5.196.42.123 Threat Intelligence and Host Information

Aug 31, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 5.196.42.123 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: France
  • Network:
  • Noticed: 29 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: cpcontacts.mojostar.co.in mojostar.co.in cpcalendars.mojostar.co.in uksmartcitydevelop.work sokolagd.pl eltima.in ip123.ip-5-196-42.eu

Malware Detected on Host

Count: 9 90c08e92e055be1aa8cfe1bb99b93cc90520e603601b14217770bb3903998567 bb4465094a833757e8592fff0566a9d09fab8dd94045739b8d13d417dfca76c8 33d5089fb58841e1a0beb1e41ed211fdb44e997807483823ac33f0720d22a155 47101d60a0a913ebb25a03bd79988e574b7220bf4330d025a7da8bce35e1367c 935cab1f3468bf07354dbd1aba24ccbf0fea24c32b7a32d9ce809b5da6b06aff 46243fe3b9227486648897b474bdd77cfa9f460510688f820ab12637e4a7717d 76004c97570d48b02e86ae263cd420bdbeb58ee7fcdcf36ffd46fa845fb1339e 47562e4b4f2fa3ec025d44c3b8f5ea6d0f6315427ef4a49d290e1c66881a6f75 711eadfca364ed480c3b8609563179153da4ecc3fa8c9527efabac1d182ae444

Map

Whois Information

  • inetnum: 5.196.0.0 - 5.196.255.255
  • netname: FR-OVH-20120823
  • country: FR
  • org: ORG-OS3-RIPE
  • admin-c: OK217-RIPE
  • tech-c: OTC2-RIPE
  • status: ALLOCATED PA
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: OVH-MNT
  • mnt-routes: OVH-MNT
  • mnt-domains: OVH-MNT
  • created: 2014-08-15T12:25:19Z
  • last-modified: 2017-01-11T08:00:11Z
  • organisation: ORG-OS3-RIPE
  • org-name: OVH SAS
  • country: FR
  • org-type: LIR
  • address: 2 rue Kellermann
  • address: 59100
  • address: Roubaix
  • address: FRANCE
  • phone: +33972101007
  • admin-c: OTC2-RIPE
  • admin-c: OK217-RIPE
  • admin-c: GM84-RIPE
  • abuse-c: AR15333-RIPE
  • mnt-ref: OVH-MNT
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: OVH-MNT
  • created: 2004-04-17T11:23:17Z
  • last-modified: 2020-12-16T10:24:51Z
  • role: OVH Technical Contact
  • address: OVH SAS
  • address: 2 rue Kellermann
  • address: 59100 Roubaix
  • address: France
  • admin-c: OK217-RIPE
  • tech-c: GM84-RIPE
  • tech-c: SL10162-RIPE
  • nic-hdl: OTC2-RIPE
  • abuse-mailbox: abuse@ovh.net
  • mnt-by: OVH-MNT
  • created: 2004-01-28T17:42:29Z
  • last-modified: 2014-09-05T10:47:15Z
  • person: Octave Klaba
  • address: OVH SAS
  • address: 2 rue Kellermann
  • address: 59100 Roubaix
  • address: France
  • phone: +33 9 74 53 13 23
  • nic-hdl: OK217-RIPE
  • mnt-by: OVH-MNT
  • created: 1970-01-01T00:00:00Z
  • last-modified: 2017-10-30T21:44:51Z
  • route: 5.196.0.0/16
  • descr: OVH
  • origin: AS16276
  • mnt-by: OVH-MNT
  • created: 2014-08-15T12:51:31Z
  • last-modified: 2014-08-15T12:51:31Z

Links to attack logs

****** bruteforce-ip-list-2020-02-09 ****** bruteforce-ip-list-2019-12-24 ******

Share on: