5.253.19.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: xTom OU

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[portscan] Port scan	2019-09-29 23:14:00

Comments on same subnet:

IP	Type	Details	Datetime
5.253.19.12	attackbots	Automatic report - Port Scan Attack	2020-06-11 04:22:16
5.253.19.77	attackspambots	Fail2Ban Ban Triggered	2020-05-27 21:37:55
5.253.19.43	attackspam	Looking for resource vulnerabilities	2019-08-10 11:59:39
5.253.19.70	attackspambots	Automatic report - Banned IP Access	2019-08-01 15:37:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.253.19.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38498
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.253.19.142.			IN	A

;; AUTHORITY SECTION:
.			384	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092900 1800 900 604800 86400

;; Query time: 381 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 29 23:13:56 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 142.19.253.5.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.19.253.5.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.90.101.165	attack	2020-04-23T23:37:47.3304341495-001 sshd[16428]: Invalid user kl from 201.90.101.165 port 46002 2020-04-23T23:37:47.3346721495-001 sshd[16428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.90.101.165 2020-04-23T23:37:47.3304341495-001 sshd[16428]: Invalid user kl from 201.90.101.165 port 46002 2020-04-23T23:37:49.0477161495-001 sshd[16428]: Failed password for invalid user kl from 201.90.101.165 port 46002 ssh2 2020-04-23T23:41:01.8718991495-001 sshd[16515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.90.101.165 user=root 2020-04-23T23:41:03.8860921495-001 sshd[16515]: Failed password for root from 201.90.101.165 port 34778 ssh2 ...	2020-04-24 12:43:20
106.124.131.70	attackbots	Apr 24 06:03:55 jane sshd[18784]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.131.70 Apr 24 06:03:58 jane sshd[18784]: Failed password for invalid user cy from 106.124.131.70 port 53716 ssh2 ...	2020-04-24 12:28:16
71.232.255.76	attackbots	Automatic report - Banned IP Access	2020-04-24 12:34:25
49.233.188.133	attack	Apr 24 05:54:47 pve1 sshd[26417]: Failed password for root from 49.233.188.133 port 36010 ssh2 ...	2020-04-24 12:19:11
80.82.77.212	attackbots	firewall-block, port(s): 17/udp, 49152/udp, 49154/udp	2020-04-24 12:20:31
125.137.191.215	attack	$f2bV_matches	2020-04-24 12:38:58
111.229.78.199	attackbots	Apr 24 06:10:22 plex sshd[7297]: Failed password for invalid user nn from 111.229.78.199 port 39916 ssh2 Apr 24 06:10:19 plex sshd[7297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.78.199 Apr 24 06:10:19 plex sshd[7297]: Invalid user nn from 111.229.78.199 port 39916 Apr 24 06:10:22 plex sshd[7297]: Failed password for invalid user nn from 111.229.78.199 port 39916 ssh2 Apr 24 06:13:39 plex sshd[7394]: Invalid user oracle from 111.229.78.199 port 56208	2020-04-24 12:13:57
1.54.133.10	attack	Apr 24 05:48:32 OPSO sshd\[27781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.54.133.10 user=root Apr 24 05:48:34 OPSO sshd\[27781\]: Failed password for root from 1.54.133.10 port 38874 ssh2 Apr 24 05:53:27 OPSO sshd\[28655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.54.133.10 user=admin Apr 24 05:53:28 OPSO sshd\[28655\]: Failed password for admin from 1.54.133.10 port 52266 ssh2 Apr 24 05:58:07 OPSO sshd\[29208\]: Invalid user ie from 1.54.133.10 port 37418 Apr 24 05:58:07 OPSO sshd\[29208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.54.133.10	2020-04-24 12:22:05
106.75.90.101	attackbots	Lines containing failures of 106.75.90.101 Apr 23 17:55:53 kmh-sql-001-nbg01 sshd[31252]: Invalid user ib from 106.75.90.101 port 37244 Apr 23 17:55:53 kmh-sql-001-nbg01 sshd[31252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.90.101 Apr 23 17:55:56 kmh-sql-001-nbg01 sshd[31252]: Failed password for invalid user ib from 106.75.90.101 port 37244 ssh2 Apr 23 17:55:57 kmh-sql-001-nbg01 sshd[31252]: Received disconnect from 106.75.90.101 port 37244:11: Bye Bye [preauth] Apr 23 17:55:57 kmh-sql-001-nbg01 sshd[31252]: Disconnected from invalid user ib 106.75.90.101 port 37244 [preauth] Apr 23 18:14:17 kmh-sql-001-nbg01 sshd[2891]: Invalid user wx from 106.75.90.101 port 52978 Apr 23 18:14:17 kmh-sql-001-nbg01 sshd[2891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.90.101 Apr 23 18:14:19 kmh-sql-001-nbg01 sshd[2891]: Failed password for invalid user wx from 106.75.90.101 port........ ------------------------------	2020-04-24 12:45:39
159.192.240.77	attackbotsspam	Unauthorised access (Apr 24) SRC=159.192.240.77 LEN=52 TTL=115 ID=12715 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-24 12:22:42
190.210.182.93	attackspambots	2020-04-2405:56:581jRpST-0006r0-Ld\<=info@whatsup2013.chH=$localhost$[200.192.209.242]:37543P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3185id=28e75102092208009c992f836490baa68142fd@whatsup2013.chT="fromRandolftoterrazasarnold3"forterrazasarnold3@gmail.comoctus_chem@hotmail.com2020-04-2405:57:331jRpT2-0006tG-Bu\<=info@whatsup2013.chH=$localhost$[191.98.155.181]:43052P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3051id=ad8436656e45909cbbfe481bef28222e1d8de64d@whatsup2013.chT="NewlikereceivedfromTrista"forcowboyup51505@gmail.comhelrazor175@gmail.com2020-04-2405:57:231jRpSt-0006sm-A2\<=info@whatsup2013.chH=$localhost$[194.62.184.18]:54092P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3107id=a07ec89b90bb91990500b61afd09233f8a4a8c@whatsup2013.chT="NewlikefromHervey"formf0387638@gmail.comcgav33@yahoo.com2020-04-2405:55:371jRpR3-0006lO-1m\<=info@whatsup2013.chH=\(localho	2020-04-24 12:35:08
27.128.173.87	attackspambots	Apr 24 06:08:38 pve1 sshd[29441]: Failed password for root from 27.128.173.87 port 27157 ssh2 ...	2020-04-24 12:30:04
101.231.154.154	attackbots	Apr 24 06:23:09 plex sshd[7678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.154.154 user=root Apr 24 06:23:11 plex sshd[7678]: Failed password for root from 101.231.154.154 port 7172 ssh2 Apr 24 06:26:58 plex sshd[7859]: Invalid user td from 101.231.154.154 port 7173 Apr 24 06:26:58 plex sshd[7859]: Invalid user td from 101.231.154.154 port 7173	2020-04-24 12:44:03
43.229.254.210	attackbots	3x Failed Password	2020-04-24 12:20:54
14.98.200.167	attack	Invalid user ftpuser from 14.98.200.167 port 33590	2020-04-24 12:16:47

Recently Reported IPs

222.89.128.198	27.3.145.70	61.142.21.44	168.228.114.248
117.172.227.162	192.169.41.80	197.136.23.178	200.108.224.90
209.42.140.144	156.200.150.238	185.57.226.233	171.100.80.230
201.221.126.198	122.142.218.114	189.64.33.112	179.99.28.164
95.213.233.36	1.53.22.167	175.5.173.76	148.70.25.233