5.42.2.153 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.42.21.72	attackspambots	DATE:2020-02-13 14:48:56, IP:5.42.21.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-14 00:04:28
5.42.239.197	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.42.239.197/ SA - 1H : (12) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SA NAME ASN : ASN35753 IP : 5.42.239.197 CIDR : 5.42.238.0/23 PREFIX COUNT : 230 UNIQUE IP COUNT : 194816 ATTACKS DETECTED ASN35753 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 23:53:44 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-19 07:40:51
5.42.226.10	attackspam	2019-07-23T05:56:25.288967abusebot-6.cloudsearch.cf sshd\[876\]: Invalid user ze from 5.42.226.10 port 52470	2019-07-23 14:17:13
5.42.226.10	attackspam	Jul 16 08:53:36 srv-4 sshd\[8178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root Jul 16 08:53:38 srv-4 sshd\[8178\]: Failed password for root from 5.42.226.10 port 48372 ssh2 Jul 16 08:59:07 srv-4 sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root ...	2019-07-16 14:15:53
5.42.226.10	attackspam	Jul 15 23:07:35 srv-4 sshd\[30286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=daemon Jul 15 23:07:37 srv-4 sshd\[30286\]: Failed password for daemon from 5.42.226.10 port 33338 ssh2 Jul 15 23:13:01 srv-4 sshd\[30689\]: Invalid user train5 from 5.42.226.10 Jul 15 23:13:01 srv-4 sshd\[30689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 ...	2019-07-16 04:29:37
5.42.226.10	attackbots	Jul 9 23:35:09 unicornsoft sshd\[15257\]: Invalid user vnc from 5.42.226.10 Jul 9 23:35:09 unicornsoft sshd\[15257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 Jul 9 23:35:11 unicornsoft sshd\[15257\]: Failed password for invalid user vnc from 5.42.226.10 port 43006 ssh2	2019-07-10 08:10:45
5.42.226.10	attack	Reported by AbuseIPDB proxy server.	2019-07-08 02:00:13
5.42.226.10	attackspambots	Jul 5 20:47:17 dedicated sshd[26725]: Invalid user daniel from 5.42.226.10 port 60224	2019-07-06 07:09:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.2.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25904
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;5.42.2.153.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021800 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 20:07:12 CST 2025
;; MSG SIZE  rcvd: 103

Host info

153.2.42.5.in-addr.arpa domain name pointer 5-42-2-153.colomna.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
153.2.42.5.in-addr.arpa	name = 5-42-2-153.colomna.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.124.143.24	attackspam	Invalid user redmine from 106.124.143.24 port 32920	2020-03-13 07:15:10
222.186.175.154	attack	Mar 13 06:18:21 webhost01 sshd[21413]: Failed password for root from 222.186.175.154 port 44796 ssh2 Mar 13 06:18:36 webhost01 sshd[21413]: Failed password for root from 222.186.175.154 port 44796 ssh2 Mar 13 06:18:36 webhost01 sshd[21413]: error: maximum authentication attempts exceeded for root from 222.186.175.154 port 44796 ssh2 [preauth] ...	2020-03-13 07:19:04
95.94.210.249	attack	Mar 12 22:09:00 vps647732 sshd[30852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.94.210.249 Mar 12 22:09:03 vps647732 sshd[30852]: Failed password for invalid user remote from 95.94.210.249 port 53416 ssh2 ...	2020-03-13 07:40:42
222.186.30.76	attackbotsspam	Mar 13 00:20:29 vps691689 sshd[4283]: Failed password for root from 222.186.30.76 port 17957 ssh2 Mar 13 00:20:32 vps691689 sshd[4283]: Failed password for root from 222.186.30.76 port 17957 ssh2 Mar 13 00:20:34 vps691689 sshd[4283]: Failed password for root from 222.186.30.76 port 17957 ssh2 ...	2020-03-13 07:29:25
132.232.19.197	attackbots	C1,WP GET /wp-login.php	2020-03-13 07:25:10
212.64.40.155	attackbotsspam	Mar 12 23:48:12 ewelt sshd[11120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.40.155 user=root Mar 12 23:48:14 ewelt sshd[11120]: Failed password for root from 212.64.40.155 port 39066 ssh2 Mar 12 23:50:32 ewelt sshd[11241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.40.155 user=bin Mar 12 23:50:34 ewelt sshd[11241]: Failed password for bin from 212.64.40.155 port 47304 ssh2 ...	2020-03-13 07:20:35
116.98.51.251	attack	firewall-block, port(s): 80/tcp	2020-03-13 07:02:39
222.254.30.38	attackspam	SpamScore above: 10.0	2020-03-13 07:30:40
61.177.172.128	attackspam	Mar 13 00:48:24 ift sshd\[7467\]: Failed password for root from 61.177.172.128 port 21044 ssh2Mar 13 00:48:33 ift sshd\[7467\]: Failed password for root from 61.177.172.128 port 21044 ssh2Mar 13 00:48:36 ift sshd\[7467\]: Failed password for root from 61.177.172.128 port 21044 ssh2Mar 13 00:48:42 ift sshd\[7475\]: Failed password for root from 61.177.172.128 port 46537 ssh2Mar 13 00:48:45 ift sshd\[7475\]: Failed password for root from 61.177.172.128 port 46537 ssh2 ...	2020-03-13 07:10:15
120.77.144.239	attack	Probing for installed vulnerable software. 120.77.144.239 - - [12/Mar/2020:21:09:44 +0000] "GET /old/license.txt HTTP/1.1" 403 153 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-13 07:19:26
185.234.219.64	attackbots	Mar 12 22:49:03 mail postfix/smtpd\[4120\]: warning: unknown\[185.234.219.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 12 23:02:12 mail postfix/smtpd\[4415\]: warning: unknown\[185.234.219.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 12 23:15:23 mail postfix/smtpd\[4554\]: warning: unknown\[185.234.219.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Mar 12 23:54:49 mail postfix/smtpd\[5656\]: warning: unknown\[185.234.219.64\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-03-13 07:24:46
64.225.105.117	attackspam	Invalid user tharani from 64.225.105.117 port 36042	2020-03-13 07:08:27
106.13.209.16	attackbots	SSH invalid-user multiple login try	2020-03-13 07:07:46
202.51.110.214	attackbots	Invalid user devel from 202.51.110.214 port 43907	2020-03-13 07:14:25
188.131.128.145	attackspambots	Mar 12 23:34:16 [host] sshd[13616]: pam_unix(sshd: Mar 12 23:34:18 [host] sshd[13616]: Failed passwor Mar 12 23:38:38 [host] sshd[13764]: Invalid user d Mar 12 23:38:38 [host] sshd[13764]: pam_unix(sshd:	2020-03-13 07:17:58

Recently Reported IPs

233.215.139.82	123.171.48.196	185.137.185.5	187.238.180.207
37.248.216.80	190.113.182.47	254.46.27.215	66.180.200.208
136.126.215.176	153.36.91.160	248.207.179.58	211.83.202.175
208.6.137.53	223.144.238.112	173.93.15.30	122.59.197.231
225.189.194.103	95.86.28.161	189.149.152.207	29.245.99.20