5.42.2.48 - IPInfo

Basic Info

City: Kolomna

Region: Moscow Oblast

Country: Russia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.42.21.72	attackspambots	DATE:2020-02-13 14:48:56, IP:5.42.21.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-14 00:04:28
5.42.239.197	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.42.239.197/ SA - 1H : (12) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SA NAME ASN : ASN35753 IP : 5.42.239.197 CIDR : 5.42.238.0/23 PREFIX COUNT : 230 UNIQUE IP COUNT : 194816 ATTACKS DETECTED ASN35753 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 23:53:44 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-19 07:40:51
5.42.226.10	attackspam	2019-07-23T05:56:25.288967abusebot-6.cloudsearch.cf sshd\[876\]: Invalid user ze from 5.42.226.10 port 52470	2019-07-23 14:17:13
5.42.226.10	attackspam	Jul 16 08:53:36 srv-4 sshd\[8178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root Jul 16 08:53:38 srv-4 sshd\[8178\]: Failed password for root from 5.42.226.10 port 48372 ssh2 Jul 16 08:59:07 srv-4 sshd\[8563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root ...	2019-07-16 14:15:53
5.42.226.10	attackspam	Jul 15 23:07:35 srv-4 sshd\[30286\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=daemon Jul 15 23:07:37 srv-4 sshd\[30286\]: Failed password for daemon from 5.42.226.10 port 33338 ssh2 Jul 15 23:13:01 srv-4 sshd\[30689\]: Invalid user train5 from 5.42.226.10 Jul 15 23:13:01 srv-4 sshd\[30689\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 ...	2019-07-16 04:29:37
5.42.226.10	attackbots	Jul 9 23:35:09 unicornsoft sshd\[15257\]: Invalid user vnc from 5.42.226.10 Jul 9 23:35:09 unicornsoft sshd\[15257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 Jul 9 23:35:11 unicornsoft sshd\[15257\]: Failed password for invalid user vnc from 5.42.226.10 port 43006 ssh2	2019-07-10 08:10:45
5.42.226.10	attack	Reported by AbuseIPDB proxy server.	2019-07-08 02:00:13
5.42.226.10	attackspambots	Jul 5 20:47:17 dedicated sshd[26725]: Invalid user daniel from 5.42.226.10 port 60224	2019-07-06 07:09:43

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.2.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.42.2.48.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020120800 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 08 15:09:29 CST 2020
;; MSG SIZE  rcvd: 113

Host info

48.2.42.5.in-addr.arpa domain name pointer 5-42-2-48.colomna.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.2.42.5.in-addr.arpa	name = 5-42-2-48.colomna.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.106.136.71	attackspam	Unauthorized connection attempt detected from IP address 103.106.136.71 to port 26 [J]	2020-01-20 04:24:58
84.193.112.171	attack	Jan 19 13:51:57 mout sshd[15770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.193.112.171 user=pi Jan 19 13:51:58 mout sshd[15770]: Failed password for pi from 84.193.112.171 port 36620 ssh2 Jan 19 13:51:59 mout sshd[15770]: Connection closed by 84.193.112.171 port 36620 [preauth]	2020-01-20 04:26:05
194.67.197.109	attackbotsspam	$f2bV_matches	2020-01-20 03:58:14
83.209.235.59	attack	Unauthorized connection attempt detected from IP address 83.209.235.59 to port 5555 [J]	2020-01-20 04:06:03
194.186.11.147	attackbots	Unauthorized connection attempt detected from IP address 194.186.11.147 to port 2220 [J]	2020-01-20 04:26:24
122.225.22.230	attackbotsspam	Unauthorized connection attempt detected from IP address 122.225.22.230 to port 445 [T]	2020-01-20 04:24:25
67.204.217.189	attack	Unauthorized connection attempt detected from IP address 67.204.217.189 to port 5555 [J]	2020-01-20 04:29:55
83.220.172.181	attack	Honeypot attack, port: 445, PTR: starfut.ru.	2020-01-20 04:18:06
91.239.160.124	attackbotsspam	Honeypot attack, port: 445, PTR: 91-239-160-124.askon.net.ua.	2020-01-20 04:25:41
85.154.108.78	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-20 03:53:08
178.93.61.236	attack	Unauthorized connection attempt detected from IP address 178.93.61.236 to port 23	2020-01-20 03:56:02
113.141.66.227	attackbots	Unauthorized connection attempt detected from IP address 113.141.66.227 to port 1433 [J]	2020-01-20 04:00:15
50.204.227.109	attackbotsspam	Unauthorised access (Jan 19) SRC=50.204.227.109 LEN=40 TTL=237 ID=59939 TCP DPT=1433 WINDOW=1024 SYN	2020-01-20 03:56:14
58.65.135.98	attack	Honeypot attack, port: 445, PTR: mbl-65-135-98.dsl.net.pk.	2020-01-20 04:25:23
119.29.188.169	attackbots	Web Server Attack	2020-01-20 04:12:56

Recently Reported IPs

223.104.63.7	46.34.228.81	192.168.12.4	78.83.159.190
119.82.251.250	196.65.131.238	45.190.253.134	23.14.162.35
223.217.58.9	119.94.129.127	88.136.129.76	52.113.205.55
94.52.99.74	90.151.82.130	125.224.165.206	114.46.5.81
114.41.87.47	223.138.174.21	118.170.143.37	44.235.167.48