-19 23:58:17
74.82.47.59	attackbotsspam	443/udp 50070/tcp 389/tcp... [2019-05-22/07-19]63pkt,19pt.(tcp),3pt.(udp)	2019-07-19 23:58:50

Recently Reported IPs

149.209.250.44	102.137.26.46	94.189.95.252	122.3.55.209
184.39.57.217	72.90.76.97	181.174.205.44	137.224.91.183
182.158.150.24	78.142.2.67	69.255.227.70	14.170.141.96
73.144.179.224	98.43.159.250	223.9.134.116	185.186.245.25
176.228.178.244	24.67.21.218	58.255.162.219	201.217.173.40