80.68.2.194 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Nov 19) SRC=80.68.2.194 LEN=52 TTL=115 ID=1 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-20 01:08:24

Comments on same subnet:

IP	Type	Details	Datetime
80.68.231.70	attackspam	Honeypot attack, port: 445, PTR: ipv4-80-68-231-70.net.internetunion.pl.	2020-07-09 19:42:19
80.68.2.173	attack	Unauthorized connection attempt from IP address 80.68.2.173 on Port 445(SMB)	2020-06-16 02:32:43
80.68.2.100	attackbots	suspicious action Mon, 24 Feb 2020 01:50:40 -0300	2020-02-24 17:06:17
80.68.2.74	attackbots	spam	2020-01-24 17:49:40
80.68.2.100	attack	spam	2020-01-22 18:34:37
80.68.2.74	attackspambots	email spam	2019-12-17 20:44:32
80.68.2.100	attackspam	postfix	2019-11-13 23:26:46
80.68.2.74	attack	postfix	2019-10-07 22:26:19
80.68.2.74	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-12 10:27:36
80.68.2.48	attackbots	Brute force attempt	2019-07-05 06:56:29
80.68.2.74	attack	SMTP Fraud Orders	2019-06-22 19:59:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.68.2.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33683
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.68.2.194.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111900 1800 900 604800 86400

;; Query time: 960 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 20 01:08:17 CST 2019
;; MSG SIZE  rcvd: 115

Host info

194.2.68.80.in-addr.arpa domain name pointer nas2-194.dialup.infotecstt.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
194.2.68.80.in-addr.arpa	name = nas2-194.dialup.infotecstt.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.42.155	attack	Apr 25 00:43:41 vmd38886 sshd\[3904\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root Apr 25 00:43:43 vmd38886 sshd\[3904\]: Failed password for root from 222.186.42.155 port 47658 ssh2 Apr 25 00:43:45 vmd38886 sshd\[3904\]: Failed password for root from 222.186.42.155 port 47658 ssh2	2020-04-25 06:46:57
106.13.181.89	attackspam	SASL PLAIN auth failed: ruser=...	2020-04-25 07:16:42
46.39.20.4	attack	(sshd) Failed SSH login from 46.39.20.4 (RU/Russia/pppoe-4-20-39-46.danpro.ru): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 24 17:31:23 localhost sshd[3015]: Invalid user siudys from 46.39.20.4 port 42647 Apr 24 17:31:24 localhost sshd[3015]: Failed password for invalid user siudys from 46.39.20.4 port 42647 ssh2 Apr 24 17:37:33 localhost sshd[3444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.39.20.4 user=root Apr 24 17:37:34 localhost sshd[3444]: Failed password for root from 46.39.20.4 port 58550 ssh2 Apr 24 17:39:46 localhost sshd[3585]: Invalid user katie from 46.39.20.4 port 49003	2020-04-25 06:43:10
183.89.211.219	attack	'IP reached maximum auth failures for a one day block'	2020-04-25 07:06:49
222.186.30.76	attackspambots	Apr 25 00:48:19 home sshd[15215]: Failed password for root from 222.186.30.76 port 36573 ssh2 Apr 25 00:48:21 home sshd[15215]: Failed password for root from 222.186.30.76 port 36573 ssh2 Apr 25 00:48:23 home sshd[15215]: Failed password for root from 222.186.30.76 port 36573 ssh2 ...	2020-04-25 06:58:04
209.97.160.105	attackbots	SASL PLAIN auth failed: ruser=...	2020-04-25 06:54:42
46.38.144.179	attack	Apr 24 22:59:14 mail postfix/smtpd[57422]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: generic failure Apr 24 22:59:17 mail postfix/smtpd[57425]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: generic failure Apr 24 23:00:32 mail postfix/smtpd[57422]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: generic failure ...	2020-04-25 07:04:53
4.7.94.244	attack	Invalid user test from 4.7.94.244 port 37348	2020-04-25 07:15:03
196.92.6.69	attackbots	Apr 24 22:06:50 mail.srvfarm.net postfix/submission/smtpd[537559]: lost connection after EHLO from unknown[196.92.6.69] Apr 24 22:06:50 mail.srvfarm.net postfix/submission/smtpd[539202]: lost connection after EHLO from unknown[196.92.6.69] Apr 24 22:06:51 mail.srvfarm.net postfix/submission/smtpd[537571]: lost connection after EHLO from unknown[196.92.6.69] Apr 24 22:06:51 mail.srvfarm.net postfix/submission/smtpd[540351]: lost connection after EHLO from unknown[196.92.6.69] Apr 24 22:06:51 mail.srvfarm.net postfix/submission/smtpd[540343]: lost connection after EHLO from unknown[196.92.6.69]	2020-04-25 07:01:06
217.160.214.48	attackbotsspam	2020-04-24T22:43:09.924033shield sshd\[25936\]: Invalid user dev from 217.160.214.48 port 60404 2020-04-24T22:43:09.927885shield sshd\[25936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.214.48 2020-04-24T22:43:12.309451shield sshd\[25936\]: Failed password for invalid user dev from 217.160.214.48 port 60404 ssh2 2020-04-24T22:50:41.793990shield sshd\[26918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.214.48 user=root 2020-04-24T22:50:43.557850shield sshd\[26918\]: Failed password for root from 217.160.214.48 port 58240 ssh2	2020-04-25 07:08:01
222.186.42.136	attackbotsspam	Apr 24 22:41:58 marvibiene sshd[3070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root Apr 24 22:42:00 marvibiene sshd[3070]: Failed password for root from 222.186.42.136 port 55611 ssh2 Apr 24 22:42:01 marvibiene sshd[3070]: Failed password for root from 222.186.42.136 port 55611 ssh2 Apr 24 22:41:58 marvibiene sshd[3070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.136 user=root Apr 24 22:42:00 marvibiene sshd[3070]: Failed password for root from 222.186.42.136 port 55611 ssh2 Apr 24 22:42:01 marvibiene sshd[3070]: Failed password for root from 222.186.42.136 port 55611 ssh2 ...	2020-04-25 06:44:57
213.102.79.17	attackbots	port scan and connect, tcp 23 (telnet)	2020-04-25 07:09:32
217.112.142.16	attackbotsspam	Apr 24 22:32:23 web01.agentur-b-2.de postfix/smtpd[707578]: NOQUEUE: reject: RCPT from unknown[217.112.142.16]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 24 22:32:23 web01.agentur-b-2.de postfix/smtpd[707579]: NOQUEUE: reject: RCPT from unknown[217.112.142.16]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 24 22:34:24 web01.agentur-b-2.de postfix/smtpd[707579]: NOQUEUE: reject: RCPT from unknown[217.112.142.16]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 24 22:34:24 web01.agentur-b-2.de postfix/smtpd[707578]: NOQUEUE: reject: RCPT from unknown[217.112.142.16]: 450 4.7.1 : Helo command rejected: Host not	2020-04-25 06:59:47
113.59.224.45	attack	Invalid user admin from 113.59.224.45 port 38548	2020-04-25 06:56:42
80.82.70.239	attackbots	firewall-block, port(s): 6164/tcp	2020-04-25 07:17:10

Recently Reported IPs

14.169.97.114	182.45.71.248	181.95.3.104	14.100.0.175
182.124.44.147	190.205.121.89	171.227.35.186	138.197.204.57
14.190.33.213	202.189.3.253	5.13.239.39	196.190.28.75
61.246.6.51	197.248.2.229	125.45.9.148	151.53.100.177
49.69.173.133	120.63.23.168	36.82.219.10	80.41.239.105