178.68.192.242

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC North-West Telecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 178.68.192.242 to port 445	2019-12-18 21:50:08

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 178.68.192.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51721
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;178.68.192.242.			IN	A

;; AUTHORITY SECTION:
.			438	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121800 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 21:50:01 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 242.192.68.178.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.192.68.178.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.219.206.6	attackbotsspam	Brute-force attempt banned	2019-12-06 01:40:19
138.197.162.32	attackbots	Dec 5 15:56:15 fr01 sshd[1045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.162.32 user=smmsp Dec 5 15:56:16 fr01 sshd[1045]: Failed password for smmsp from 138.197.162.32 port 53892 ssh2 Dec 5 16:01:57 fr01 sshd[2176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.162.32 user=root Dec 5 16:01:58 fr01 sshd[2176]: Failed password for root from 138.197.162.32 port 35960 ssh2 ...	2019-12-06 01:56:09
81.28.100.131	attack	Dec 5 17:09:17 grey postfix/smtpd\[22086\]: NOQUEUE: reject: RCPT from sudden.shrewdmhealth.com\[81.28.100.131\]: 554 5.7.1 Service unavailable\; Client host \[81.28.100.131\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[81.28.100.131\]\; from=\ to=\ proto=ESMTP helo=\Dec 5 17:09:17 grey postfix/smtpd\[12433\]: NOQUEUE: reject: RCPT from sudden.shrewdmhealth.com\[81.28.100.131\]: 554 5.7.1 Service unavailable\; Client host \[81.28.100.131\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[81.28.100.131\]\; from=\ to=\ proto=ESMTP helo=\Dec 5 17:09:17 grey postfix/smtpd\[23508\]: NOQUEUE: reject: RCPT from sudden.shrewdmhealth.com\[81.28.100.131\]: 554 5.7.1 Service unavailable\; Client host \[81.28.100.131\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[81.28.100.131\]\; ...	2019-12-06 01:38:53
14.166.176.24	attack	Unauthorized connection attempt from IP address 14.166.176.24 on Port 445(SMB)	2019-12-06 01:43:22
39.79.54.31	attackbots	Unauthorised access (Dec 5) SRC=39.79.54.31 LEN=40 TTL=49 ID=7480 TCP DPT=23 WINDOW=48271 SYN Unauthorised access (Dec 5) SRC=39.79.54.31 LEN=40 TTL=49 ID=7480 TCP DPT=23 WINDOW=48271 SYN	2019-12-06 02:03:07
185.97.114.61	attackspambots	Unauthorized connection attempt from IP address 185.97.114.61 on Port 445(SMB)	2019-12-06 01:55:29
95.71.168.48	attackspambots	Telnet/23 MH Probe, BF, Hack -	2019-12-06 01:51:58
5.183.181.19	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2019-12-06 01:28:07
180.76.96.84	attackspam	Port scan on 4 port(s): 2375 2376 2377 4243	2019-12-06 01:36:24
188.132.168.2	attackspambots	Dec 5 07:18:31 hpm sshd\[23340\]: Invalid user doemer from 188.132.168.2 Dec 5 07:18:31 hpm sshd\[23340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-2-168-132-188.sadecehosting.net Dec 5 07:18:34 hpm sshd\[23340\]: Failed password for invalid user doemer from 188.132.168.2 port 34830 ssh2 Dec 5 07:26:08 hpm sshd\[24064\]: Invalid user sasha from 188.132.168.2 Dec 5 07:26:08 hpm sshd\[24064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-2-168-132-188.sadecehosting.net	2019-12-06 01:32:49
45.80.64.246	attack	Dec 5 12:11:29 plusreed sshd[3550]: Invalid user palmintere from 45.80.64.246 ...	2019-12-06 01:17:08
40.83.170.197	attackbotsspam	Dec 5 18:59:04 ns381471 sshd[16422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.83.170.197 Dec 5 18:59:06 ns381471 sshd[16422]: Failed password for invalid user muhammadta from 40.83.170.197 port 48972 ssh2	2019-12-06 02:05:40
46.218.85.86	attack	Dec 4 19:54:26 liveconfig01 sshd[23863]: Invalid user webmaster from 46.218.85.86 Dec 4 19:54:26 liveconfig01 sshd[23863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.218.85.86 Dec 4 19:54:28 liveconfig01 sshd[23863]: Failed password for invalid user webmaster from 46.218.85.86 port 54242 ssh2 Dec 4 19:54:28 liveconfig01 sshd[23863]: Received disconnect from 46.218.85.86 port 54242:11: Bye Bye [preauth] Dec 4 19:54:28 liveconfig01 sshd[23863]: Disconnected from 46.218.85.86 port 54242 [preauth] Dec 4 20:02:26 liveconfig01 sshd[24286]: Invalid user tomcat from 46.218.85.86 Dec 4 20:02:26 liveconfig01 sshd[24286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.218.85.86 Dec 4 20:02:28 liveconfig01 sshd[24286]: Failed password for invalid user tomcat from 46.218.85.86 port 53944 ssh2 Dec 4 20:02:28 liveconfig01 sshd[24286]: Received disconnect from 46.218.85.86 port 53944:11........ -------------------------------	2019-12-06 01:57:06
54.38.242.233	attackspam	Dec 5 18:34:23 OPSO sshd\[25498\]: Invalid user forsgren from 54.38.242.233 port 42886 Dec 5 18:34:23 OPSO sshd\[25498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.242.233 Dec 5 18:34:25 OPSO sshd\[25498\]: Failed password for invalid user forsgren from 54.38.242.233 port 42886 ssh2 Dec 5 18:39:44 OPSO sshd\[26911\]: Invalid user sales from 54.38.242.233 port 52808 Dec 5 18:39:44 OPSO sshd\[26911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.242.233	2019-12-06 01:45:40
109.110.52.77	attack	Dec 5 19:00:00 cvbnet sshd[24991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.110.52.77 Dec 5 19:00:02 cvbnet sshd[24991]: Failed password for invalid user vmadmin from 109.110.52.77 port 38456 ssh2 ...	2019-12-06 02:01:42

Recently Reported IPs

40.92.72.92	149.34.47.238	122.244.224.238	134.19.217.139
103.31.54.79	63.225.255.237	110.140.230.252	106.12.199.74
123.98.147.154	6.6.113.22	221.61.55.97	19.187.92.98
67.141.19.129	29.94.107.8	201.164.86.247	97.206.92.217
248.50.149.17	120.85.223.161	69.188.102.32	182.185.1.6