80.68.0.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 80.68.0.142 on Port 445(SMB)	2020-02-29 01:22:42
attackspam	445/tcp 445/tcp 445/tcp [2020-01-29/02-11]3pkt	2020-02-11 20:58:23

Comments on same subnet:

IP	Type	Details	Datetime
80.68.0.83	attackspam	20/6/25@23:54:23: FAIL: Alarm-Network address from=80.68.0.83 ...	2020-06-26 14:48:59
80.68.0.89	attack	Unauthorized connection attempt from IP address 80.68.0.89 on Port 445(SMB)	2020-01-15 00:11:04
80.68.0.82	attack	Unauthorized connection attempt from IP address 80.68.0.82 on Port 445(SMB)	2019-09-02 07:31:26

Type

Details

Datetime

80.68.0.83

attackspam

20/6/25@23:54:23: FAIL: Alarm-Network address from=80.68.0.83
...

2020-06-26 14:48:59

80.68.0.89

attack

Unauthorized connection attempt from IP address 80.68.0.89 on Port 445(SMB)

2020-01-15 00:11:04

80.68.0.82

attack

Unauthorized connection attempt from IP address 80.68.0.82 on Port 445(SMB)

2019-09-02 07:31:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.68.0.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.68.0.142.			IN	A

;; AUTHORITY SECTION:
.			324	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021101 1800 900 604800 86400

;; Query time: 214 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 20:58:12 CST 2020
;; MSG SIZE  rcvd: 115

Host info

142.0.68.80.in-addr.arpa domain name pointer 142.0.68.80.donpac.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.0.68.80.in-addr.arpa	name = 142.0.68.80.donpac.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
13.68.158.99	attack	May 7 01:59:20 ncomp sshd[16939]: Invalid user testtest from 13.68.158.99 May 7 01:59:20 ncomp sshd[16939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 May 7 01:59:20 ncomp sshd[16939]: Invalid user testtest from 13.68.158.99 May 7 01:59:23 ncomp sshd[16939]: Failed password for invalid user testtest from 13.68.158.99 port 37070 ssh2	2020-05-07 08:29:26
36.111.181.248	attackbotsspam	May 7 00:33:18 ns382633 sshd\[9552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.111.181.248 user=root May 7 00:33:20 ns382633 sshd\[9552\]: Failed password for root from 36.111.181.248 port 50702 ssh2 May 7 00:40:36 ns382633 sshd\[11052\]: Invalid user test from 36.111.181.248 port 56392 May 7 00:40:36 ns382633 sshd\[11052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.111.181.248 May 7 00:40:38 ns382633 sshd\[11052\]: Failed password for invalid user test from 36.111.181.248 port 56392 ssh2	2020-05-07 07:52:19
167.114.115.201	attackbotsspam	May 6 22:11:45 ns382633 sshd\[16630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.115.201 user=root May 6 22:11:48 ns382633 sshd\[16630\]: Failed password for root from 167.114.115.201 port 58918 ssh2 May 6 22:19:30 ns382633 sshd\[17818\]: Invalid user mono from 167.114.115.201 port 54670 May 6 22:19:30 ns382633 sshd\[17818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.115.201 May 6 22:19:32 ns382633 sshd\[17818\]: Failed password for invalid user mono from 167.114.115.201 port 54670 ssh2	2020-05-07 07:52:00
49.235.190.177	attackspam	May 6 23:36:05 inter-technics sshd[30300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.190.177 user=root May 6 23:36:07 inter-technics sshd[30300]: Failed password for root from 49.235.190.177 port 44666 ssh2 May 6 23:37:12 inter-technics sshd[30676]: Invalid user reporter from 49.235.190.177 port 56314 May 6 23:37:12 inter-technics sshd[30676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.190.177 May 6 23:37:12 inter-technics sshd[30676]: Invalid user reporter from 49.235.190.177 port 56314 May 6 23:37:14 inter-technics sshd[30676]: Failed password for invalid user reporter from 49.235.190.177 port 56314 ssh2 ...	2020-05-07 07:55:29
114.118.7.134	attackbotsspam	SSH Brute-Force attacks	2020-05-07 08:17:39
182.61.37.144	attackbots	SASL PLAIN auth failed: ruser=...	2020-05-07 08:16:44
180.101.145.234	attackbots	2020-05-07T08:59:27.305617hermes auth[429059]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=support@gomasy.jp rhost=180.101.145.234 ...	2020-05-07 08:24:16
222.186.180.17	attackbotsspam	May 6 23:40:15 localhost sshd[54854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root May 6 23:40:17 localhost sshd[54854]: Failed password for root from 222.186.180.17 port 5570 ssh2 May 6 23:40:20 localhost sshd[54854]: Failed password for root from 222.186.180.17 port 5570 ssh2 May 6 23:40:15 localhost sshd[54854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root May 6 23:40:17 localhost sshd[54854]: Failed password for root from 222.186.180.17 port 5570 ssh2 May 6 23:40:20 localhost sshd[54854]: Failed password for root from 222.186.180.17 port 5570 ssh2 May 6 23:40:15 localhost sshd[54854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root May 6 23:40:17 localhost sshd[54854]: Failed password for root from 222.186.180.17 port 5570 ssh2 May 6 23:40:20 localhost sshd[54854]: Failed ...	2020-05-07 07:50:11
93.28.14.209	attack	$f2bV_matches	2020-05-07 08:24:49
170.150.72.28	attackbotsspam	2020-05-07T01:59:28.709587 sshd[10989]: Invalid user temp1 from 170.150.72.28 port 49550 2020-05-07T01:59:28.723174 sshd[10989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.150.72.28 2020-05-07T01:59:28.709587 sshd[10989]: Invalid user temp1 from 170.150.72.28 port 49550 2020-05-07T01:59:30.972252 sshd[10989]: Failed password for invalid user temp1 from 170.150.72.28 port 49550 ssh2 ...	2020-05-07 08:17:15
177.136.39.254	attack	May 7 01:02:04 icinga sshd[3846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.136.39.254 May 7 01:02:07 icinga sshd[3846]: Failed password for invalid user lee from 177.136.39.254 port 29705 ssh2 May 7 01:08:34 icinga sshd[13568]: Failed password for root from 177.136.39.254 port 26066 ssh2 ...	2020-05-07 07:37:00
49.235.226.166	attackbotsspam	May 7 00:54:14 PorscheCustomer sshd[13182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.226.166 May 7 00:54:16 PorscheCustomer sshd[13182]: Failed password for invalid user teamspeakserver from 49.235.226.166 port 52540 ssh2 May 7 00:58:16 PorscheCustomer sshd[13329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.226.166 ...	2020-05-07 07:51:26
81.150.67.243	attack	Automatic report - Port Scan Attack	2020-05-07 08:19:40
202.51.103.62	attackbotsspam	Unauthorised access (May 7) SRC=202.51.103.62 LEN=52 TTL=116 ID=13520 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-07 08:18:22
185.132.1.52	attackspam	May 6 04:30:23 XXX sshd[36626]: Invalid user grafana from 185.132.1.52 port 19657	2020-05-07 08:22:28

Recently Reported IPs

125.25.45.206	119.163.199.123	91.240.63.129	78.87.102.172
171.227.121.178	171.97.42.105	78.58.9.58	217.165.28.139
200.7.124.56	194.85.150.194	189.173.134.155	189.112.40.160
182.232.180.182	177.73.116.54	157.41.165.58	126.23.10.87
121.121.96.235	114.35.151.80	90.254.172.197	79.164.233.69