79.142.50.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kazakhstan

Internet Service Provider: Smartnet Too

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 79.142.50.55 on Port 445(SMB)	2019-10-02 08:41:21

Comments on same subnet:

IP	Type	Details	Datetime
79.142.50.23	attackspam	May 6 15:32:12 server2 sshd\[4938\]: Invalid user testuser from 79.142.50.23 May 6 15:32:25 server2 sshd\[4940\]: Invalid user testuser from 79.142.50.23 May 6 15:32:38 server2 sshd\[4946\]: Invalid user testuser from 79.142.50.23 May 6 15:32:52 server2 sshd\[4950\]: Invalid user testuser from 79.142.50.23 May 6 15:33:05 server2 sshd\[4975\]: Invalid user testuser from 79.142.50.23 May 6 15:33:18 server2 sshd\[4977\]: Invalid user testuser from 79.142.50.23	2020-05-06 20:43:33
79.142.50.23	attack	10.03.2020 04:11:09 SSH access blocked by firewall	2020-03-10 12:21:56
79.142.50.23	attack	Mar 9 05:59:05 web9 sshd\[27226\]: Invalid user video from 79.142.50.23 Mar 9 05:59:05 web9 sshd\[27226\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.142.50.23 Mar 9 05:59:06 web9 sshd\[27226\]: Failed password for invalid user video from 79.142.50.23 port 41404 ssh2 Mar 9 06:03:23 web9 sshd\[27767\]: Invalid user plugdev from 79.142.50.23 Mar 9 06:03:23 web9 sshd\[27767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.142.50.23	2020-03-10 00:12:17
79.142.50.23	attackbots	Feb 22 22:30:36 www1 sshd\[24277\]: Invalid user ernesto from 79.142.50.23Feb 22 22:30:39 www1 sshd\[24277\]: Failed password for invalid user ernesto from 79.142.50.23 port 35732 ssh2Feb 22 22:31:36 www1 sshd\[24325\]: Invalid user factorio from 79.142.50.23Feb 22 22:31:38 www1 sshd\[24325\]: Failed password for invalid user factorio from 79.142.50.23 port 57698 ssh2Feb 22 22:32:33 www1 sshd\[24414\]: Invalid user fish from 79.142.50.23Feb 22 22:32:35 www1 sshd\[24414\]: Failed password for invalid user fish from 79.142.50.23 port 51432 ssh2 ...	2020-02-23 04:57:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 79.142.50.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23790
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;79.142.50.55.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100102 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 02 08:41:16 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 55.50.142.79.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.50.142.79.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.206.129.160	attackspambots	Triggered by Fail2Ban at Ares web server	2020-07-31 22:57:43
222.134.240.219	attack	$f2bV_matches	2020-07-31 22:58:27
193.176.86.170	attackbots	fell into ViewStateTrap:madrid	2020-07-31 23:29:35
195.133.48.154	attack	Lines containing failures of 195.133.48.154 (max 1000) Jul 29 01:28:26 UTC__SANYALnet-Labs__cac12 sshd[27891]: Connection from 195.133.48.154 port 59862 on 64.137.176.104 port 22 Jul 29 01:28:28 UTC__SANYALnet-Labs__cac12 sshd[27891]: Address 195.133.48.154 maps to ptr.ruvds.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 29 01:28:28 UTC__SANYALnet-Labs__cac12 sshd[27891]: Invalid user shenchen from 195.133.48.154 port 59862 Jul 29 01:28:28 UTC__SANYALnet-Labs__cac12 sshd[27891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.133.48.154 Jul 29 01:28:30 UTC__SANYALnet-Labs__cac12 sshd[27891]: Failed password for invalid user shenchen from 195.133.48.154 port 59862 ssh2 Jul 29 01:28:30 UTC__SANYALnet-Labs__cac12 sshd[27891]: Received disconnect from 195.133.48.154 port 59862:11: Bye Bye [preauth] Jul 29 01:28:30 UTC__SANYALnet-Labs__cac12 sshd[27891]: Disconnected from 195.133.48.154 port 59862 [p........ ------------------------------	2020-07-31 22:52:51
103.131.71.183	attackbots	(mod_security) mod_security (id:210730) triggered by 103.131.71.183 (VN/Vietnam/bot-103-131-71-183.coccoc.com): 5 in the last 3600 secs	2020-07-31 23:21:12
89.216.47.154	attackspam	Jul 31 16:31:49 abendstille sshd\[13103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.216.47.154 user=root Jul 31 16:31:50 abendstille sshd\[13103\]: Failed password for root from 89.216.47.154 port 38216 ssh2 Jul 31 16:36:10 abendstille sshd\[17368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.216.47.154 user=root Jul 31 16:36:11 abendstille sshd\[17368\]: Failed password for root from 89.216.47.154 port 43791 ssh2 Jul 31 16:40:43 abendstille sshd\[22085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.216.47.154 user=root ...	2020-07-31 22:55:00
54.38.211.228	attack	Trying ports that it shouldn't be.	2020-07-31 23:05:26
191.54.133.31	attack	Automatic report - Port Scan Attack	2020-07-31 23:08:51
51.91.111.73	attackspam	fail2ban -- 51.91.111.73 ...	2020-07-31 22:47:17
104.248.121.165	attackspambots	$f2bV_matches	2020-07-31 23:05:00
117.149.21.145	attackbotsspam	Jul 31 16:08:25 serwer sshd\[8069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 user=root Jul 31 16:08:26 serwer sshd\[8069\]: Failed password for root from 117.149.21.145 port 41697 ssh2 Jul 31 16:12:57 serwer sshd\[8663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.149.21.145 user=root ...	2020-07-31 22:59:18
180.167.225.118	attackspam	Jul 31 14:58:08 rush sshd[12185]: Failed password for root from 180.167.225.118 port 45364 ssh2 Jul 31 15:02:01 rush sshd[12286]: Failed password for root from 180.167.225.118 port 34564 ssh2 ...	2020-07-31 23:18:25
210.71.232.236	attack	Jul 31 12:31:20 scw-focused-cartwright sshd[5914]: Failed password for root from 210.71.232.236 port 57928 ssh2	2020-07-31 22:50:22
107.172.59.107	attackbots	(From eric@talkwithwebvisitor.com) My name’s Eric and I just found your site palmerchiroga.com. It’s got a lot going for it, but here’s an idea to make it even MORE effective. Talk With Web Visitor – CLICK HERE http://www.talkwithwebvisitors.com for a live demo now. Talk With Web Visitor is a software widget that’s works on your site, ready to capture any visitor’s Name, Email address and Phone Number. It signals you the moment they let you know they’re interested – so that you can talk to that lead while they’re literally looking over your site. And once you’ve captured their phone number, with our new SMS Text With Lead feature, you can automatically start a text (SMS) conversation… and if they don’t take you up on your offer then, you can follow up with text messages for new offers, content links, even just “how you doing?” notes to build a relationship. CLICK HERE http://www.talkwithwebvisitors.com to discover what Talk With Web Visitor can do for your business. The difference between c	2020-07-31 23:10:54
194.26.25.80	attackbots	[H1.VM1] Blocked by UFW	2020-07-31 23:03:25

Recently Reported IPs

69.255.31.246	76.118.17.16	63.81.90.160	124.156.200.106
103.51.103.1	94.73.196.209	178.176.161.198	17.66.211.5
88.163.93.225	83.45.169.98	182.71.94.182	181.189.159.70
113.173.195.153	36.67.42.83	187.216.124.50	178.176.175.56
82.42.174.209	37.114.161.182	23.240.11.201	72.120.227.101