80.68.2.194 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Rostelecom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Nov 19) SRC=80.68.2.194 LEN=52 TTL=115 ID=1 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-20 01:08:24

Comments on same subnet:

IP	Type	Details	Datetime
80.68.231.70	attackspam	Honeypot attack, port: 445, PTR: ipv4-80-68-231-70.net.internetunion.pl.	2020-07-09 19:42:19
80.68.2.173	attack	Unauthorized connection attempt from IP address 80.68.2.173 on Port 445(SMB)	2020-06-16 02:32:43
80.68.2.100	attackbots	suspicious action Mon, 24 Feb 2020 01:50:40 -0300	2020-02-24 17:06:17
80.68.2.74	attackbots	spam	2020-01-24 17:49:40
80.68.2.100	attack	spam	2020-01-22 18:34:37
80.68.2.74	attackspambots	email spam	2019-12-17 20:44:32
80.68.2.100	attackspam	postfix	2019-11-13 23:26:46
80.68.2.74	attack	postfix	2019-10-07 22:26:19
80.68.2.74	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-12 10:27:36
80.68.2.48	attackbots	Brute force attempt	2019-07-05 06:56:29
80.68.2.74	attack	SMTP Fraud Orders	2019-06-22 19:59:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.68.2.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33683
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.68.2.194.			IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111900 1800 900 604800 86400

;; Query time: 960 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 20 01:08:17 CST 2019
;; MSG SIZE  rcvd: 115

Host info

194.2.68.80.in-addr.arpa domain name pointer nas2-194.dialup.infotecstt.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
194.2.68.80.in-addr.arpa	name = nas2-194.dialup.infotecstt.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.197.130.133	attackbots	1601411594 - 09/29/2020 22:33:14 Host: 1.197.130.133/1.197.130.133 Port: 445 TCP Blocked	2020-10-01 02:42:29
51.68.121.235	attack	Sep 30 15:32:18 firewall sshd[28054]: Invalid user miao from 51.68.121.235 Sep 30 15:32:20 firewall sshd[28054]: Failed password for invalid user miao from 51.68.121.235 port 49944 ssh2 Sep 30 15:36:55 firewall sshd[28100]: Invalid user testing from 51.68.121.235 ...	2020-10-01 02:42:17
120.92.119.90	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-01 02:11:21
165.227.127.49	attackspambots	165.227.127.49 - - [30/Sep/2020:17:59:54 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 02:14:06
106.12.160.6	attack	2020-09-30T10:45:43+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-10-01 02:34:58
177.45.88.16	attack	Sep 29 22:33:41 andromeda sshd\[41838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.45.88.16 user=root Sep 29 22:33:41 andromeda sshd\[41840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.45.88.16 user=root Sep 29 22:33:43 andromeda sshd\[41838\]: Failed password for root from 177.45.88.16 port 55328 ssh2	2020-10-01 02:30:46
45.142.120.39	attackspam	Sep 30 20:07:08 relay postfix/smtpd\[25402\]: warning: unknown\[45.142.120.39\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 30 20:07:10 relay postfix/smtpd\[20316\]: warning: unknown\[45.142.120.39\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 30 20:07:18 relay postfix/smtpd\[19075\]: warning: unknown\[45.142.120.39\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 30 20:07:24 relay postfix/smtpd\[19078\]: warning: unknown\[45.142.120.39\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 30 20:07:27 relay postfix/smtpd\[18445\]: warning: unknown\[45.142.120.39\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-01 02:21:25
80.174.107.37	attack	Automatic report - Port Scan Attack	2020-10-01 02:35:38
210.245.36.114	attack	Brute forcing RDP port 3389	2020-10-01 02:36:03
186.116.140.180	attackbotsspam	Automatic report - Port Scan Attack	2020-10-01 02:38:31
58.221.162.226	attackbots	$f2bV_matches	2020-10-01 02:41:44
106.12.193.6	attackspam	Invalid user web1 from 106.12.193.6 port 33428	2020-10-01 02:31:33
125.165.222.204	attack	trying to access non-authorized port	2020-10-01 02:34:19
190.90.140.75	attack	TCP (SYN) 190.90.140.75:59017 -> port 445, len 52	2020-10-01 02:18:42
138.68.106.62	attack	[ssh] SSH attack	2020-10-01 02:37:08

Recently Reported IPs

14.169.97.114	182.45.71.248	181.95.3.104	14.100.0.175
182.124.44.147	190.205.121.89	171.227.35.186	138.197.204.57
14.190.33.213	202.189.3.253	5.13.239.39	196.190.28.75
61.246.6.51	197.248.2.229	125.45.9.148	151.53.100.177
49.69.173.133	120.63.23.168	36.82.219.10	80.41.239.105