78.29.42.75 - IPInfo

Basic Info

City: Chebarkul'

Region: Chelyabinsk

Country: Russia

Internet Service Provider: Intersvyaz-2 JSC

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 78.29.42.75 on Port 445(SMB)	2019-09-29 01:50:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 78.29.42.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25010
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;78.29.42.75.			IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092800 1800 900 604800 86400

;; Query time: 552 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 29 01:50:56 CST 2019
;; MSG SIZE  rcvd: 115

Host info

75.42.29.78.in-addr.arpa domain name pointer pool-78-29-42-75.is74.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
75.42.29.78.in-addr.arpa	name = pool-78-29-42-75.is74.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.6.185.226	attackspam	Listed on zen-spamhaus also barracudaCentral and abuseat.org / proto=6 . srcport=37206 . dstport=8080 . (2351)	2020-09-21 12:07:50
106.12.16.2	attack	SSH Brute Force	2020-09-21 12:06:25
103.146.202.150	attackbots	103.146.202.150 - - \[21/Sep/2020:05:53:40 +0200\] "POST /wp-login.php HTTP/1.0" 200 8308 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.146.202.150 - - \[21/Sep/2020:05:53:44 +0200\] "POST /wp-login.php HTTP/1.0" 200 8128 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.146.202.150 - - \[21/Sep/2020:05:53:47 +0200\] "POST /wp-login.php HTTP/1.0" 200 8121 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-21 12:17:50
221.238.182.3	attackbotsspam	[ssh] SSH attack	2020-09-21 12:21:50
182.116.116.215	attack	Icarus honeypot on github	2020-09-21 12:15:32
50.31.87.253	attack	Port scan denied	2020-09-21 12:26:07
94.102.53.112	attack	Sep 21 01:48:45 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=31180 PROTO=TCP SPT=47405 DPT=56733 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:50:15 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=30201 PROTO=TCP SPT=47405 DPT=54320 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:50:54 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=63633 PROTO=TCP SPT=47405 DPT=55532 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:53:48 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=94.102.53.112 DST=173.212.244.83 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43016 PROTO=TCP SPT=47405 DPT=54571 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 21 01:57:34 ...	2020-09-21 07:58:37
114.67.108.60	attack	Invalid user upload from 114.67.108.60 port 47482	2020-09-21 12:05:53
106.12.186.130	attackspambots	TCP (SYN) 106.12.186.130:43930 -> port 12557, len 44	2020-09-21 12:24:31
121.190.3.139	attack	Brute-force attempt banned	2020-09-21 08:03:13
116.49.242.189	attackbotsspam	Found on CINS badguys / proto=6 . srcport=58573 . dstport=5555 . (2352)	2020-09-21 12:03:19
91.121.116.65	attackbots	ssh brute force	2020-09-21 12:24:58
61.177.172.142	attack	Sep 21 06:05:29 nextcloud sshd\[16766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.142 user=root Sep 21 06:05:31 nextcloud sshd\[16766\]: Failed password for root from 61.177.172.142 port 65077 ssh2 Sep 21 06:05:41 nextcloud sshd\[16766\]: Failed password for root from 61.177.172.142 port 65077 ssh2	2020-09-21 12:11:18
101.99.20.59	attackbots	2020-09-21T03:58:31.981452centos sshd[26941]: Invalid user gnats from 101.99.20.59 port 46252 2020-09-21T03:58:33.659650centos sshd[26941]: Failed password for invalid user gnats from 101.99.20.59 port 46252 ssh2 2020-09-21T04:05:56.464065centos sshd[27344]: Invalid user admin from 101.99.20.59 port 57764 ...	2020-09-21 12:12:32
52.100.173.244	attack	spf=fail (google.com: domain of 4cef9mqfyuft@eikoncg.com does not designate 52.100.173.244 as permitted sender) smtp.mailfrom=4CEF9MQFyUfT@eikoncg.com;	2020-09-21 12:21:36

Recently Reported IPs

245.17.53.201	165.184.178.233	31.52.49.156	201.248.67.246
73.35.3.73	139.88.1.177	61.29.78.142	90.15.27.91
42.225.151.60	113.104.164.166	131.229.158.79	154.123.230.209
93.107.27.234	86.190.196.238	58.122.74.216	107.138.191.219
62.76.111.234	60.169.222.61	41.203.215.170	62.175.214.77