Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Kolomna

Region: Moscow Oblast

Country: Russia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
5.42.21.72 attackspambots
DATE:2020-02-13 14:48:56, IP:5.42.21.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)
2020-02-14 00:04:28
5.42.239.197 attack
IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/5.42.239.197/ 
 
 SA - 1H : (12)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : SA 
 NAME ASN : ASN35753 
 
 IP : 5.42.239.197 
 
 CIDR : 5.42.238.0/23 
 
 PREFIX COUNT : 230 
 
 UNIQUE IP COUNT : 194816 
 
 
 ATTACKS DETECTED ASN35753 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-11-18 23:53:44 
 
 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN  - data recovery
2019-11-19 07:40:51
5.42.226.10 attackspam
2019-07-23T05:56:25.288967abusebot-6.cloudsearch.cf sshd\[876\]: Invalid user ze from 5.42.226.10 port 52470
2019-07-23 14:17:13
5.42.226.10 attackspam
Jul 16 08:53:36 srv-4 sshd\[8178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10  user=root
Jul 16 08:53:38 srv-4 sshd\[8178\]: Failed password for root from 5.42.226.10 port 48372 ssh2
Jul 16 08:59:07 srv-4 sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10  user=root
...
2019-07-16 14:15:53
5.42.226.10 attackspam
Jul 15 23:07:35 srv-4 sshd\[30286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10  user=daemon
Jul 15 23:07:37 srv-4 sshd\[30286\]: Failed password for daemon from 5.42.226.10 port 33338 ssh2
Jul 15 23:13:01 srv-4 sshd\[30689\]: Invalid user train5 from 5.42.226.10
Jul 15 23:13:01 srv-4 sshd\[30689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10
...
2019-07-16 04:29:37
5.42.226.10 attackbots
Jul  9 23:35:09 unicornsoft sshd\[15257\]: Invalid user vnc from 5.42.226.10
Jul  9 23:35:09 unicornsoft sshd\[15257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10
Jul  9 23:35:11 unicornsoft sshd\[15257\]: Failed password for invalid user vnc from 5.42.226.10 port 43006 ssh2
2019-07-10 08:10:45
5.42.226.10 attack
Reported by AbuseIPDB proxy server.
2019-07-08 02:00:13
5.42.226.10 attackspambots
Jul  5 20:47:17 dedicated sshd[26725]: Invalid user daniel from 5.42.226.10 port 60224
2019-07-06 07:09:43
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.2.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.42.2.48.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020120800 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 08 15:09:29 CST 2020
;; MSG SIZE  rcvd: 113

Host info
48.2.42.5.in-addr.arpa domain name pointer 5-42-2-48.colomna.net.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.2.42.5.in-addr.arpa	name = 5-42-2-48.colomna.net.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
196.195.51.165 attackbots
Oct 18 03:55:06 unicornsoft sshd\[1982\]: Invalid user admin from 196.195.51.165
Oct 18 03:55:06 unicornsoft sshd\[1982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.195.51.165
Oct 18 03:55:08 unicornsoft sshd\[1982\]: Failed password for invalid user admin from 196.195.51.165 port 46954 ssh2
2019-10-18 13:27:42
80.211.67.90 attackbots
Oct 16 01:53:53 eola sshd[24835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.67.90  user=r.r
Oct 16 01:53:55 eola sshd[24835]: Failed password for r.r from 80.211.67.90 port 58188 ssh2
Oct 16 01:53:55 eola sshd[24835]: Received disconnect from 80.211.67.90 port 58188:11: Bye Bye [preauth]
Oct 16 01:53:55 eola sshd[24835]: Disconnected from 80.211.67.90 port 58188 [preauth]
Oct 16 02:02:03 eola sshd[25047]: Invalid user sftp from 80.211.67.90 port 34270
Oct 16 02:02:03 eola sshd[25047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.67.90 
Oct 16 02:02:05 eola sshd[25047]: Failed password for invalid user sftp from 80.211.67.90 port 34270 ssh2
Oct 16 02:02:05 eola sshd[25047]: Received disconnect from 80.211.67.90 port 34270:11: Bye Bye [preauth]
Oct 16 02:02:05 eola sshd[25047]: Disconnected from 80.211.67.90 port 34270 [preauth]


........
-----------------------------------------------
https://www.blocklist.d
2019-10-18 13:14:32
24.193.65.105 attackbots
Automatic report - Port Scan Attack
2019-10-18 13:51:59
109.194.54.126 attackbots
Invalid user school from 109.194.54.126 port 32978
2019-10-18 13:56:15
79.109.201.161 attack
IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/79.109.201.161/ 
 ES - 1H : (54)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : ES 
 NAME ASN : ASN12357 
 
 IP : 79.109.201.161 
 
 CIDR : 79.109.200.0/21 
 
 PREFIX COUNT : 741 
 
 UNIQUE IP COUNT : 753664 
 
 
 WYKRYTE ATAKI Z ASN12357 :  
  1H - 1 
  3H - 2 
  6H - 2 
 12H - 2 
 24H - 2 
 
 DateTime : 2019-10-18 05:54:39 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery
2019-10-18 13:51:43
219.90.115.237 attack
Automatic report - Banned IP Access
2019-10-18 13:59:06
187.114.137.26 attackspam
Automatic report - Port Scan Attack
2019-10-18 13:46:27
178.128.21.57 attackspambots
Oct 18 05:36:28 venus sshd\[12526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.21.57  user=root
Oct 18 05:36:30 venus sshd\[12526\]: Failed password for root from 178.128.21.57 port 35970 ssh2
Oct 18 05:41:07 venus sshd\[12596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.21.57  user=root
...
2019-10-18 13:43:32
36.89.247.26 attackspam
Oct 18 05:36:17 web8 sshd\[29242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.247.26  user=root
Oct 18 05:36:20 web8 sshd\[29242\]: Failed password for root from 36.89.247.26 port 48695 ssh2
Oct 18 05:41:31 web8 sshd\[31914\]: Invalid user bookings from 36.89.247.26
Oct 18 05:41:31 web8 sshd\[31914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.247.26
Oct 18 05:41:32 web8 sshd\[31914\]: Failed password for invalid user bookings from 36.89.247.26 port 39776 ssh2
2019-10-18 13:50:47
87.197.166.67 attackspam
Oct 18 06:30:48 ns41 sshd[15425]: Failed password for root from 87.197.166.67 port 56988 ssh2
Oct 18 06:30:48 ns41 sshd[15425]: Failed password for root from 87.197.166.67 port 56988 ssh2
2019-10-18 13:08:58
183.134.199.68 attack
Oct 18 07:43:06 minden010 sshd[15265]: Failed password for root from 183.134.199.68 port 47179 ssh2
Oct 18 07:47:39 minden010 sshd[16754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.199.68
Oct 18 07:47:40 minden010 sshd[16754]: Failed password for invalid user fnet from 183.134.199.68 port 55478 ssh2
...
2019-10-18 13:56:46
23.247.67.11 attack
Oct 18 05:45:48 mxgate1 postfix/postscreen[19384]: CONNECT from [23.247.67.11]:59368 to [176.31.12.44]:25
Oct 18 05:45:48 mxgate1 postfix/dnsblog[19485]: addr 23.247.67.11 listed by domain zen.spamhaus.org as 127.0.0.3
Oct 18 05:45:54 mxgate1 postfix/postscreen[19384]: DNSBL rank 2 for [23.247.67.11]:59368
Oct x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=23.247.67.11
2019-10-18 13:58:36
222.186.173.142 attackspam
Oct 18 07:45:30 dcd-gentoo sshd[18445]: User root from 222.186.173.142 not allowed because none of user's groups are listed in AllowGroups
Oct 18 07:45:34 dcd-gentoo sshd[18445]: error: PAM: Authentication failure for illegal user root from 222.186.173.142
Oct 18 07:45:30 dcd-gentoo sshd[18445]: User root from 222.186.173.142 not allowed because none of user's groups are listed in AllowGroups
Oct 18 07:45:34 dcd-gentoo sshd[18445]: error: PAM: Authentication failure for illegal user root from 222.186.173.142
Oct 18 07:45:30 dcd-gentoo sshd[18445]: User root from 222.186.173.142 not allowed because none of user's groups are listed in AllowGroups
Oct 18 07:45:34 dcd-gentoo sshd[18445]: error: PAM: Authentication failure for illegal user root from 222.186.173.142
Oct 18 07:45:34 dcd-gentoo sshd[18445]: Failed keyboard-interactive/pam for invalid user root from 222.186.173.142 port 24754 ssh2
...
2019-10-18 13:59:54
147.135.163.81 attackspambots
Oct 16 03:47:46 cumulus sshd[8557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.163.81  user=r.r
Oct 16 03:47:48 cumulus sshd[8557]: Failed password for r.r from 147.135.163.81 port 34548 ssh2
Oct 16 03:47:48 cumulus sshd[8557]: Received disconnect from 147.135.163.81 port 34548:11: Bye Bye [preauth]
Oct 16 03:47:48 cumulus sshd[8557]: Disconnected from 147.135.163.81 port 34548 [preauth]
Oct 16 04:05:38 cumulus sshd[8971]: Invalid user brunhilde from 147.135.163.81 port 56260
Oct 16 04:05:38 cumulus sshd[8971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.163.81
Oct 16 04:05:40 cumulus sshd[8971]: Failed password for invalid user brunhilde from 147.135.163.81 port 56260 ssh2
Oct 16 04:05:40 cumulus sshd[8971]: Received disconnect from 147.135.163.81 port 56260:11: Bye Bye [preauth]
Oct 16 04:05:40 cumulus sshd[8971]: Disconnected from 147.135.163.81 port 56260 [preaut........
-------------------------------
2019-10-18 13:19:20
106.54.220.176 attackspambots
Oct 16 10:23:48 h2034429 sshd[16519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.220.176  user=r.r
Oct 16 10:23:50 h2034429 sshd[16519]: Failed password for r.r from 106.54.220.176 port 42018 ssh2
Oct 16 10:23:50 h2034429 sshd[16519]: Received disconnect from 106.54.220.176 port 42018:11: Bye Bye [preauth]
Oct 16 10:23:50 h2034429 sshd[16519]: Disconnected from 106.54.220.176 port 42018 [preauth]
Oct 16 10:43:27 h2034429 sshd[16808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.220.176  user=r.r
Oct 16 10:43:29 h2034429 sshd[16808]: Failed password for r.r from 106.54.220.176 port 43818 ssh2
Oct 16 10:43:29 h2034429 sshd[16808]: Received disconnect from 106.54.220.176 port 43818:11: Bye Bye [preauth]
Oct 16 10:43:29 h2034429 sshd[16808]: Disconnected from 106.54.220.176 port 43818 [preauth]
Oct 16 10:48:02 h2034429 sshd[16853]: pam_unix(sshd:auth): authentication failur........
-------------------------------
2019-10-18 13:21:46

Recently Reported IPs

223.104.63.7 46.34.228.81 192.168.12.4 78.83.159.190
119.82.251.250 196.65.131.238 45.190.253.134 23.14.162.35
223.217.58.9 119.94.129.127 88.136.129.76 52.113.205.55
94.52.99.74 90.151.82.130 125.224.165.206 114.46.5.81
114.41.87.47 223.138.174.21 118.170.143.37 44.235.167.48