5.42.2.153 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.42.21.72	attackspambots	DATE:2020-02-13 14:48:56, IP:5.42.21.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-14 00:04:28
5.42.239.197	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.42.239.197/ SA - 1H : (12) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SA NAME ASN : ASN35753 IP : 5.42.239.197 CIDR : 5.42.238.0/23 PREFIX COUNT : 230 UNIQUE IP COUNT : 194816 ATTACKS DETECTED ASN35753 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 23:53:44 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-19 07:40:51
5.42.226.10	attackspam	2019-07-23T05:56:25.288967abusebot-6.cloudsearch.cf sshd\[876\]: Invalid user ze from 5.42.226.10 port 52470	2019-07-23 14:17:13
5.42.226.10	attackspam	Jul 16 08:53:36 srv-4 sshd\[8178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root Jul 16 08:53:38 srv-4 sshd\[8178\]: Failed password for root from 5.42.226.10 port 48372 ssh2 Jul 16 08:59:07 srv-4 sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root ...	2019-07-16 14:15:53
5.42.226.10	attackspam	Jul 15 23:07:35 srv-4 sshd\[30286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=daemon Jul 15 23:07:37 srv-4 sshd\[30286\]: Failed password for daemon from 5.42.226.10 port 33338 ssh2 Jul 15 23:13:01 srv-4 sshd\[30689\]: Invalid user train5 from 5.42.226.10 Jul 15 23:13:01 srv-4 sshd\[30689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 ...	2019-07-16 04:29:37
5.42.226.10	attackbots	Jul 9 23:35:09 unicornsoft sshd\[15257\]: Invalid user vnc from 5.42.226.10 Jul 9 23:35:09 unicornsoft sshd\[15257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 Jul 9 23:35:11 unicornsoft sshd\[15257\]: Failed password for invalid user vnc from 5.42.226.10 port 43006 ssh2	2019-07-10 08:10:45
5.42.226.10	attack	Reported by AbuseIPDB proxy server.	2019-07-08 02:00:13
5.42.226.10	attackspambots	Jul 5 20:47:17 dedicated sshd[26725]: Invalid user daniel from 5.42.226.10 port 60224	2019-07-06 07:09:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.2.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25904
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;5.42.2.153.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021800 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 20:07:12 CST 2025
;; MSG SIZE  rcvd: 103

Host info

153.2.42.5.in-addr.arpa domain name pointer 5-42-2-153.colomna.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
153.2.42.5.in-addr.arpa	name = 5-42-2-153.colomna.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.141.87.109	attackproxy	Malicious IP / Malware	2024-04-29 15:44:49
142.93.62.222	attack	Bad IP	2024-04-30 13:05:00
109.100.143.92	attack	Bad IP	2024-04-25 21:35:40
178.208.90.28	attack	Fraud connect	2024-04-30 20:29:35
206.168.34.132	attackproxy	Malicious IP / Malware	2024-04-25 13:26:12
90.151.171.106	attackproxy	Scan port	2024-04-25 12:53:29
184.105.247.216	attackproxy	Vulnerability Scanner	2024-04-29 19:11:06
176.108.20.34	attack	Fraud connect	2024-05-02 12:56:36
184.105.247.252	attackproxy	RDP bot	2024-04-30 16:55:45
184.105.247.196	attack	Vulnerability Scanner	2024-04-29 19:14:23
71.6.135.131	botsattackproxy	Botnet DB Scanner	2024-04-25 13:12:25
157.245.136.221	botsattackproxy	SSH bot	2024-04-26 12:58:07
84.105.139.82	attack	Vulnerability Scanner	2024-04-28 03:30:32
193.163.125.159	attackproxy	Bad IP	2024-04-26 13:09:02
80.66.76.121	attackproxy	Vulnerability Scanner	2024-04-30 13:02:34

Recently Reported IPs

233.215.139.82	123.171.48.196	185.137.185.5	187.238.180.207
37.248.216.80	190.113.182.47	254.46.27.215	66.180.200.208
136.126.215.176	153.36.91.160	248.207.179.58	211.83.202.175
208.6.137.53	223.144.238.112	173.93.15.30	122.59.197.231
225.189.194.103	95.86.28.161	189.149.152.207	29.245.99.20