80.68.0.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 80.68.0.142 on Port 445(SMB)	2020-02-29 01:22:42
attackspam	445/tcp 445/tcp 445/tcp [2020-01-29/02-11]3pkt	2020-02-11 20:58:23

Comments on same subnet:

IP	Type	Details	Datetime
80.68.0.83	attackspam	20/6/25@23:54:23: FAIL: Alarm-Network address from=80.68.0.83 ...	2020-06-26 14:48:59
80.68.0.89	attack	Unauthorized connection attempt from IP address 80.68.0.89 on Port 445(SMB)	2020-01-15 00:11:04
80.68.0.82	attack	Unauthorized connection attempt from IP address 80.68.0.82 on Port 445(SMB)	2019-09-02 07:31:26

Type

Details

Datetime

80.68.0.83

attackspam

20/6/25@23:54:23: FAIL: Alarm-Network address from=80.68.0.83
...

2020-06-26 14:48:59

80.68.0.89

attack

Unauthorized connection attempt from IP address 80.68.0.89 on Port 445(SMB)

2020-01-15 00:11:04

80.68.0.82

attack

Unauthorized connection attempt from IP address 80.68.0.82 on Port 445(SMB)

2019-09-02 07:31:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.68.0.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.68.0.142.			IN	A

;; AUTHORITY SECTION:
.			324	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021101 1800 900 604800 86400

;; Query time: 214 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 20:58:12 CST 2020
;; MSG SIZE  rcvd: 115

Host info

142.0.68.80.in-addr.arpa domain name pointer 142.0.68.80.donpac.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.0.68.80.in-addr.arpa	name = 142.0.68.80.donpac.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.124.14.220	attackbots	Jun 26 10:54:42 uapps sshd[25326]: Address 177.124.14.220 maps to 220-14-124-177.vivasinternet.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 26 10:54:43 uapps sshd[25326]: Failed password for invalid user virus from 177.124.14.220 port 4831 ssh2 Jun 26 10:54:43 uapps sshd[25326]: Received disconnect from 177.124.14.220: 11: Bye Bye [preauth] Jun 26 11:12:21 uapps sshd[25562]: Address 177.124.14.220 maps to 220-14-124-177.vivasinternet.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 26 11:12:24 uapps sshd[25562]: Failed password for invalid user ts3 from 177.124.14.220 port 4942 ssh2 Jun 26 11:12:24 uapps sshd[25562]: Received disconnect from 177.124.14.220: 11: Bye Bye [preauth] Jun 26 11:14:58 uapps sshd[25601]: Address 177.124.14.220 maps to 220-14-124-177.vivasinternet.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! ........ ----------------------------------------------- https://www.blocklist.de/en/vie	2020-06-28 05:05:46
82.146.45.123	attackbotsspam	Fail2Ban Ban Triggered	2020-06-28 04:30:51
85.93.20.92	attackbotsspam	200627 16:29:52 [Warning] Access denied for user 'root'@'85.93.20.92' (using password: YES) 200627 16:29:57 [Warning] Access denied for user 'admin'@'85.93.20.92' (using password: YES) 200627 16:30:01 [Warning] Access denied for user 'BANKRUPTCY'@'85.93.20.92' (using password: YES) ...	2020-06-28 05:04:04
148.227.227.66	attackbotsspam	Brute-force attempt banned	2020-06-28 04:33:57
49.233.185.109	attackspambots	Jun 27 22:17:03 plex sshd[6299]: Failed password for invalid user camera from 49.233.185.109 port 40024 ssh2 Jun 27 22:17:00 plex sshd[6299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.185.109 Jun 27 22:17:00 plex sshd[6299]: Invalid user camera from 49.233.185.109 port 40024 Jun 27 22:17:03 plex sshd[6299]: Failed password for invalid user camera from 49.233.185.109 port 40024 ssh2 Jun 27 22:21:13 plex sshd[6564]: Invalid user jader from 49.233.185.109 port 32770	2020-06-28 04:28:11
182.141.234.98	attackbots	TCP (SYN) 182.141.234.98:30191 -> port 23, len 40	2020-06-28 04:31:57
192.35.169.25	attackbots	TCP (SYN) 192.35.169.25:61373 -> port 445, len 44	2020-06-28 04:29:44
113.190.255.30	attackspam	[munged]::443 113.190.255.30 - - [27/Jun/2020:22:46:13 +0200] "POST /[munged]: HTTP/1.1" 200 10033 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 113.190.255.30 - - [27/Jun/2020:22:46:14 +0200] "POST /[munged]: HTTP/1.1" 200 6192 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 113.190.255.30 - - [27/Jun/2020:22:46:15 +0200] "POST /[munged]: HTTP/1.1" 200 6192 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 113.190.255.30 - - [27/Jun/2020:22:46:16 +0200] "POST /[munged]: HTTP/1.1" 200 6192 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 113.190.255.30 - - [27/Jun/2020:22:46:17 +0200] "POST /[munged]: HTTP/1.1" 200 6192 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 113.190.255.30 - - [27/Jun/2020:22	2020-06-28 04:52:52
85.93.20.85	attackbots	200627 16:29:54 [Warning] Access denied for user 'ADMIN'@'85.93.20.85' (using password: YES) 200627 16:29:59 [Warning] Access denied for user 'Admin'@'85.93.20.85' (using password: YES) 200627 16:30:03 [Warning] Access denied for user 'bankruptcy'@'85.93.20.85' (using password: YES) ...	2020-06-28 05:01:51
140.203.204.59	attackbotsspam	Invalid user app from 140.203.204.59 port 60154	2020-06-28 04:45:37
186.122.149.144	attack	SSH Brute-Force attacks	2020-06-28 04:39:18
141.98.80.150	attackbotsspam	Jun 27 22:15:14 relay postfix/smtpd\[8544\]: warning: unknown\[141.98.80.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 27 22:15:32 relay postfix/smtpd\[1434\]: warning: unknown\[141.98.80.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 27 22:19:44 relay postfix/smtpd\[8544\]: warning: unknown\[141.98.80.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 27 22:20:03 relay postfix/smtpd\[21099\]: warning: unknown\[141.98.80.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 27 22:22:44 relay postfix/smtpd\[8544\]: warning: unknown\[141.98.80.150\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-28 04:32:14
74.124.24.159	attackbots	Invalid user arie from 74.124.24.159 port 37860	2020-06-28 04:39:31
219.136.243.47	attackbots	Jun 27 22:40:42 vps sshd[340805]: Failed password for invalid user user from 219.136.243.47 port 46696 ssh2 Jun 27 22:43:27 vps sshd[351042]: Invalid user adb from 219.136.243.47 port 36875 Jun 27 22:43:27 vps sshd[351042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.136.243.47 Jun 27 22:43:29 vps sshd[351042]: Failed password for invalid user adb from 219.136.243.47 port 36875 ssh2 Jun 27 22:46:23 vps sshd[366862]: Invalid user Admin from 219.136.243.47 port 55286 ...	2020-06-28 04:52:13
114.141.132.88	attackbots	SSH Brute-Force. Ports scanning.	2020-06-28 04:35:23

Recently Reported IPs

125.25.45.206	119.163.199.123	91.240.63.129	78.87.102.172
171.227.121.178	171.97.42.105	78.58.9.58	217.165.28.139
200.7.124.56	194.85.150.194	189.173.134.155	189.112.40.160
182.232.180.182	177.73.116.54	157.41.165.58	126.23.10.87
121.121.96.235	114.35.151.80	90.254.172.197	79.164.233.69