Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Henan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attackbotsspam
Unauthorised access (Nov 12) SRC=42.239.80.68 LEN=40 TTL=50 ID=59138 TCP DPT=23 WINDOW=29985 SYN
2019-11-13 00:30:15
Comments on same subnet:
IP Type Details Datetime
42.239.80.102 attackspam
Jul  5 00:36:57 xxxxxxx0 sshd[27781]: Invalid user admin from 42.239.80.102 port 47393
Jul  5 00:36:57 xxxxxxx0 sshd[27781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.239.80.102
Jul  5 00:36:59 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2
Jul  5 00:37:01 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2
Jul  5 00:37:03 xxxxxxx0 sshd[27781]: Failed password for invalid user admin from 42.239.80.102 port 47393 ssh2

........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=42.239.80.102
2019-07-05 15:08:19
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.239.80.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27811
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.239.80.68.			IN	A

;; AUTHORITY SECTION:
.			564	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111200 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 13 00:30:04 CST 2019
;; MSG SIZE  rcvd: 116
Host info
68.80.239.42.in-addr.arpa domain name pointer hn.kd.ny.adsl.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
68.80.239.42.in-addr.arpa	name = hn.kd.ny.adsl.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
187.216.2.146 attack
Autoban   187.216.2.146 AUTH/CONNECT
2019-07-22 10:54:31
185.222.211.237 attackbotsspam
Jul 22 05:14:52 relay postfix/smtpd\[13433\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.237\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\
Jul 22 05:14:52 relay postfix/smtpd\[13433\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.237\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\
Jul 22 05:14:52 relay postfix/smtpd\[13433\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.237\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\
Jul 22 05:14:52 relay postfix/smtpd\[13433\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.237\]: 554 5.7.1 \: Relay access denied\; from=\
2019-07-22 11:17:28
13.115.249.125 attackbots
Jul 21 16:26:21 euve59663 sshd[5431]: Invalid user ben from 13.115.249.=
125
Jul 21 16:26:21 euve59663 sshd[5431]: pam_unix(sshd:auth): authenticati=
on failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3Dem3-=
13-115-249-125.ap-northeast-1.compute.amazonaws.com=20
Jul 21 16:26:23 euve59663 sshd[5431]: Failed password for invalid user =
ben from 13.115.249.125 port 38380 ssh2
Jul 21 16:26:23 euve59663 sshd[5431]: Received disconnect from 13.115.2=
49.125: 11: Bye Bye [preauth]
Jul 21 16:53:06 euve59663 sshd[1138]: Connection closed by 13.115.249.1=
25 [preauth]
Jul 21 16:58:49 euve59663 sshd[1211]: Connection closed by 13.115.249.1=
25 [preauth]
Jul 21 17:05:35 euve59663 sshd[29395]: Connection closed by 13.115.249.=
125 [preauth]
Jul 21 17:11:34 euve59663 sshd[29461]: Connection closed by 13.115.249.=
125 [preauth]
Jul 21 17:17:46 euve59663 sshd[29513]: Connection closed by 13.115.249.=
125 [preauth]
Jul 21 17:24:26 euve59663 sshd[29565]: Connection closed ........
-------------------------------
2019-07-22 10:50:58
187.44.88.22 attack
Autoban   187.44.88.22 AUTH/CONNECT
2019-07-22 10:47:30
187.254.105.111 attackbots
Autoban   187.254.105.111 AUTH/CONNECT
2019-07-22 10:51:27
42.51.195.214 attackbots
SASL broute force
2019-07-22 11:29:35
187.237.130.98 attackspambots
Jul 22 05:14:11 fr01 sshd[26988]: Invalid user moodle from 187.237.130.98
...
2019-07-22 11:34:17
103.206.230.2 attack
Jul 22 12:25:58 our-server-hostname postfix/smtpd[4292]: connect from unknown[103.206.230.2]
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=103.206.230.2
2019-07-22 11:32:39
170.76.182.251 attack
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 12:24:04,340 INFO [shellcode_manager] (170.76.182.251) no match, writing hexdump (e59264d9740c97e0183cd514592e43c6 :2384733) - MS17010 (EternalBlue)
2019-07-22 11:24:17
165.90.21.49 attackbots
Jul 22 05:14:24 ArkNodeAT sshd\[14012\]: Invalid user backup2 from 165.90.21.49
Jul 22 05:14:24 ArkNodeAT sshd\[14012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.90.21.49
Jul 22 05:14:26 ArkNodeAT sshd\[14012\]: Failed password for invalid user backup2 from 165.90.21.49 port 31739 ssh2
2019-07-22 11:27:48
187.17.174.245 attackspam
Autoban   187.17.174.245 AUTH/CONNECT
2019-07-22 11:11:07
51.83.33.156 attackbots
Jul 22 05:09:44 SilenceServices sshd[22690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.33.156
Jul 22 05:09:46 SilenceServices sshd[22690]: Failed password for invalid user james from 51.83.33.156 port 44494 ssh2
Jul 22 05:14:10 SilenceServices sshd[27241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.33.156
2019-07-22 11:34:51
109.100.138.62 attack
Jul 22 12:24:20 our-server-hostname postfix/smtpd[21375]: connect from unknown[109.100.138.62]
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x
Jul x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=109.100.138.62
2019-07-22 11:19:30
187.163.75.57 attackbots
Autoban   187.163.75.57 AUTH/CONNECT
2019-07-22 11:10:43
45.35.201.171 attack
Jul 22 05:14:19 mars sshd\[27275\]: Invalid user ok from 45.35.201.171
Jul 22 05:14:19 mars sshd\[27275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.35.201.171
Jul 22 05:14:21 mars sshd\[27275\]: Failed password for invalid user ok from 45.35.201.171 port 34642 ssh2
...
2019-07-22 11:30:05

Recently Reported IPs

219.155.247.27 173.230.226.254 217.164.64.186 223.81.65.62
200.31.253.65 54.218.27.191 30.113.236.62 45.119.215.68
141.8.68.110 43.57.153.189 154.209.197.117 161.251.16.100
170.238.195.19 31.219.214.169 90.225.104.255 87.21.212.73
0.231.206.168 58.90.70.36 150.245.190.163 199.141.36.165