42.239.80.68 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Henan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorised access (Nov 12) SRC=42.239.80.68 LEN=40 TTL=50 ID=59138 TCP DPT=23 WINDOW=29985 SYN	2019-11-13 00:30:15

Comments on same subnet:

IP	Type	Details	Datetime
42.239.80.102	attackspam	Jul 5 00:36:57 xxxxxxx0 sshd[27781]: Invalid user admin from 42.239.80.102 port 47393 Jul 5 00:36:57 xxxxxxx0 sshd[27781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.239.80.102 Jul 5 00:36:59 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2 Jul 5 00:37:01 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2 Jul 5 00:37:03 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.239.80.102	2019-07-05 15:08:19

Type

Details

Datetime

42.239.80.102

attackspam

Jul  5 00:36:57 xxxxxxx0 sshd[27781]: Invalid user admin from 42.239.80.102 port 47393
Jul  5 00:36:57 xxxxxxx0 sshd[27781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.239.80.102
Jul  5 00:36:59 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2
Jul  5 00:37:01 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2
Jul  5 00:37:03 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=42.239.80.102

2019-07-05 15:08:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.239.80.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27811
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.239.80.68.			IN	A

;; AUTHORITY SECTION:
.			564	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111200 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 13 00:30:04 CST 2019
;; MSG SIZE  rcvd: 116

Host info

68.80.239.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
68.80.239.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.64.54.207	attackspam	Unauthorized connection attempt from IP address 61.64.54.207 on Port 445(SMB)	2020-09-07 15:14:12
61.177.172.61	attack	Sep 7 09:06:16 nextcloud sshd\[28801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.61 user=root Sep 7 09:06:17 nextcloud sshd\[28801\]: Failed password for root from 61.177.172.61 port 7403 ssh2 Sep 7 09:06:39 nextcloud sshd\[29248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.61 user=root	2020-09-07 15:07:06
194.190.67.209	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 14:41:54
95.152.30.49	attack	Honeypot attack, port: 445, PTR: host-95-152-30-49.dsl.sura.ru.	2020-09-07 15:08:36
68.183.107.155	attack	TCP (SYN) 68.183.107.155:44090 -> port 23, len 40	2020-09-07 15:02:59
106.1.112.93	attack	Port Scan detected! ...	2020-09-07 15:16:07
180.190.238.157	attackbotsspam	Scanned 3 times in the last 24 hours on port 22	2020-09-07 14:45:59
106.12.38.231	attackbots	Sep 6 20:07:29 sachi sshd\[24363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.231 user=root Sep 6 20:07:31 sachi sshd\[24363\]: Failed password for root from 106.12.38.231 port 45422 ssh2 Sep 6 20:11:21 sachi sshd\[24724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.231 user=root Sep 6 20:11:23 sachi sshd\[24724\]: Failed password for root from 106.12.38.231 port 33502 ssh2 Sep 6 20:15:05 sachi sshd\[24984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.38.231 user=root	2020-09-07 14:43:03
113.88.192.97	attackbots	Icarus honeypot on github	2020-09-07 14:43:34
222.186.173.154	attackspam	Sep 7 08:50:37 vps639187 sshd\[21686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Sep 7 08:50:39 vps639187 sshd\[21686\]: Failed password for root from 222.186.173.154 port 39244 ssh2 Sep 7 08:50:43 vps639187 sshd\[21686\]: Failed password for root from 222.186.173.154 port 39244 ssh2 ...	2020-09-07 14:53:34
218.92.0.248	attack	Sep 7 10:05:29 ift sshd\[61814\]: Failed password for root from 218.92.0.248 port 46229 ssh2Sep 7 10:05:32 ift sshd\[61814\]: Failed password for root from 218.92.0.248 port 46229 ssh2Sep 7 10:05:50 ift sshd\[61871\]: Failed password for root from 218.92.0.248 port 7926 ssh2Sep 7 10:06:01 ift sshd\[61871\]: Failed password for root from 218.92.0.248 port 7926 ssh2Sep 7 10:06:05 ift sshd\[61871\]: Failed password for root from 218.92.0.248 port 7926 ssh2 ...	2020-09-07 15:10:16
218.92.0.247	attack	Sep 7 11:38:13 gw1 sshd[4793]: Failed password for root from 218.92.0.247 port 63229 ssh2 Sep 7 11:38:26 gw1 sshd[4793]: error: maximum authentication attempts exceeded for root from 218.92.0.247 port 63229 ssh2 [preauth] ...	2020-09-07 14:41:16
132.232.11.218	attackbots	Sep 07 00:52:55 askasleikir sshd[71253]: Failed password for root from 132.232.11.218 port 59128 ssh2	2020-09-07 14:37:43
167.248.133.26	attackbots	TCP (SYN) 167.248.133.26:61089 -> port 88, len 44	2020-09-07 15:18:02
218.249.73.36	attackspam	Sep 7 08:52:52 srv-ubuntu-dev3 sshd[46443]: Invalid user vnc from 218.249.73.36 Sep 7 08:52:52 srv-ubuntu-dev3 sshd[46443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.249.73.36 Sep 7 08:52:52 srv-ubuntu-dev3 sshd[46443]: Invalid user vnc from 218.249.73.36 Sep 7 08:52:54 srv-ubuntu-dev3 sshd[46443]: Failed password for invalid user vnc from 218.249.73.36 port 32782 ssh2 Sep 7 08:56:37 srv-ubuntu-dev3 sshd[46860]: Invalid user test from 218.249.73.36 Sep 7 08:56:37 srv-ubuntu-dev3 sshd[46860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.249.73.36 Sep 7 08:56:37 srv-ubuntu-dev3 sshd[46860]: Invalid user test from 218.249.73.36 Sep 7 08:56:40 srv-ubuntu-dev3 sshd[46860]: Failed password for invalid user test from 218.249.73.36 port 52076 ssh2 Sep 7 09:00:21 srv-ubuntu-dev3 sshd[47318]: Invalid user tom from 218.249.73.36 ...	2020-09-07 15:15:08

Recently Reported IPs

219.155.247.27	173.230.226.254	217.164.64.186	223.81.65.62
200.31.253.65	54.218.27.191	30.113.236.62	45.119.215.68
141.8.68.110	43.57.153.189	154.209.197.117	161.251.16.100
170.238.195.19	31.219.214.169	90.225.104.255	87.21.212.73
0.231.206.168	58.90.70.36	150.245.190.163	199.141.36.165