5.42.2.48 - IPInfo

Basic Info

City: Kolomna

Region: Moscow Oblast

Country: Russia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.42.21.72	attackspambots	DATE:2020-02-13 14:48:56, IP:5.42.21.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-14 00:04:28
5.42.239.197	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.42.239.197/ SA - 1H : (12) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SA NAME ASN : ASN35753 IP : 5.42.239.197 CIDR : 5.42.238.0/23 PREFIX COUNT : 230 UNIQUE IP COUNT : 194816 ATTACKS DETECTED ASN35753 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 23:53:44 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-19 07:40:51
5.42.226.10	attackspam	2019-07-23T05:56:25.288967abusebot-6.cloudsearch.cf sshd\[876\]: Invalid user ze from 5.42.226.10 port 52470	2019-07-23 14:17:13
5.42.226.10	attackspam	Jul 16 08:53:36 srv-4 sshd\[8178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root Jul 16 08:53:38 srv-4 sshd\[8178\]: Failed password for root from 5.42.226.10 port 48372 ssh2 Jul 16 08:59:07 srv-4 sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root ...	2019-07-16 14:15:53
5.42.226.10	attackspam	Jul 15 23:07:35 srv-4 sshd\[30286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=daemon Jul 15 23:07:37 srv-4 sshd\[30286\]: Failed password for daemon from 5.42.226.10 port 33338 ssh2 Jul 15 23:13:01 srv-4 sshd\[30689\]: Invalid user train5 from 5.42.226.10 Jul 15 23:13:01 srv-4 sshd\[30689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 ...	2019-07-16 04:29:37
5.42.226.10	attackbots	Jul 9 23:35:09 unicornsoft sshd\[15257\]: Invalid user vnc from 5.42.226.10 Jul 9 23:35:09 unicornsoft sshd\[15257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 Jul 9 23:35:11 unicornsoft sshd\[15257\]: Failed password for invalid user vnc from 5.42.226.10 port 43006 ssh2	2019-07-10 08:10:45
5.42.226.10	attack	Reported by AbuseIPDB proxy server.	2019-07-08 02:00:13
5.42.226.10	attackspambots	Jul 5 20:47:17 dedicated sshd[26725]: Invalid user daniel from 5.42.226.10 port 60224	2019-07-06 07:09:43

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.2.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.42.2.48.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020120800 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 08 15:09:29 CST 2020
;; MSG SIZE  rcvd: 113

Host info

48.2.42.5.in-addr.arpa domain name pointer 5-42-2-48.colomna.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.2.42.5.in-addr.arpa	name = 5-42-2-48.colomna.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.123.239.89	attack	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=8192)(10151156)	2019-10-16 01:27:07
58.48.252.18	attackbotsspam	UTC: 2019-10-14 port: 23/tcp	2019-10-16 01:35:01
171.6.206.116	attack	[portscan] tcp/81 [alter-web/web-proxy] in spfbl.net:'listed' *(RWIN=57477)(10151156)	2019-10-16 01:26:04
180.247.219.93	attack	[portscan] tcp/81 [alter-web/web-proxy] in spfbl.net:'listed' *(RWIN=14600)(10151156)	2019-10-16 01:23:03
78.186.185.190	attack	10/15/2019-16:56:30.928786 78.186.185.190 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 77	2019-10-16 01:32:47
159.203.201.21	attack	[portscan] tcp/22 [SSH] *(RWIN=65535)(10151156)	2019-10-16 01:41:35
115.41.28.253	attackbots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=9218)(10151156)	2019-10-16 01:44:52
202.29.221.102	attackspam	[portscan] tcp/1433 [MsSQL] in sorbs:'listed [web], [http], [socks], [misc]' in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 01:20:15
1.175.146.251	attackbotsspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=3550)(10151156)	2019-10-16 01:51:53
124.164.238.31	attackspam	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 01:44:12
119.29.170.120	attack	2019-10-15T11:40:29.331152abusebot-7.cloudsearch.cf sshd\[29930\]: Invalid user chg from 119.29.170.120 port 37514	2019-10-16 01:44:25
159.203.201.146	attackspambots	10/15/2019-14:22:38.113840 159.203.201.146 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-16 01:26:19
146.88.240.4	attack	UDP / 1194	2019-10-16 01:26:37
79.9.121.178	attackbotsspam	[portscan] tcp/81 [alter-web/web-proxy] in spfbl.net:'listed' *(RWIN=14600)(10151156)	2019-10-16 01:47:39
104.199.94.190	attack	UTC: 2019-10-14 port: 465/tcp	2019-10-16 01:30:21

Recently Reported IPs

223.104.63.7	46.34.228.81	192.168.12.4	78.83.159.190
119.82.251.250	196.65.131.238	45.190.253.134	23.14.162.35
223.217.58.9	119.94.129.127	88.136.129.76	52.113.205.55
94.52.99.74	90.151.82.130	125.224.165.206	114.46.5.81
114.41.87.47	223.138.174.21	118.170.143.37	44.235.167.48