5.42.85.60 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: CJSC Kolomna-Sviaz TV

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Port Scan Attack	2019-11-24 07:01:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.42.85.60
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.42.85.60.			IN	A

;; AUTHORITY SECTION:
.			535	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112301 1800 900 604800 86400

;; Query time: 904 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 24 07:01:36 CST 2019
;; MSG SIZE  rcvd: 114

Host info

60.85.42.5.in-addr.arpa domain name pointer 5-42-85-60.colomna.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
60.85.42.5.in-addr.arpa	name = 5-42-85-60.colomna.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.64.114.156	attackspambots	Feb 21 08:26:59 cp sshd[28223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.114.156	2020-02-21 17:22:16
101.71.28.72	attackbotsspam	Feb 21 06:50:58 lukav-desktop sshd\[2423\]: Invalid user cpanel from 101.71.28.72 Feb 21 06:50:58 lukav-desktop sshd\[2423\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.71.28.72 Feb 21 06:51:00 lukav-desktop sshd\[2423\]: Failed password for invalid user cpanel from 101.71.28.72 port 36870 ssh2 Feb 21 06:53:09 lukav-desktop sshd\[3543\]: Invalid user yangx from 101.71.28.72 Feb 21 06:53:09 lukav-desktop sshd\[3543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.71.28.72	2020-02-21 17:12:19
89.248.172.85	attack	Fail2Ban Ban Triggered	2020-02-21 16:54:33
115.76.91.236	attackspambots	Automatic report - Port Scan Attack	2020-02-21 17:00:19
80.23.235.225	attackspambots	Feb 21 09:22:16 web8 sshd\[17664\]: Invalid user HTTP from 80.23.235.225 Feb 21 09:22:16 web8 sshd\[17664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.23.235.225 Feb 21 09:22:18 web8 sshd\[17664\]: Failed password for invalid user HTTP from 80.23.235.225 port 63417 ssh2 Feb 21 09:25:42 web8 sshd\[19412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.23.235.225 user=list Feb 21 09:25:44 web8 sshd\[19412\]: Failed password for list from 80.23.235.225 port 58001 ssh2	2020-02-21 17:29:01
49.232.172.254	attackspam	Feb 21 07:53:52 v22018076622670303 sshd\[29150\]: Invalid user mailman from 49.232.172.254 port 50070 Feb 21 07:53:52 v22018076622670303 sshd\[29150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.172.254 Feb 21 07:53:54 v22018076622670303 sshd\[29150\]: Failed password for invalid user mailman from 49.232.172.254 port 50070 ssh2 ...	2020-02-21 17:14:34
51.77.109.158	attackbotsspam	Feb 21 06:21:41 srv-ubuntu-dev3 sshd[20619]: Invalid user rabbitmq from 51.77.109.158 Feb 21 06:21:41 srv-ubuntu-dev3 sshd[20619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.109.158 Feb 21 06:21:41 srv-ubuntu-dev3 sshd[20619]: Invalid user rabbitmq from 51.77.109.158 Feb 21 06:21:43 srv-ubuntu-dev3 sshd[20619]: Failed password for invalid user rabbitmq from 51.77.109.158 port 49964 ssh2 Feb 21 06:23:59 srv-ubuntu-dev3 sshd[20824]: Invalid user admin from 51.77.109.158 Feb 21 06:23:59 srv-ubuntu-dev3 sshd[20824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.109.158 Feb 21 06:23:59 srv-ubuntu-dev3 sshd[20824]: Invalid user admin from 51.77.109.158 Feb 21 06:24:00 srv-ubuntu-dev3 sshd[20824]: Failed password for invalid user admin from 51.77.109.158 port 38970 ssh2 Feb 21 06:26:29 srv-ubuntu-dev3 sshd[24969]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= ...	2020-02-21 16:53:53
154.13.29.215	attackspambots	Unauthorized connection attempt detected from IP address 154.13.29.215 to port 6379	2020-02-21 16:53:11
85.224.198.0	attackspam	Unauthorized connection attempt detected from IP address 85.224.198.0 to port 5555	2020-02-21 17:06:48
73.158.127.59	attack	2020-02-21T07:53:54.006541 sshd[7203]: Invalid user speech-dispatcher from 73.158.127.59 port 40920 2020-02-21T07:53:54.021118 sshd[7203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.158.127.59 2020-02-21T07:53:54.006541 sshd[7203]: Invalid user speech-dispatcher from 73.158.127.59 port 40920 2020-02-21T07:53:56.249304 sshd[7203]: Failed password for invalid user speech-dispatcher from 73.158.127.59 port 40920 ssh2 ...	2020-02-21 16:56:14
79.13.85.97	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-02-21 17:32:47
192.241.234.244	attackbotsspam	2638/tcp 1400/tcp 26/tcp... [2020-02-16/21]5pkt,5pt.(tcp)	2020-02-21 17:17:09
222.186.180.130	attackspam	Feb 21 09:55:52 localhost sshd\[28579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Feb 21 09:55:55 localhost sshd\[28579\]: Failed password for root from 222.186.180.130 port 18793 ssh2 Feb 21 09:55:57 localhost sshd\[28579\]: Failed password for root from 222.186.180.130 port 18793 ssh2	2020-02-21 17:10:06
179.234.139.98	attackspambots	Feb 20 13:35:03 pl3server sshd[2755]: reveeclipse mapping checking getaddrinfo for b3ea8b62.virtua.com.br [179.234.139.98] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 20 13:35:03 pl3server sshd[2755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.234.139.98 user=www-data Feb 20 13:35:05 pl3server sshd[2755]: Failed password for www-data from 179.234.139.98 port 36960 ssh2 Feb 20 13:35:06 pl3server sshd[2755]: Received disconnect from 179.234.139.98: 11: Bye Bye [preauth] Feb 20 14:20:40 pl3server sshd[17515]: reveeclipse mapping checking getaddrinfo for b3ea8b62.virtua.com.br [179.234.139.98] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 20 14:20:40 pl3server sshd[17515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.234.139.98 user=r.r Feb 20 14:20:42 pl3server sshd[17515]: Failed password for r.r from 179.234.139.98 port 37966 ssh2 Feb 20 14:20:42 pl3server sshd[17515]: Received discon........ -------------------------------	2020-02-21 17:19:35
189.220.202.100	attackbotsspam	189.220.202.100 - - \[20/Feb/2020:20:52:44 -0800\] "POST /index.php/admin/ HTTP/1.1" 404 20574189.220.202.100 - qwerty \[20/Feb/2020:20:52:44 -0800\] "GET /rss/catalog/notifystock/ HTTP/1.1" 401 25189.220.202.100 - - \[20/Feb/2020:20:52:44 -0800\] "POST /index.php/admin/sales_order/ HTTP/1.1" 404 20622 ...	2020-02-21 17:28:10

Recently Reported IPs

192.161.90.125	87.241.169.246	152.136.181.215	94.50.161.3
1.1.242.89	60.169.218.89	190.186.194.71	208.107.218.131
41.146.232.111	41.138.90.91	114.104.184.19	46.116.158.121
190.204.118.151	183.148.158.71	177.204.77.231	175.176.88.247
95.83.51.234	111.241.24.241	1.140.103.77	172.110.30.125