5.42.2.48 - IPInfo

Basic Info

City: Kolomna

Region: Moscow Oblast

Country: Russia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.42.21.72	attackspambots	DATE:2020-02-13 14:48:56, IP:5.42.21.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-14 00:04:28
5.42.239.197	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.42.239.197/ SA - 1H : (12) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SA NAME ASN : ASN35753 IP : 5.42.239.197 CIDR : 5.42.238.0/23 PREFIX COUNT : 230 UNIQUE IP COUNT : 194816 ATTACKS DETECTED ASN35753 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 23:53:44 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-19 07:40:51
5.42.226.10	attackspam	2019-07-23T05:56:25.288967abusebot-6.cloudsearch.cf sshd\[876\]: Invalid user ze from 5.42.226.10 port 52470	2019-07-23 14:17:13
5.42.226.10	attackspam	Jul 16 08:53:36 srv-4 sshd\[8178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root Jul 16 08:53:38 srv-4 sshd\[8178\]: Failed password for root from 5.42.226.10 port 48372 ssh2 Jul 16 08:59:07 srv-4 sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root ...	2019-07-16 14:15:53
5.42.226.10	attackspam	Jul 15 23:07:35 srv-4 sshd\[30286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=daemon Jul 15 23:07:37 srv-4 sshd\[30286\]: Failed password for daemon from 5.42.226.10 port 33338 ssh2 Jul 15 23:13:01 srv-4 sshd\[30689\]: Invalid user train5 from 5.42.226.10 Jul 15 23:13:01 srv-4 sshd\[30689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 ...	2019-07-16 04:29:37
5.42.226.10	attackbots	Jul 9 23:35:09 unicornsoft sshd\[15257\]: Invalid user vnc from 5.42.226.10 Jul 9 23:35:09 unicornsoft sshd\[15257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 Jul 9 23:35:11 unicornsoft sshd\[15257\]: Failed password for invalid user vnc from 5.42.226.10 port 43006 ssh2	2019-07-10 08:10:45
5.42.226.10	attack	Reported by AbuseIPDB proxy server.	2019-07-08 02:00:13
5.42.226.10	attackspambots	Jul 5 20:47:17 dedicated sshd[26725]: Invalid user daniel from 5.42.226.10 port 60224	2019-07-06 07:09:43

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.2.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.42.2.48.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020120800 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 08 15:09:29 CST 2020
;; MSG SIZE  rcvd: 113

Host info

48.2.42.5.in-addr.arpa domain name pointer 5-42-2-48.colomna.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.2.42.5.in-addr.arpa	name = 5-42-2-48.colomna.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.195.51.165	attackbots	Oct 18 03:55:06 unicornsoft sshd\[1982\]: Invalid user admin from 196.195.51.165 Oct 18 03:55:06 unicornsoft sshd\[1982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.195.51.165 Oct 18 03:55:08 unicornsoft sshd\[1982\]: Failed password for invalid user admin from 196.195.51.165 port 46954 ssh2	2019-10-18 13:27:42
80.211.67.90	attackbots	Oct 16 01:53:53 eola sshd[24835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.67.90 user=r.r Oct 16 01:53:55 eola sshd[24835]: Failed password for r.r from 80.211.67.90 port 58188 ssh2 Oct 16 01:53:55 eola sshd[24835]: Received disconnect from 80.211.67.90 port 58188:11: Bye Bye [preauth] Oct 16 01:53:55 eola sshd[24835]: Disconnected from 80.211.67.90 port 58188 [preauth] Oct 16 02:02:03 eola sshd[25047]: Invalid user sftp from 80.211.67.90 port 34270 Oct 16 02:02:03 eola sshd[25047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.67.90 Oct 16 02:02:05 eola sshd[25047]: Failed password for invalid user sftp from 80.211.67.90 port 34270 ssh2 Oct 16 02:02:05 eola sshd[25047]: Received disconnect from 80.211.67.90 port 34270:11: Bye Bye [preauth] Oct 16 02:02:05 eola sshd[25047]: Disconnected from 80.211.67.90 port 34270 [preauth] ........ ----------------------------------------------- https://www.blocklist.d	2019-10-18 13:14:32
24.193.65.105	attackbots	Automatic report - Port Scan Attack	2019-10-18 13:51:59
109.194.54.126	attackbots	Invalid user school from 109.194.54.126 port 32978	2019-10-18 13:56:15
79.109.201.161	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/79.109.201.161/ ES - 1H : (54) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN12357 IP : 79.109.201.161 CIDR : 79.109.200.0/21 PREFIX COUNT : 741 UNIQUE IP COUNT : 753664 WYKRYTE ATAKI Z ASN12357 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-18 05:54:39 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-18 13:51:43
219.90.115.237	attack	Automatic report - Banned IP Access	2019-10-18 13:59:06
187.114.137.26	attackspam	Automatic report - Port Scan Attack	2019-10-18 13:46:27
178.128.21.57	attackspambots	Oct 18 05:36:28 venus sshd\[12526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.21.57 user=root Oct 18 05:36:30 venus sshd\[12526\]: Failed password for root from 178.128.21.57 port 35970 ssh2 Oct 18 05:41:07 venus sshd\[12596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.21.57 user=root ...	2019-10-18 13:43:32
36.89.247.26	attackspam	Oct 18 05:36:17 web8 sshd\[29242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.247.26 user=root Oct 18 05:36:20 web8 sshd\[29242\]: Failed password for root from 36.89.247.26 port 48695 ssh2 Oct 18 05:41:31 web8 sshd\[31914\]: Invalid user bookings from 36.89.247.26 Oct 18 05:41:31 web8 sshd\[31914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.247.26 Oct 18 05:41:32 web8 sshd\[31914\]: Failed password for invalid user bookings from 36.89.247.26 port 39776 ssh2	2019-10-18 13:50:47
87.197.166.67	attackspam	Oct 18 06:30:48 ns41 sshd[15425]: Failed password for root from 87.197.166.67 port 56988 ssh2 Oct 18 06:30:48 ns41 sshd[15425]: Failed password for root from 87.197.166.67 port 56988 ssh2	2019-10-18 13:08:58
183.134.199.68	attack	Oct 18 07:43:06 minden010 sshd[15265]: Failed password for root from 183.134.199.68 port 47179 ssh2 Oct 18 07:47:39 minden010 sshd[16754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.134.199.68 Oct 18 07:47:40 minden010 sshd[16754]: Failed password for invalid user fnet from 183.134.199.68 port 55478 ssh2 ...	2019-10-18 13:56:46
23.247.67.11	attack	Oct 18 05:45:48 mxgate1 postfix/postscreen[19384]: CONNECT from [23.247.67.11]:59368 to [176.31.12.44]:25 Oct 18 05:45:48 mxgate1 postfix/dnsblog[19485]: addr 23.247.67.11 listed by domain zen.spamhaus.org as 127.0.0.3 Oct 18 05:45:54 mxgate1 postfix/postscreen[19384]: DNSBL rank 2 for [23.247.67.11]:59368 Oct x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=23.247.67.11	2019-10-18 13:58:36
222.186.173.142	attackspam	Oct 18 07:45:30 dcd-gentoo sshd[18445]: User root from 222.186.173.142 not allowed because none of user's groups are listed in AllowGroups Oct 18 07:45:34 dcd-gentoo sshd[18445]: error: PAM: Authentication failure for illegal user root from 222.186.173.142 Oct 18 07:45:30 dcd-gentoo sshd[18445]: User root from 222.186.173.142 not allowed because none of user's groups are listed in AllowGroups Oct 18 07:45:34 dcd-gentoo sshd[18445]: error: PAM: Authentication failure for illegal user root from 222.186.173.142 Oct 18 07:45:30 dcd-gentoo sshd[18445]: User root from 222.186.173.142 not allowed because none of user's groups are listed in AllowGroups Oct 18 07:45:34 dcd-gentoo sshd[18445]: error: PAM: Authentication failure for illegal user root from 222.186.173.142 Oct 18 07:45:34 dcd-gentoo sshd[18445]: Failed keyboard-interactive/pam for invalid user root from 222.186.173.142 port 24754 ssh2 ...	2019-10-18 13:59:54
147.135.163.81	attackspambots	Oct 16 03:47:46 cumulus sshd[8557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.163.81 user=r.r Oct 16 03:47:48 cumulus sshd[8557]: Failed password for r.r from 147.135.163.81 port 34548 ssh2 Oct 16 03:47:48 cumulus sshd[8557]: Received disconnect from 147.135.163.81 port 34548:11: Bye Bye [preauth] Oct 16 03:47:48 cumulus sshd[8557]: Disconnected from 147.135.163.81 port 34548 [preauth] Oct 16 04:05:38 cumulus sshd[8971]: Invalid user brunhilde from 147.135.163.81 port 56260 Oct 16 04:05:38 cumulus sshd[8971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.163.81 Oct 16 04:05:40 cumulus sshd[8971]: Failed password for invalid user brunhilde from 147.135.163.81 port 56260 ssh2 Oct 16 04:05:40 cumulus sshd[8971]: Received disconnect from 147.135.163.81 port 56260:11: Bye Bye [preauth] Oct 16 04:05:40 cumulus sshd[8971]: Disconnected from 147.135.163.81 port 56260 [preaut........ -------------------------------	2019-10-18 13:19:20
106.54.220.176	attackspambots	Oct 16 10:23:48 h2034429 sshd[16519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.220.176 user=r.r Oct 16 10:23:50 h2034429 sshd[16519]: Failed password for r.r from 106.54.220.176 port 42018 ssh2 Oct 16 10:23:50 h2034429 sshd[16519]: Received disconnect from 106.54.220.176 port 42018:11: Bye Bye [preauth] Oct 16 10:23:50 h2034429 sshd[16519]: Disconnected from 106.54.220.176 port 42018 [preauth] Oct 16 10:43:27 h2034429 sshd[16808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.220.176 user=r.r Oct 16 10:43:29 h2034429 sshd[16808]: Failed password for r.r from 106.54.220.176 port 43818 ssh2 Oct 16 10:43:29 h2034429 sshd[16808]: Received disconnect from 106.54.220.176 port 43818:11: Bye Bye [preauth] Oct 16 10:43:29 h2034429 sshd[16808]: Disconnected from 106.54.220.176 port 43818 [preauth] Oct 16 10:48:02 h2034429 sshd[16853]: pam_unix(sshd:auth): authentication failur........ -------------------------------	2019-10-18 13:21:46

Recently Reported IPs

223.104.63.7	46.34.228.81	192.168.12.4	78.83.159.190
119.82.251.250	196.65.131.238	45.190.253.134	23.14.162.35
223.217.58.9	119.94.129.127	88.136.129.76	52.113.205.55
94.52.99.74	90.151.82.130	125.224.165.206	114.46.5.81
114.41.87.47	223.138.174.21	118.170.143.37	44.235.167.48