202.5.19.42 - IPInfo

Basic Info

City: Los Angeles

Region: California

Country: United States

Internet Service Provider: HostUS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 29 21:57:29 server sshd\[28126\]: Invalid user server from 202.5.19.42 Nov 29 21:57:29 server sshd\[28126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 Nov 29 21:57:30 server sshd\[28126\]: Failed password for invalid user server from 202.5.19.42 port 41818 ssh2 Nov 29 22:01:57 server sshd\[29301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 user=root Nov 29 22:01:59 server sshd\[29301\]: Failed password for root from 202.5.19.42 port 35333 ssh2 ...	2019-11-30 05:06:57
attackspam	Nov 25 18:54:57 mxgate1 sshd[26340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 user=backup Nov 25 18:54:59 mxgate1 sshd[26340]: Failed password for backup from 202.5.19.42 port 62576 ssh2 Nov 25 18:54:59 mxgate1 sshd[26340]: Received disconnect from 202.5.19.42 port 62576:11: Bye Bye [preauth] Nov 25 18:54:59 mxgate1 sshd[26340]: Disconnected from 202.5.19.42 port 62576 [preauth] Nov 25 19:17:38 mxgate1 sshd[27278]: Invalid user gathe from 202.5.19.42 port 41910 Nov 25 19:17:38 mxgate1 sshd[27278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 Nov 25 19:17:40 mxgate1 sshd[27278]: Failed password for invalid user gathe from 202.5.19.42 port 41910 ssh2 Nov 25 19:17:40 mxgate1 sshd[27278]: Received disconnect from 202.5.19.42 port 41910:11: Bye Bye [preauth] Nov 25 19:17:40 mxgate1 sshd[27278]: Disconnected from 202.5.19.42 port 41910 [preauth] ........ ----------------------------------------------	2019-11-26 07:18:55
attack	Nov 23 14:36:07 localhost sshd\[24391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 user=root Nov 23 14:36:09 localhost sshd\[24391\]: Failed password for root from 202.5.19.42 port 37744 ssh2 Nov 23 14:59:10 localhost sshd\[24749\]: Invalid user xia from 202.5.19.42 port 22999 ...	2019-11-24 03:19:11
attack	Nov 22 10:48:19 areeb-Workstation sshd[28592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 Nov 22 10:48:20 areeb-Workstation sshd[28592]: Failed password for invalid user rollin from 202.5.19.42 port 64494 ssh2 ...	2019-11-22 13:42:01
attackbotsspam	Nov 15 12:33:00 server sshd\[18780\]: Invalid user chemig from 202.5.19.42 Nov 15 12:33:00 server sshd\[18780\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 Nov 15 12:33:02 server sshd\[18780\]: Failed password for invalid user chemig from 202.5.19.42 port 53336 ssh2 Nov 15 12:45:15 server sshd\[21924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 user=root Nov 15 12:45:17 server sshd\[21924\]: Failed password for root from 202.5.19.42 port 34644 ssh2 ...	2019-11-15 22:21:41
attackspambots	Nov 12 05:05:42 php1 sshd\[6685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 user=root Nov 12 05:05:44 php1 sshd\[6685\]: Failed password for root from 202.5.19.42 port 53654 ssh2 Nov 12 05:09:56 php1 sshd\[7140\]: Invalid user ochman from 202.5.19.42 Nov 12 05:09:56 php1 sshd\[7140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 Nov 12 05:09:58 php1 sshd\[7140\]: Failed password for invalid user ochman from 202.5.19.42 port 41387 ssh2	2019-11-13 02:29:01
attack	Nov 9 05:42:52 eddieflores sshd\[7987\]: Invalid user io from 202.5.19.42 Nov 9 05:42:52 eddieflores sshd\[7987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 Nov 9 05:42:53 eddieflores sshd\[7987\]: Failed password for invalid user io from 202.5.19.42 port 55754 ssh2 Nov 9 05:46:45 eddieflores sshd\[8306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.19.42 user=root Nov 9 05:46:47 eddieflores sshd\[8306\]: Failed password for root from 202.5.19.42 port 40637 ssh2	2019-11-10 00:19:38

Comments on same subnet:

IP	Type	Details	Datetime
202.5.198.15	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-23 08:29:31
202.5.198.40	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 01-10-2019 04:45:18.	2019-10-01 20:09:36
202.5.198.1	attackbots	Aug 11 05:36:40 microserver sshd[5204]: Invalid user admon from 202.5.198.1 port 57973 Aug 11 05:36:40 microserver sshd[5204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 Aug 11 05:36:41 microserver sshd[5204]: Failed password for invalid user admon from 202.5.198.1 port 57973 ssh2 Aug 11 05:42:05 microserver sshd[5879]: Invalid user ch from 202.5.198.1 port 60173 Aug 11 05:42:05 microserver sshd[5879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 Aug 11 05:53:00 microserver sshd[7264]: Invalid user nagios from 202.5.198.1 port 53173 Aug 11 05:53:00 microserver sshd[7264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 Aug 11 05:53:01 microserver sshd[7264]: Failed password for invalid user nagios from 202.5.198.1 port 53173 ssh2 Aug 11 05:58:24 microserver sshd[7949]: Invalid user amssys from 202.5.198.1 port 55372 Aug 11 05:58:24 microserver sshd	2019-08-11 13:47:54
202.5.198.1	attackbotsspam	2019-08-07T20:52:13.031933abusebot-2.cloudsearch.cf sshd\[14711\]: Invalid user admin321 from 202.5.198.1 port 50733	2019-08-08 05:06:42
202.5.198.1	attackbots	Aug 6 02:37:18 debian sshd\[9381\]: Invalid user deva from 202.5.198.1 port 59708 Aug 6 02:37:18 debian sshd\[9381\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 ...	2019-08-06 09:41:56
202.5.198.1	attackbots	Aug 1 13:58:21 MK-Soft-VM4 sshd\[22060\]: Invalid user webster from 202.5.198.1 port 55592 Aug 1 13:58:21 MK-Soft-VM4 sshd\[22060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 Aug 1 13:58:24 MK-Soft-VM4 sshd\[22060\]: Failed password for invalid user webster from 202.5.198.1 port 55592 ssh2 ...	2019-08-01 22:06:09
202.5.198.1	attackbots	Jul 23 11:12:43 meumeu sshd[20330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 Jul 23 11:12:45 meumeu sshd[20330]: Failed password for invalid user dennis from 202.5.198.1 port 58100 ssh2 Jul 23 11:18:42 meumeu sshd[2331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 ...	2019-07-23 20:27:33
202.5.198.1	attackspam	Jul 23 03:37:45 meumeu sshd[2276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 Jul 23 03:37:46 meumeu sshd[2276]: Failed password for invalid user server from 202.5.198.1 port 53228 ssh2 Jul 23 03:43:30 meumeu sshd[12759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 ...	2019-07-23 09:51:13
202.5.198.1	attack	Jul 22 23:21:53 meumeu sshd[11927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 Jul 22 23:21:54 meumeu sshd[11927]: Failed password for invalid user test2 from 202.5.198.1 port 50382 ssh2 Jul 22 23:27:29 meumeu sshd[12987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.5.198.1 ...	2019-07-23 05:28:31
202.5.198.1	attackbots	Jul 2 06:20:37 mail sshd\[7664\]: Failed password for invalid user ghislain from 202.5.198.1 port 50033 ssh2 Jul 2 06:38:13 mail sshd\[8146\]: Invalid user no from 202.5.198.1 port 58604 ...	2019-07-02 13:39:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.5.19.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.5.19.42.			IN	A

;; AUTHORITY SECTION:
.			222	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110900 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 10 00:19:29 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 42.19.5.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.19.5.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.12.118.6	attackbotsspam	failed_logins	2019-11-11 03:27:31
51.75.52.127	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 41 - port: 3405 proto: TCP cat: Misc Attack	2019-11-11 03:06:49
66.143.231.89	attackbotsspam	Nov 10 08:50:06 hanapaa sshd\[13851\]: Invalid user nano from 66.143.231.89 Nov 10 08:50:06 hanapaa sshd\[13851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.143.231.89 Nov 10 08:50:09 hanapaa sshd\[13851\]: Failed password for invalid user nano from 66.143.231.89 port 58193 ssh2 Nov 10 08:57:53 hanapaa sshd\[14484\]: Invalid user cool from 66.143.231.89 Nov 10 08:57:53 hanapaa sshd\[14484\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.143.231.89	2019-11-11 03:18:21
157.245.193.75	attackbotsspam	Nov 10 23:08:20 lcl-usvr-02 sshd[23163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.193.75 user=root Nov 10 23:08:22 lcl-usvr-02 sshd[23163]: Failed password for root from 157.245.193.75 port 61146 ssh2 ...	2019-11-11 03:11:36
88.85.213.129	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 83 - port: 23 proto: TCP cat: Misc Attack	2019-11-11 03:05:20
61.177.172.158	attack	ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak	2019-11-11 03:06:33
207.154.211.20	attackbots	Nov 10 07:22:44 our-server-hostname postfix/smtpd[3384]: connect from unknown[207.154.211.20] Nov x@x Nov 10 07:22:46 our-server-hostname postfix/smtpd[3384]: lost connection after RCPT from unknown[207.154.211.20] Nov 10 07:22:46 our-server-hostname postfix/smtpd[3384]: disconnect from unknown[207.154.211.20] Nov 10 07:23:14 our-server-hostname postfix/smtpd[1559]: connect from unknown[207.154.211.20] Nov 10 07:23:15 our-server-hostname postfix/smtpd[1559]: NOQUEUE: reject: RCPT from unknown[207.154.211.20]: 554 5.7.1 Service unavailable; Client host [207.154.211.20] blocked using zen.s .... truncated .... x@x Nov 10 08:16:48 our-server-hostname postfix/smtpd[16048]: lost connection after RCPT from unknown[207.154.211.20] Nov 10 08:16:48 our-server-hostname postfix/smtpd[16048]: disconnect from unknown[207.154.211.20] Nov 10 08:20:26 our-server-hostname postfix/smtpd[20126]: connect from unknown[207.154.211.20] Nov x@x Nov 10 08:20:27 our-server-hostname postfix/smtp........ -------------------------------	2019-11-11 03:13:39
187.7.230.28	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-11-11 03:00:18
14.232.208.115	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 9 - port: 1433 proto: TCP cat: Misc Attack	2019-11-11 03:08:13
115.29.11.56	attackbots	Nov 10 18:35:10 server sshd\[9264\]: Invalid user catarina from 115.29.11.56 Nov 10 18:35:10 server sshd\[9264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.29.11.56 Nov 10 18:35:12 server sshd\[9264\]: Failed password for invalid user catarina from 115.29.11.56 port 37151 ssh2 Nov 10 19:08:11 server sshd\[17867\]: Invalid user efrainn from 115.29.11.56 Nov 10 19:08:11 server sshd\[17867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.29.11.56 ...	2019-11-11 03:22:34
198.108.67.20	attack	ET DROP Dshield Block Listed Source group 1 - port: 1433 proto: TCP cat: Misc Attack	2019-11-11 02:59:48
89.248.168.217	attackspam	10.11.2019 18:34:43 Connection to port 1046 blocked by firewall	2019-11-11 03:04:48
45.82.153.35	attackbotsspam	firewall-block, port(s): 1889/tcp	2019-11-11 03:07:11
5.45.6.66	attack	2019-11-10T11:58:26.9009091495-001 sshd\[43445\]: Failed password for invalid user jenkins from 5.45.6.66 port 40438 ssh2 2019-11-10T13:00:43.5318751495-001 sshd\[45932\]: Invalid user usuario from 5.45.6.66 port 46688 2019-11-10T13:00:43.5395281495-001 sshd\[45932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=066-006-045-005.ip-addr.inexio.net 2019-11-10T13:00:44.9232971495-001 sshd\[45932\]: Failed password for invalid user usuario from 5.45.6.66 port 46688 ssh2 2019-11-10T13:03:39.8254711495-001 sshd\[46076\]: Invalid user guest from 5.45.6.66 port 48234 2019-11-10T13:03:39.8299911495-001 sshd\[46076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=066-006-045-005.ip-addr.inexio.net ...	2019-11-11 03:09:56
88.99.95.219	attackspam	Nov 10 13:55:43 TORMINT sshd\[17798\]: Invalid user choyee from 88.99.95.219 Nov 10 13:55:43 TORMINT sshd\[17798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.99.95.219 Nov 10 13:55:45 TORMINT sshd\[17798\]: Failed password for invalid user choyee from 88.99.95.219 port 34780 ssh2 ...	2019-11-11 03:09:37

Recently Reported IPs

51.75.130.186	36.224.83.218	173.239.232.117	159.65.166.238
111.255.47.18	180.112.186.187	90.49.183.190	39.108.70.56
51.91.10.156	92.63.194.91	190.14.242.151	50.115.169.100
49.235.245.12	37.47.179.55	119.115.114.26	37.154.70.24
183.157.170.18	213.45.26.239	175.158.50.79	142.93.127.179