119.42.94.194 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SMTP unauthorised login attempts	2020-01-28 19:43:50

Comments on same subnet:

IP	Type	Details	Datetime
119.42.94.133	attackbotsspam	Unauthorized connection attempt from IP address 119.42.94.133 on Port 445(SMB)	2020-02-03 19:58:45
119.42.94.36	attack	Jan 13 05:47:30 cvbnet sshd[13504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.94.36 Jan 13 05:47:32 cvbnet sshd[13504]: Failed password for invalid user admina from 119.42.94.36 port 50861 ssh2 ...	2020-01-13 19:09:31
119.42.94.130	attackspambots	445/tcp [2019-11-01]1pkt	2019-11-01 15:42:31
119.42.94.191	attackbotsspam	119.42.94.191 - - [18/Oct/2019:07:40:01 -0400] "GET /?page=products&action=../../../etc/passwd&manufacturerID=61&productID=4701-RIM&linkID=16812 HTTP/1.1" 200 17416 "https://exitdevice.com/?page=products&action=../../../etc/passwd&manufacturerID=61&productID=4701-RIM&linkID=16812" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-18 23:07:59
119.42.94.76	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 04:00:31,275 INFO [shellcode_manager] (119.42.94.76) no match, writing hexdump (63e4bd557ef625c2aa17460fe799c98e :2080238) - MS17010 (EternalBlue)	2019-06-27 19:16:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.94.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23522
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.42.94.194.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012800 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 19:43:41 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 194.94.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 194.94.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.66	attack	2019-12-01T08:02:44.283155abusebot-6.cloudsearch.cf sshd\[22663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.66 user=root	2019-12-01 16:35:44
221.122.93.232	attack	2019-12-01T07:17:21.655034 sshd[16680]: Invalid user dasusr1 from 221.122.93.232 port 35806 2019-12-01T07:17:21.669393 sshd[16680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.93.232 2019-12-01T07:17:21.655034 sshd[16680]: Invalid user dasusr1 from 221.122.93.232 port 35806 2019-12-01T07:17:23.857597 sshd[16680]: Failed password for invalid user dasusr1 from 221.122.93.232 port 35806 ssh2 2019-12-01T07:28:52.277160 sshd[16806]: Invalid user adeline from 221.122.93.232 port 49442 ...	2019-12-01 16:26:05
218.92.0.157	attackspam	"Fail2Ban detected SSH brute force attempt"	2019-12-01 16:57:18
185.176.27.2	attack	Dec 1 09:37:10 h2177944 kernel: \[8064679.281385\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=37732 PROTO=TCP SPT=8080 DPT=21894 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 1 09:40:14 h2177944 kernel: \[8064862.727621\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=26968 PROTO=TCP SPT=8080 DPT=20363 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 1 09:45:33 h2177944 kernel: \[8065181.975701\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=26943 PROTO=TCP SPT=8080 DPT=20271 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 1 09:46:56 h2177944 kernel: \[8065264.534266\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=57386 PROTO=TCP SPT=8080 DPT=21302 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 1 09:50:55 h2177944 kernel: \[8065503.929886\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.2 DST=85.214.117.9 LEN=	2019-12-01 16:53:30
193.77.155.50	attack	Dec 1 09:13:38 server sshd\[21199\]: Invalid user admin from 193.77.155.50 Dec 1 09:13:38 server sshd\[21199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bsn-77-155-50.static.siol.net Dec 1 09:13:40 server sshd\[21199\]: Failed password for invalid user admin from 193.77.155.50 port 41374 ssh2 Dec 1 09:28:11 server sshd\[24711\]: Invalid user clock from 193.77.155.50 Dec 1 09:28:11 server sshd\[24711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bsn-77-155-50.static.siol.net ...	2019-12-01 16:54:44
223.97.192.122	attackspambots	UTC: 2019-11-30 pkts: 13 port: 23/tcp	2019-12-01 16:54:26
139.59.17.193	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-12-01 16:56:28
212.156.17.218	attack	2019-12-01T08:27:38.397403abusebot-3.cloudsearch.cf sshd\[19925\]: Invalid user rolph from 212.156.17.218 port 36110	2019-12-01 16:53:17
91.121.157.15	attackspam	Dec 1 09:37:52 MK-Soft-Root2 sshd[1513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.157.15 Dec 1 09:37:54 MK-Soft-Root2 sshd[1513]: Failed password for invalid user info from 91.121.157.15 port 58718 ssh2 ...	2019-12-01 16:38:28
103.98.63.84	attack	Lines containing failures of 103.98.63.84 Dec 1 07:23:50 shared10 sshd[6921]: Invalid user media from 103.98.63.84 port 11063 Dec 1 07:23:50 shared10 sshd[6921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.98.63.84 Dec 1 07:23:52 shared10 sshd[6921]: Failed password for invalid user media from 103.98.63.84 port 11063 ssh2 Dec 1 07:23:52 shared10 sshd[6921]: Connection closed by invalid user media 103.98.63.84 port 11063 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.98.63.84	2019-12-01 17:03:05
51.79.70.223	attackspambots	Dec 1 03:51:20 linuxvps sshd\[31843\]: Invalid user angeline from 51.79.70.223 Dec 1 03:51:20 linuxvps sshd\[31843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.70.223 Dec 1 03:51:22 linuxvps sshd\[31843\]: Failed password for invalid user angeline from 51.79.70.223 port 38094 ssh2 Dec 1 03:54:19 linuxvps sshd\[33748\]: Invalid user admin from 51.79.70.223 Dec 1 03:54:19 linuxvps sshd\[33748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.70.223	2019-12-01 16:58:30
118.187.6.24	attackbots	Dec 1 07:51:00 localhost sshd[16437]: Failed password for invalid user ingermette from 118.187.6.24 port 56690 ssh2 Dec 1 07:55:38 localhost sshd[16441]: Invalid user witwicki from 118.187.6.24 port 54188 Dec 1 07:55:38 localhost sshd[16441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.187.6.24 Dec 1 07:55:38 localhost sshd[16441]: Invalid user witwicki from 118.187.6.24 port 54188 Dec 1 07:55:41 localhost sshd[16441]: Failed password for invalid user witwicki from 118.187.6.24 port 54188 ssh2	2019-12-01 16:40:38
94.23.145.124	attackbots	Dec 1 13:27:57 lcl-usvr-02 sshd[30149]: Invalid user admin from 94.23.145.124 port 35261 ...	2019-12-01 17:04:33
82.99.40.237	attack	Dec 1 03:04:12 linuxvps sshd\[10765\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.99.40.237 user=root Dec 1 03:04:14 linuxvps sshd\[10765\]: Failed password for root from 82.99.40.237 port 46704 ssh2 Dec 1 03:07:15 linuxvps sshd\[11059\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.99.40.237 user=root Dec 1 03:07:18 linuxvps sshd\[11059\]: Failed password for root from 82.99.40.237 port 54164 ssh2 Dec 1 03:10:30 linuxvps sshd\[11105\]: Invalid user pennywell from 82.99.40.237 Dec 1 03:10:30 linuxvps sshd\[11105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.99.40.237	2019-12-01 16:25:08
107.170.227.141	attack	Nov 30 22:22:15 wbs sshd\[31177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.227.141 user=root Nov 30 22:22:16 wbs sshd\[31177\]: Failed password for root from 107.170.227.141 port 44730 ssh2 Nov 30 22:25:17 wbs sshd\[31431\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.227.141 user=root Nov 30 22:25:19 wbs sshd\[31431\]: Failed password for root from 107.170.227.141 port 51456 ssh2 Nov 30 22:28:30 wbs sshd\[31711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.227.141 user=root	2019-12-01 16:30:42

Recently Reported IPs

175.111.183.211	171.248.78.231	138.130.138.252	123.201.136.18
116.48.107.239	116.25.227.69	104.138.238.12	227.72.63.47
103.22.173.230	95.237.55.224	111.125.121.134	89.250.223.212
103.127.185.164	89.250.223.97	89.250.223.58	71.104.248.106
89.250.223.47	89.141.46.240	83.233.38.217	63.143.99.227