197.50.29.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: TE Data

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Host Scan	2019-12-10 16:20:50

Comments on same subnet:

IP	Type	Details	Datetime
197.50.29.150	attack	Unauthorized connection attempt from IP address 197.50.29.150 on Port 445(SMB)	2020-09-29 19:40:27
197.50.29.150	attackspambots	Honeypot attack, port: 445, PTR: host-197.50.29.150.tedata.net.	2020-04-22 21:01:37
197.50.29.150	attackbots	Scanning random ports - tries to find possible vulnerable services	2020-02-21 09:03:26
197.50.29.150	attack	Unauthorized connection attempt from IP address 197.50.29.150 on Port 445(SMB)	2019-12-25 04:42:04
197.50.29.80	attackspam	Sep 14 06:47:21 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=197.50.29.80, lip=10.140.194.78, TLS: Disconnected, session= Sep 14 06:47:45 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=, method=PLAIN, rip=197.50.29.80, lip=10.140.194.78, TLS, session=<3bxFv32SIwDFMh1Q> Sep 14 06:48:00 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 8 secs): user=, method=PLAIN, rip=197.50.29.80, lip=10.140.194.78, TLS, session=	2019-09-14 20:37:56
197.50.29.80	attackbots	Brute force attempt	2019-07-12 17:04:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.50.29.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2857
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.50.29.54.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121000 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 10 16:20:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

54.29.50.197.in-addr.arpa domain name pointer host-197.50.29.54.tedata.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.29.50.197.in-addr.arpa	name = host-197.50.29.54.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.44.99	attack	Attempts to probe for or exploit a Drupal site on url: /wp-content/uploads/file-manager/log.txt. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-01-04 16:53:02
49.235.171.183	attackbots	Jan 4 07:16:23 localhost sshd\[17258\]: Invalid user kk from 49.235.171.183 port 40264 Jan 4 07:16:23 localhost sshd\[17258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.171.183 Jan 4 07:16:25 localhost sshd\[17258\]: Failed password for invalid user kk from 49.235.171.183 port 40264 ssh2	2020-01-04 16:34:16
176.31.100.19	attackbots	Brute-force attempt banned	2020-01-04 17:02:58
88.132.66.26	attack	Automatic report - SSH Brute-Force Attack	2020-01-04 16:29:19
36.90.82.21	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 04-01-2020 04:50:10.	2020-01-04 16:52:38
49.233.80.20	attackspam	Jan 3 20:33:54 server sshd\[20236\]: Invalid user transfer from 49.233.80.20 Jan 3 20:33:54 server sshd\[20236\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.80.20 Jan 3 20:33:56 server sshd\[20236\]: Failed password for invalid user transfer from 49.233.80.20 port 58966 ssh2 Jan 4 10:39:18 server sshd\[24875\]: Invalid user node from 49.233.80.20 Jan 4 10:39:18 server sshd\[24875\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.80.20 ...	2020-01-04 16:55:53
37.49.230.28	attackbots	\[2020-01-04 03:14:29\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T03:14:29.234-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="099441519460055",SessionID="0x7f0fb405b8f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.28/5060",ACLName="no_extension_match" \[2020-01-04 03:17:57\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T03:17:57.670-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1000441519460055",SessionID="0x7f0fb404d4d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.28/5060",ACLName="no_extension_match" \[2020-01-04 03:21:34\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-04T03:21:34.594-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="16441519460055",SessionID="0x7f0fb405b8f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.28/5060",ACLName="no_extension	2020-01-04 16:27:01
178.170.237.198	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-04 16:50:50
89.207.93.137	attack	Unauthorized connection attempt from IP address 89.207.93.137 on Port 445(SMB)	2020-01-04 16:51:43
81.43.68.66	attackspam	Unauthorized connection attempt detected from IP address 81.43.68.66 to port 445	2020-01-04 16:47:26
171.244.51.114	attack	Jan 4 04:12:14 ws24vmsma01 sshd[82482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.51.114 Jan 4 04:12:16 ws24vmsma01 sshd[82482]: Failed password for invalid user sgw from 171.244.51.114 port 34924 ssh2 ...	2020-01-04 16:28:48
103.143.13.7	attackbots	20/1/3@23:50:48: FAIL: IoT-Telnet address from=103.143.13.7 ...	2020-01-04 16:33:47
218.92.0.145	attackspambots	Jan 3 22:29:41 wbs sshd\[7006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jan 3 22:29:43 wbs sshd\[7006\]: Failed password for root from 218.92.0.145 port 41330 ssh2 Jan 3 22:30:03 wbs sshd\[7006\]: Failed password for root from 218.92.0.145 port 41330 ssh2 Jan 3 22:30:08 wbs sshd\[7053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jan 3 22:30:10 wbs sshd\[7053\]: Failed password for root from 218.92.0.145 port 59341 ssh2	2020-01-04 16:32:51
14.183.14.65	attackbotsspam	SMTP/25/465/587 Probe, BadAuth, SPAM, Hack -	2020-01-04 16:59:40
119.7.169.241	attack	Fail2Ban - FTP Abuse Attempt	2020-01-04 16:26:02

Recently Reported IPs

219.139.154.29	129.204.105.244	140.143.207.171	62.210.232.250
180.247.234.3	123.180.2.92	222.232.45.129	159.138.151.224
124.156.105.251	58.215.215.134	14.174.236.42	35.157.76.164
22.172.124.26	88.249.66.247	183.134.212.18	134.158.188.70
58.105.194.9	60.254.253.153	201.215.176.8	113.74.84.15