5.42.2.48 - IPInfo

Basic Info

City: Kolomna

Region: Moscow Oblast

Country: Russia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
5.42.21.72	attackspambots	DATE:2020-02-13 14:48:56, IP:5.42.21.72, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-14 00:04:28
5.42.239.197	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.42.239.197/ SA - 1H : (12) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : SA NAME ASN : ASN35753 IP : 5.42.239.197 CIDR : 5.42.238.0/23 PREFIX COUNT : 230 UNIQUE IP COUNT : 194816 ATTACKS DETECTED ASN35753 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 23:53:44 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-19 07:40:51
5.42.226.10	attackspam	2019-07-23T05:56:25.288967abusebot-6.cloudsearch.cf sshd\[876\]: Invalid user ze from 5.42.226.10 port 52470	2019-07-23 14:17:13
5.42.226.10	attackspam	Jul 16 08:53:36 srv-4 sshd\[8178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root Jul 16 08:53:38 srv-4 sshd\[8178\]: Failed password for root from 5.42.226.10 port 48372 ssh2 Jul 16 08:59:07 srv-4 sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=root ...	2019-07-16 14:15:53
5.42.226.10	attackspam	Jul 15 23:07:35 srv-4 sshd\[30286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 user=daemon Jul 15 23:07:37 srv-4 sshd\[30286\]: Failed password for daemon from 5.42.226.10 port 33338 ssh2 Jul 15 23:13:01 srv-4 sshd\[30689\]: Invalid user train5 from 5.42.226.10 Jul 15 23:13:01 srv-4 sshd\[30689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 ...	2019-07-16 04:29:37
5.42.226.10	attackbots	Jul 9 23:35:09 unicornsoft sshd\[15257\]: Invalid user vnc from 5.42.226.10 Jul 9 23:35:09 unicornsoft sshd\[15257\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.42.226.10 Jul 9 23:35:11 unicornsoft sshd\[15257\]: Failed password for invalid user vnc from 5.42.226.10 port 43006 ssh2	2019-07-10 08:10:45
5.42.226.10	attack	Reported by AbuseIPDB proxy server.	2019-07-08 02:00:13
5.42.226.10	attackspambots	Jul 5 20:47:17 dedicated sshd[26725]: Invalid user daniel from 5.42.226.10 port 60224	2019-07-06 07:09:43

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.2.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.42.2.48.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020120800 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 08 15:09:29 CST 2020
;; MSG SIZE  rcvd: 113

Host info

48.2.42.5.in-addr.arpa domain name pointer 5-42-2-48.colomna.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.2.42.5.in-addr.arpa	name = 5-42-2-48.colomna.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.126.202.157	attackspam	MYH,DEF GET /wp-login.php	2020-10-08 02:36:36
5.182.211.238	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-10-08 02:45:19
112.85.42.47	attackspambots	Oct 7 18:52:41 localhost sshd[89123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.47 user=root Oct 7 18:52:42 localhost sshd[89123]: Failed password for root from 112.85.42.47 port 57454 ssh2 Oct 7 18:52:45 localhost sshd[89123]: Failed password for root from 112.85.42.47 port 57454 ssh2 Oct 7 18:52:41 localhost sshd[89123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.47 user=root Oct 7 18:52:42 localhost sshd[89123]: Failed password for root from 112.85.42.47 port 57454 ssh2 Oct 7 18:52:45 localhost sshd[89123]: Failed password for root from 112.85.42.47 port 57454 ssh2 Oct 7 18:52:41 localhost sshd[89123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.47 user=root Oct 7 18:52:42 localhost sshd[89123]: Failed password for root from 112.85.42.47 port 57454 ssh2 Oct 7 18:52:45 localhost sshd[89123]: Failed password fo ...	2020-10-08 02:53:04
106.13.228.78	attackbots	20 attempts against mh-misbehave-ban on pole	2020-10-08 02:37:46
64.227.126.134	attackbots	2020-10-07T12:48:35.642432mail.thespaminator.com sshd[21828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.227.126.134 user=root 2020-10-07T12:48:37.528125mail.thespaminator.com sshd[21828]: Failed password for root from 64.227.126.134 port 43666 ssh2 ...	2020-10-08 02:55:20
112.85.42.112	attackspambots	Oct 7 18:18:54 ip-172-31-42-142 sshd\[1762\]: Failed password for root from 112.85.42.112 port 56528 ssh2\ Oct 7 18:18:57 ip-172-31-42-142 sshd\[1762\]: Failed password for root from 112.85.42.112 port 56528 ssh2\ Oct 7 18:19:12 ip-172-31-42-142 sshd\[1767\]: Failed password for root from 112.85.42.112 port 53818 ssh2\ Oct 7 18:19:22 ip-172-31-42-142 sshd\[1767\]: Failed password for root from 112.85.42.112 port 53818 ssh2\ Oct 7 18:19:24 ip-172-31-42-142 sshd\[1767\]: Failed password for root from 112.85.42.112 port 53818 ssh2\	2020-10-08 02:27:57
63.41.9.207	attackspambots	Dear user, The IP address [63.41.9.207] experienced 2 failed attempts when attempting to log into SSH running on AstroParrotsNAS within 5 minutes, and was blocked at Tue Oct 6 14:20:32 2020. From AstroParrotsNAS	2020-10-08 02:33:47
106.52.139.223	attack	Oct 7 16:03:01 scw-6657dc sshd[1843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.139.223 user=root Oct 7 16:03:01 scw-6657dc sshd[1843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.139.223 user=root Oct 7 16:03:03 scw-6657dc sshd[1843]: Failed password for root from 106.52.139.223 port 57736 ssh2 ...	2020-10-08 02:41:06
69.55.49.187	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-07T14:44:21Z and 2020-10-07T14:52:20Z	2020-10-08 02:39:48
193.203.60.61	attackbotsspam	Port scan denied	2020-10-08 02:35:41
59.124.230.138	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 43 - port: 10943 proto: tcp cat: Misc Attackbytes: 60	2020-10-08 03:01:26
103.83.36.101	attackspambots	103.83.36.101 - - [07/Oct/2020:12:20:07 -0600] "GET /wp-login.php HTTP/1.1" 301 4594 "http://www.tbi.equipment/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-08 02:51:05
140.143.1.207	attack	2020-10-07T18:30:16.820568abusebot-7.cloudsearch.cf sshd[14982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.1.207 user=root 2020-10-07T18:30:18.936706abusebot-7.cloudsearch.cf sshd[14982]: Failed password for root from 140.143.1.207 port 37136 ssh2 2020-10-07T18:33:36.088215abusebot-7.cloudsearch.cf sshd[14996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.1.207 user=root 2020-10-07T18:33:37.993757abusebot-7.cloudsearch.cf sshd[14996]: Failed password for root from 140.143.1.207 port 58334 ssh2 2020-10-07T18:36:48.767355abusebot-7.cloudsearch.cf sshd[15010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.1.207 user=root 2020-10-07T18:36:50.697824abusebot-7.cloudsearch.cf sshd[15010]: Failed password for root from 140.143.1.207 port 51286 ssh2 2020-10-07T18:40:09.783049abusebot-7.cloudsearch.cf sshd[15027]: pam_unix(sshd:auth): authe ...	2020-10-08 03:00:28
80.244.179.6	attackspambots	(sshd) Failed SSH login from 80.244.179.6 (GB/United Kingdom/school.asazs.co.uk): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 7 13:12:41 server sshd[16981]: Failed password for root from 80.244.179.6 port 37980 ssh2 Oct 7 13:22:13 server sshd[19286]: Failed password for root from 80.244.179.6 port 41804 ssh2 Oct 7 13:25:09 server sshd[19987]: Failed password for root from 80.244.179.6 port 38632 ssh2 Oct 7 13:28:13 server sshd[20789]: Failed password for root from 80.244.179.6 port 35462 ssh2 Oct 7 13:31:33 server sshd[21565]: Failed password for root from 80.244.179.6 port 60534 ssh2	2020-10-08 03:04:39
52.251.39.67	attackbotsspam	[2020-10-07 16:41:05] SECURITY[5295] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2020-10-07T16:41:05.801+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="",SessionID="1135716333",LocalAddress="IPV4/UDP/51.255.2.242/5060",RemoteAddress="IPV4/UDP/52.251.39.67/5543",Challenge="1602081665/60ef6b0a73f0862268ca43e21f04966e",Response="20a89a556f1b13d21e39356081c3275b",ExpectedResponse="" [2020-10-07 16:41:05] SECURITY[5295] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2020-10-07T16:41:05.852+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="",SessionID="3826012407",LocalAddress="IPV4/UDP/51.255.2.242/5060",RemoteAddress="IPV4/UDP/52.251.39.67/5543",Challenge="1602081665/60ef6b0a73f0862268ca43e21f04966e",Response="e6c9f20450368a272c66f99cf5c4bab0",ExpectedResponse="" [2020-10-07 16:41:05] SECURITY[5295] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2020-10-07T16:41:05.92 ...	2020-10-08 03:01:52

Recently Reported IPs

223.104.63.7	46.34.228.81	192.168.12.4	78.83.159.190
119.82.251.250	196.65.131.238	45.190.253.134	23.14.162.35
223.217.58.9	119.94.129.127	88.136.129.76	52.113.205.55
94.52.99.74	90.151.82.130	125.224.165.206	114.46.5.81
114.41.87.47	223.138.174.21	118.170.143.37	44.235.167.48