61.19.242.140 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: The Communication Authoity of Thailand, CAT

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Mar 8 21:00:46 vpn sshd[18913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.140 Mar 8 21:00:48 vpn sshd[18913]: Failed password for invalid user cargue from 61.19.242.140 port 54412 ssh2 Mar 8 21:06:03 vpn sshd[18952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.140	2020-01-05 20:41:52

Type

Details

Datetime

attackbotsspam

Mar  8 21:00:46 vpn sshd[18913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.140
Mar  8 21:00:48 vpn sshd[18913]: Failed password for invalid user cargue from 61.19.242.140 port 54412 ssh2
Mar  8 21:06:03 vpn sshd[18952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.140

2020-01-05 20:41:52

Comments on same subnet:

IP	Type	Details	Datetime
61.19.242.233	attack	SMB Server BruteForce Attack	2019-08-30 19:55:05
61.19.242.135	attackspam	Aug 20 14:46:36 unicornsoft sshd\[24449\]: Invalid user rustserver from 61.19.242.135 Aug 20 14:46:36 unicornsoft sshd\[24449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 Aug 20 14:46:38 unicornsoft sshd\[24449\]: Failed password for invalid user rustserver from 61.19.242.135 port 34238 ssh2	2019-08-21 06:43:04
61.19.242.135	attack	Aug 20 06:29:35 TORMINT sshd\[21856\]: Invalid user life from 61.19.242.135 Aug 20 06:29:35 TORMINT sshd\[21856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 Aug 20 06:29:37 TORMINT sshd\[21856\]: Failed password for invalid user life from 61.19.242.135 port 39640 ssh2 ...	2019-08-20 18:39:28
61.19.242.135	attackspambots	Aug 6 13:58:06 yesfletchmain sshd\[29294\]: User root from 61.19.242.135 not allowed because not listed in AllowUsers Aug 6 13:58:06 yesfletchmain sshd\[29294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 user=root Aug 6 13:58:08 yesfletchmain sshd\[29294\]: Failed password for invalid user root from 61.19.242.135 port 39646 ssh2 Aug 6 14:07:12 yesfletchmain sshd\[29486\]: Invalid user monitor from 61.19.242.135 port 47730 Aug 6 14:07:12 yesfletchmain sshd\[29486\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 ...	2019-08-07 04:58:39
61.19.242.135	attackbots	Aug 4 15:22:55 site3 sshd\[243227\]: Invalid user teamspeak4 from 61.19.242.135 Aug 4 15:22:55 site3 sshd\[243227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 Aug 4 15:22:57 site3 sshd\[243227\]: Failed password for invalid user teamspeak4 from 61.19.242.135 port 39004 ssh2 Aug 4 15:28:16 site3 sshd\[243631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 user=backup Aug 4 15:28:18 site3 sshd\[243631\]: Failed password for backup from 61.19.242.135 port 34868 ssh2 ...	2019-08-04 20:34:25
61.19.242.135	attackspambots	Jul 27 08:51:09 hosting sshd[7092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 user=root Jul 27 08:51:11 hosting sshd[7092]: Failed password for root from 61.19.242.135 port 41180 ssh2 ...	2019-07-27 15:04:11
61.19.242.135	attack	Jul 26 17:45:36 eventyay sshd[11004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 Jul 26 17:45:38 eventyay sshd[11004]: Failed password for invalid user helen from 61.19.242.135 port 44120 ssh2 Jul 26 17:50:57 eventyay sshd[12579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 ...	2019-07-27 00:05:06
61.19.242.135	attackbotsspam	Jul 26 04:42:23 eventyay sshd[23479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 Jul 26 04:42:25 eventyay sshd[23479]: Failed password for invalid user admin from 61.19.242.135 port 57166 ssh2 Jul 26 04:47:50 eventyay sshd[24883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.242.135 ...	2019-07-26 10:54:09

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.19.242.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46588
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;61.19.242.140.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 13:39:46 +08 2019
;; MSG SIZE  rcvd: 117

Host info

140.242.19.61.in-addr.arpa domain name pointer ns.ddns4u.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
140.242.19.61.in-addr.arpa	name = ns.ddns4u.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.48.139.118	attackspambots	Oct 8 02:27:43 gw1 sshd[26728]: Failed password for root from 181.48.139.118 port 58450 ssh2 ...	2020-10-08 23:56:30
113.56.119.73	attackspam	Oct 8 14:56:13 mellenthin sshd[26532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.56.119.73 user=root Oct 8 14:56:14 mellenthin sshd[26532]: Failed password for invalid user root from 113.56.119.73 port 36026 ssh2	2020-10-08 23:49:49
167.172.207.139	attack	Oct 8 03:54:32 dhoomketu sshd[3648240]: Invalid user Passw0rdsdfsd from 167.172.207.139 port 51754 Oct 8 03:54:32 dhoomketu sshd[3648240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.207.139 Oct 8 03:54:32 dhoomketu sshd[3648240]: Invalid user Passw0rdsdfsd from 167.172.207.139 port 51754 Oct 8 03:54:34 dhoomketu sshd[3648240]: Failed password for invalid user Passw0rdsdfsd from 167.172.207.139 port 51754 ssh2 Oct 8 03:58:11 dhoomketu sshd[3648287]: Invalid user Pa@ssword12 from 167.172.207.139 port 58556 ...	2020-10-08 23:25:21
45.148.10.65	attackbotsspam	Brute%20Force%20SSH	2020-10-08 23:39:07
58.210.88.98	attack	58.210.88.98 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 8 00:33:00 jbs1 sshd[23584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.210.88.98 user=root Oct 8 00:33:02 jbs1 sshd[23584]: Failed password for root from 58.210.88.98 port 42874 ssh2 Oct 8 00:33:03 jbs1 sshd[23640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.81.135 user=root Oct 8 00:33:05 jbs1 sshd[23640]: Failed password for root from 64.227.81.135 port 39406 ssh2 Oct 8 00:32:38 jbs1 sshd[23265]: Failed password for root from 163.172.154.178 port 57346 ssh2 Oct 8 00:33:52 jbs1 sshd[24098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.74.27.231 user=root IP Addresses Blocked:	2020-10-08 23:36:53
106.12.93.251	attack	2020-10-08T12:41:48.909871abusebot-6.cloudsearch.cf sshd[16901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root 2020-10-08T12:41:50.937589abusebot-6.cloudsearch.cf sshd[16901]: Failed password for root from 106.12.93.251 port 57000 ssh2 2020-10-08T12:43:50.611323abusebot-6.cloudsearch.cf sshd[16907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root 2020-10-08T12:43:52.719640abusebot-6.cloudsearch.cf sshd[16907]: Failed password for root from 106.12.93.251 port 48388 ssh2 2020-10-08T12:45:52.219122abusebot-6.cloudsearch.cf sshd[16921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 user=root 2020-10-08T12:45:54.076280abusebot-6.cloudsearch.cf sshd[16921]: Failed password for root from 106.12.93.251 port 39770 ssh2 2020-10-08T12:47:54.237845abusebot-6.cloudsearch.cf sshd[16932]: pam_unix(sshd:auth): authe ...	2020-10-08 23:50:17
1.2.151.181	attackbotsspam	Automatic report - Port Scan Attack	2020-10-08 23:42:10
186.179.68.217	attackbotsspam	SMB Server BruteForce Attack	2020-10-08 23:28:29
116.255.216.34	attackbotsspam	2020-10-08T05:39:08.405155linuxbox-skyline sshd[48087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.216.34 user=root 2020-10-08T05:39:10.248346linuxbox-skyline sshd[48087]: Failed password for root from 116.255.216.34 port 42663 ssh2 ...	2020-10-08 23:47:55
129.211.36.4	attackspam	$f2bV_matches	2020-10-09 00:02:16
180.76.165.107	attackspambots	Oct 8 14:10:34 master sshd[21904]: Failed password for root from 180.76.165.107 port 55604 ssh2 Oct 8 14:13:39 master sshd[21907]: Failed password for root from 180.76.165.107 port 57782 ssh2 Oct 8 14:15:04 master sshd[21911]: Failed password for root from 180.76.165.107 port 44710 ssh2 Oct 8 14:16:27 master sshd[21930]: Failed password for root from 180.76.165.107 port 59884 ssh2 Oct 8 14:17:51 master sshd[21940]: Failed password for root from 180.76.165.107 port 46824 ssh2 Oct 8 14:18:59 master sshd[21944]: Failed password for root from 180.76.165.107 port 33766 ssh2 Oct 8 14:20:15 master sshd[21946]: Failed password for root from 180.76.165.107 port 48932 ssh2 Oct 8 14:21:26 master sshd[21950]: Failed password for root from 180.76.165.107 port 35866 ssh2 Oct 8 14:22:35 master sshd[21952]: Failed password for root from 180.76.165.107 port 51028 ssh2 Oct 8 14:23:56 master sshd[21956]: Failed password for root from 180.76.165.107 port 37964 ssh2	2020-10-08 23:44:41
211.253.133.48	attackspambots	Oct 8 09:05:44 hidden sshd[19949]: Failed password for hidden from 211.253.133.48 port 36619 ssh2 Oct 8 09:09:45 hidden sshd[20094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.253.133.48 user=root Oct 8 09:09:48 hidden sshd[20094]: Failed password for hidden from 211.253.133.48 port 40060 ssh2	2020-10-09 00:00:56
182.254.164.34	attackbots	2020-10-08T17:39:44+0200 Failed SSH Authentication/Brute Force Attack. (Server 4)	2020-10-08 23:42:28
115.77.202.254	attackbotsspam	Unauthorized connection attempt detected from IP address 115.77.202.254 to port 23 [T]	2020-10-09 00:02:30
185.234.218.84	attack	Oct 8 15:28:53 mail postfix/smtpd\[29724\]: warning: unknown\[185.234.218.84\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 8 16:03:53 mail postfix/smtpd\[31225\]: warning: unknown\[185.234.218.84\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 8 16:39:03 mail postfix/smtpd\[31975\]: warning: unknown\[185.234.218.84\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 8 17:13:57 mail postfix/smtpd\[1400\]: warning: unknown\[185.234.218.84\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-08 23:52:44

Recently Reported IPs

134.209.15.55	190.55.91.5	157.230.136.51	130.211.205.153
45.55.10.175	63.141.227.226	188.127.4.64	157.230.87.111
37.230.112.159	178.90.213.124	67.205.167.124	157.230.15.89
41.230.16.199	45.63.11.179	132.145.156.103	104.248.228.68
157.230.229.181	46.19.230.42	188.242.190.112	37.252.78.38