46.29.172.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Macedonia

Internet Service Provider: Telesmart Telekom DOO

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Caught in portsentry honeypot	2019-07-11 18:11:50
attackbotsspam	NAME : UltraNet-Bitola CIDR : 46.29.172.128/25 DDoS attack Macedonia - block certain countries :) IP: 46.29.172.242 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-23 20:46:08

Type

Details

Datetime

attack

Caught in portsentry honeypot

2019-07-11 18:11:50

attackbotsspam

NAME : UltraNet-Bitola CIDR : 46.29.172.128/25 DDoS attack Macedonia - block certain countries :) IP: 46.29.172.242  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-06-23 20:46:08

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 46.29.172.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14229
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;46.29.172.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 08 15:11:41 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 242.172.29.46.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 242.172.29.46.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.248.52.82	attackbots	k+ssh-bruteforce	2019-10-10 17:28:15
218.2.113.74	attackbotsspam	3389BruteforceFW21	2019-10-10 17:19:02
34.219.141.74	attack	Bad bot/spoofed identity	2019-10-10 17:55:39
187.107.136.134	attackspambots	Oct 10 10:57:02 mail postfix/smtpd[2488]: warning: unknown[187.107.136.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 10:57:08 mail postfix/smtpd[2696]: warning: unknown[187.107.136.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 11:04:19 mail postfix/smtpd[24541]: warning: unknown[187.107.136.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-10 17:42:30
125.167.245.36	attack	Oct 9 08:37:56 kmh-wsh-001-nbg03 sshd[6886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.167.245.36 user=r.r Oct 9 08:37:58 kmh-wsh-001-nbg03 sshd[6886]: Failed password for r.r from 125.167.245.36 port 48355 ssh2 Oct 9 08:37:58 kmh-wsh-001-nbg03 sshd[6886]: Received disconnect from 125.167.245.36 port 48355:11: Bye Bye [preauth] Oct 9 08:37:58 kmh-wsh-001-nbg03 sshd[6886]: Disconnected from 125.167.245.36 port 48355 [preauth] Oct 9 08:42:27 kmh-wsh-001-nbg03 sshd[7167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.167.245.36 user=r.r Oct 9 08:42:29 kmh-wsh-001-nbg03 sshd[7167]: Failed password for r.r from 125.167.245.36 port 27840 ssh2 Oct 9 08:42:29 kmh-wsh-001-nbg03 sshd[7167]: Received disconnect from 125.167.245.36 port 27840:11: Bye Bye [preauth] Oct 9 08:42:29 kmh-wsh-001-nbg03 sshd[7167]: Disconnected from 125.167.245.36 port 27840 [preauth] Oct 9 08:47:00 ........ -------------------------------	2019-10-10 17:45:39
183.240.157.3	attackspambots	Oct 9 19:58:04 wbs sshd\[32336\]: Invalid user Radio@123 from 183.240.157.3 Oct 9 19:58:04 wbs sshd\[32336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.240.157.3 Oct 9 19:58:06 wbs sshd\[32336\]: Failed password for invalid user Radio@123 from 183.240.157.3 port 59270 ssh2 Oct 9 20:03:37 wbs sshd\[332\]: Invalid user P@\$\$w0rt!qaz from 183.240.157.3 Oct 9 20:03:37 wbs sshd\[332\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.240.157.3	2019-10-10 17:46:26
54.37.158.40	attackspambots	Oct 10 11:34:13 vps691689 sshd[22776]: Failed password for root from 54.37.158.40 port 36648 ssh2 Oct 10 11:38:08 vps691689 sshd[22829]: Failed password for root from 54.37.158.40 port 56556 ssh2 ...	2019-10-10 17:45:01
188.254.0.112	attack	SSH Brute Force, server-1 sshd[17015]: Failed password for root from 188.254.0.112 port 58258 ssh2	2019-10-10 17:19:15
162.247.74.7	attackbots	2019-10-10T09:05:12.513054abusebot.cloudsearch.cf sshd\[11661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=korematsu.tor-exit.calyxinstitute.org user=root	2019-10-10 17:38:48
199.195.249.6	attackspam	Oct 10 08:50:44 venus sshd\[15921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.249.6 user=root Oct 10 08:50:47 venus sshd\[15921\]: Failed password for root from 199.195.249.6 port 38290 ssh2 Oct 10 08:54:37 venus sshd\[15970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.249.6 user=root ...	2019-10-10 17:28:59
37.57.90.48	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/37.57.90.48/ UA - 1H : (46) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : UA NAME ASN : ASN13188 IP : 37.57.90.48 CIDR : 37.57.90.0/24 PREFIX COUNT : 1599 UNIQUE IP COUNT : 409344 WYKRYTE ATAKI Z ASN13188 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-10-10 05:46:57 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-10 17:36:38
177.52.255.128	attack	Oct 9 05:02:12 our-server-hostname postfix/smtpd[15686]: connect from unknown[177.52.255.128] Oct 9 05:02:18 our-server-hostname sqlgrey: grey: new: 177.52.255.128(177.52.255.128), x@x -> x@x Oct 9 05:02:20 our-server-hostname postfix/policy-spf[15060]: : Policy action=PREPEND Received-SPF: none (netwtelecom.com.br: No applicable sender policy available) receiver=x@x Oct x@x Oct 9 05:02:20 our-server-hostname sqlgrey: grey: new: 177.52.255.128(177.52.255.128), x@x -> x@x Oct x@x Oct 9 05:02:21 our-server-hostname sqlgrey: grey: new: 177.52.255.128(177.52.255.128), x@x -> x@x Oct x@x Oct 9 05:02:22 our-server-hostname sqlgrey: grey: new: 177.52.255.128(177.52.255.128), x@x -> x@x Oct x@x Oct 9 05:02:23 our-server-hostname sqlgrey: grey: new: 177.52.255.128(177.52.255.128), x@x -> x@x Oct x@x Oct 9 05:02:24 our-server-hostname sqlgrey: grey: throttling: 177.52.255.128(177.52.255.128), x@x -> x@x Oct x@x Oct 9 05:02:26 our-server-hostname sqlgrey: grey: throttling........ -------------------------------	2019-10-10 17:24:30
202.71.9.242	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/202.71.9.242/ IN - 1H : (104) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN56209 IP : 202.71.9.242 CIDR : 202.71.9.0/24 PREFIX COUNT : 93 UNIQUE IP COUNT : 24064 WYKRYTE ATAKI Z ASN56209 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-10 05:46:22 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-10 17:57:10
186.201.214.163	attack	$f2bV_matches	2019-10-10 17:43:33
219.167.159.86	attack	Unauthorised access (Oct 10) SRC=219.167.159.86 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=20224 TCP DPT=8080 WINDOW=5253 SYN Unauthorised access (Oct 9) SRC=219.167.159.86 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=59169 TCP DPT=8080 WINDOW=58075 SYN Unauthorised access (Oct 7) SRC=219.167.159.86 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=22407 TCP DPT=8080 WINDOW=5253 SYN Unauthorised access (Oct 7) SRC=219.167.159.86 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=18139 TCP DPT=8080 WINDOW=58075 SYN	2019-10-10 17:30:10

Recently Reported IPs

151.27.228.194	106.111.53.20	178.85.78.163	61.164.96.126
186.195.98.191	86.161.109.147	89.46.108.112	72.229.107.150
86.120.117.34	194.99.106.150	49.69.194.79	103.27.236.197
122.210.124.187	185.86.77.163	105.105.154.201	79.178.251.61
217.78.157.95	235.58.102.16	175.216.20.248	1.99.234.1