JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.42.96.252

119.42.96.252 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 100%: ?

100%

ISP	10 Fl. 72. CAT TELECOM TOWER Bangrak Bangkok Thailand
Usage Type	Fixed Line ISP
ASN	AS131090
Domain Name	ntplc.co.th
Country	🇹🇭 Thailand
City	Chiang Mai, Chiang Mai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.42.96.252

Whois 119.42.96.252

IP Abuse Reports for 119.42.96.252:

This IP address has been reported a total of 45 times from 38 distinct sources. 119.42.96.252 was first reported on March 21st 2022, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-10 08:15:42 (3 hours ago)	2026-06-10T11:15:39.221380 localhost.localdomain sshd[1860402]: pam_unix(sshd:auth): authentication ... show more 2026-06-10T11:15:39.221380 localhost.localdomain sshd[1860402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.96.252 user=root 2026-06-10T11:15:41.657234 localhost.localdomain sshd[1860402]: Failed password for root from 119.42.96.252 port 38744 ssh2 ... show less	Brute-Force SSH
🇩🇪 Bigbear3	2026-06-10 07:22:13 (4 hours ago)	Report-by-bigbear3	Brute-Force SSH
🇩🇪 D3vNu11	2026-06-10 07:16:56 (4 hours ago)	Level: (LOW): Known Attacker via Cowrie IOC Country: Thailand 1x -> Target Country: Frankreich SSH	Hacking Brute-Force SSH
Anonymous	2026-06-10 07:04:24 (4 hours ago)	2026-06-10T09:04:22.315696+02:00 debian sshd-session[2104444]: Invalid user deploy from 119.42.96.25 ... show more 2026-06-10T09:04:22.315696+02:00 debian sshd-session[2104444]: Invalid user deploy from 119.42.96.252 port 35398 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-10 06:36:30 (5 hours ago)	119.42.96.252 (TH/Thailand/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; P ... show more 119.42.96.252 (TH/Thailand/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 10 01:35:39 13400 sshd[17285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.173.8 user=root Jun 10 01:35:41 13400 sshd[17285]: Failed password for root from 157.245.173.8 port 55608 ssh2 Jun 10 01:35:10 13400 sshd[17127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.171.25.1 user=root Jun 10 01:35:12 13400 sshd[17127]: Failed password for root from 112.171.25.1 port 60930 ssh2 Jun 10 01:36:11 13400 sshd[17638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.96.252 user=root IP Addresses Blocked: 157.245.173.8 (US/United States/-) 112.171.25.1 (KR/South Korea/-) show less	Brute-Force SSH
🇬🇧 ISPLtd	2026-06-10 06:09:49 (5 hours ago)	Jun 10 03:09:47 119.42.96.252 TCP SPT=33834 DPT=22 SYN ...	Port Scan SSH
🇩🇪 tentwentyfour	2026-06-10 03:31:05 (8 hours ago)	Blocked for probing SSH accounts	Brute-Force SSH
🇷🇸 Scan	2026-06-10 02:29:39 (9 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-10 02:16:45 (9 hours ago)	2026-06-09 05:15:36,244 fail2ban.actions [3799592]: NOTICE [sshd] Ban 119.42.96.252 2026-06- ... show more 2026-06-09 05:15:36,244 fail2ban.actions [3799592]: NOTICE [sshd] Ban 119.42.96.252 2026-06-10 04:16:44,882 fail2ban.actions [3799592]: NOTICE [sshd] Ban 119.42.96.252 ... show less	Brute-Force Exploited Host
🇺🇸 yzfdude1	2026-06-10 02:09:04 (9 hours ago)	Jun 9 19:16:33 b146-54 sshd[117383]: Failed password for invalid user btc from 119.42.96.252 port 5 ... show more Jun 9 19:16:33 b146-54 sshd[117383]: Failed password for invalid user btc from 119.42.96.252 port 56128 ssh2 Jun 9 20:09:02 b146-54 sshd[118229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.96.252 user=root Jun 9 20:09:04 b146-54 sshd[118229]: Failed password for root from 119.42.96.252 port 59876 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-10 01:07:28 (10 hours ago)	119.42.96.252 (TH/Thailand/-), 5 distributed sshd attacks on account [debian] in the last 3600 secs; ... show more 119.42.96.252 (TH/Thailand/-), 5 distributed sshd attacks on account [debian] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 9 20:06:33 13961 sshd[6020]: Invalid user debian from 88.20.32.209 port 34124 Jun 9 20:06:35 13961 sshd[6020]: Failed password for invalid user debian from 88.20.32.209 port 34124 ssh2 Jun 9 20:07:04 13961 sshd[6427]: Invalid user debian from 119.42.96.252 port 52814 Jun 9 20:06:03 13961 sshd[5877]: Invalid user debian from 37.60.232.146 port 33378 Jun 9 20:06:05 13961 sshd[5877]: Failed password for invalid user debian from 37.60.232.146 port 33378 ssh2 IP Addresses Blocked: 88.20.32.209 (ES/Spain/209.red-88-20-32.staticip.rima-tde.net) show less	Brute-Force SSH
🇭🇰 CGT Software Webmaster	2026-06-09 22:37:57 (13 hours ago)	2026-06-09T22:33:56.535640+00:00 CVM51718 sshd[3940160]: pam_unix(sshd:auth): authentication failure ... show more 2026-06-09T22:33:56.535640+00:00 CVM51718 sshd[3940160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.96.252 2026-06-09T22:33:59.066221+00:00 CVM51718 sshd[3940160]: Failed password for invalid user postgres from 119.42.96.252 port 49694 ssh2 2026-06-09T22:37:56.512108+00:00 CVM51718 sshd[3940700]: Invalid user zabbix from 119.42.96.252 port 38782 ... show less	Port Scan Brute-Force
🇩🇪 NetWatch	2026-06-09 21:46:49 (14 hours ago)	The IP 119.42.96.252 tried multiple SSH_BRUTE_FORCE logins	Brute-Force
🇺🇸 bigscoots.com	2026-06-09 21:06:05 (14 hours ago)	119.42.96.252 (TH/Thailand/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; P ... show more 119.42.96.252 (TH/Thailand/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 9 16:05:54 14850 sshd[412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.221.43.90 user=root Jun 9 16:05:24 14850 sshd[32734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.96.252 user=root Jun 9 16:05:26 14850 sshd[32734]: Failed password for root from 119.42.96.252 port 47740 ssh2 Jun 9 16:04:53 14850 sshd[32292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.199.56.92 user=root Jun 9 16:04:55 14850 sshd[32292]: Failed password for root from 213.199.56.92 port 35844 ssh2 IP Addresses Blocked: 111.221.43.90 (ID/Indonesia/priv90.daxa.net) show less	Brute-Force SSH
Anonymous	2026-06-09 17:06:59 (18 hours ago)	SSH brute force attempt. User: deploy, Pass: [REDACTED]	Brute-Force SSH

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.188.45.179

🇨🇳 112.94.190.141

🇮🇳 106.222.248.21

🇹🇷 88.250.68.66

🇳🇱 45.148.10.157

🇺🇸 34.125.195.177

🇨🇳 114.67.232.93

🇺🇸 113.20.4.9

🇨🇳 106.13.7.239

🇧🇪 198.235.24.234

🇧🇷 191.232.213.89

🇳🇬 155.93.116.10

🇮🇳 106.219.171.215

🇺🇸 64.62.197.6

🇦🇺 52.63.6.60

🇮🇪 52.18.197.39

🇨🇳 14.20.157.193

🇦🇷 206.1.68.157

🇮🇩 203.175.125.185

🇺🇸 172.214.99.4