123.158.49.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Zhejiang Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5417081adc48513e \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:12:19

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5417081adc48513e | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 06:12:19

Comments on same subnet:

IP	Type	Details	Datetime
123.158.49.153	attackbotsspam	Fail2Ban Ban Triggered	2020-04-27 20:54:06
123.158.49.61	attack	Unauthorized connection attempt detected from IP address 123.158.49.61 to port 8081 [J]	2020-03-02 17:11:48
123.158.49.116	attack	Unauthorized connection attempt detected from IP address 123.158.49.116 to port 9090 [T]	2020-01-30 09:02:48
123.158.49.221	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5416912b8c4493fa \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:40:29
123.158.49.98	attackspambots	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:41:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.158.49.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57689
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.158.49.42.			IN	A

;; AUTHORITY SECTION:
.			426	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 06:12:16 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 42.49.158.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.49.158.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.91.238.160	attackspambots	$f2bV_matches	2020-01-23 12:32:07
46.32.228.91	attack	Honeypot attack, port: 445, PTR: 698049.vps-10.com.	2020-01-23 12:29:23
103.255.234.121	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-23 12:10:34
216.218.206.100	attackspambots	Port scan: Attack repeated for 24 hours	2020-01-23 12:31:03
95.45.48.73	attackbotsspam	Honeypot attack, port: 5555, PTR: 95-45-48-73-dynamic.agg2.rcm.rsl-rtd.eircom.net.	2020-01-23 12:35:58
186.93.156.185	attackbots	Honeypot attack, port: 445, PTR: 186-93-156-185.genericrev.cantv.net.	2020-01-23 12:17:18
58.27.132.66	attack	Honeypot attack, port: 445, PTR: 58-27-132-66.wateen.net.	2020-01-23 12:30:38
118.24.120.77	attackbots	Port scan on 2 port(s): 2376 2377	2020-01-23 12:21:40
47.219.96.223	attackspambots	Unauthorized connection attempt detected from IP address 47.219.96.223 to port 80 [J]	2020-01-23 12:23:18
175.138.169.105	attackbots	Unauthorized connection attempt detected from IP address 175.138.169.105 to port 88 [J]	2020-01-23 12:12:26
103.66.196.75	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-23 12:27:18
213.32.92.57	attackbots	Jan 23 04:48:29 sd-53420 sshd\[12395\]: Invalid user rt from 213.32.92.57 Jan 23 04:48:29 sd-53420 sshd\[12395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57 Jan 23 04:48:31 sd-53420 sshd\[12395\]: Failed password for invalid user rt from 213.32.92.57 port 56854 ssh2 Jan 23 04:53:07 sd-53420 sshd\[13096\]: Invalid user dlm from 213.32.92.57 Jan 23 04:53:07 sd-53420 sshd\[13096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57 ...	2020-01-23 12:07:00
91.134.185.83	attackbotsspam	Honeypot attack, port: 5555, PTR: josephine.onyphe.io.	2020-01-23 12:11:15
192.99.47.10	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-23 12:04:41
202.143.111.228	attackbots	01/22/2020-12:16:25.186861 202.143.111.228 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2020-01-23 12:15:54

Recently Reported IPs

217.175.70.221	222.82.52.97	222.82.51.232	56.111.150.231
152.96.163.54	221.13.12.165	221.13.12.76	221.0.21.52
218.62.245.43	205.210.164.245	115.241.202.154	117.82.213.30
203.186.25.39	183.211.73.133	183.157.86.78	182.138.162.253
175.42.1.201	171.12.10.95	150.255.2.207	69.44.9.4