175.42.0.137 - IPInfo

Basic Info

City: unknown

Region: Fujian

Country: China

Internet Service Provider: Fuzhou City Fujian Provincial Network of Unicom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5436a5e80de49382 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:38:12

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5436a5e80de49382 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 04:38:12

Comments on same subnet:

IP	Type	Details	Datetime
175.42.0.203	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5437e233fc686cda \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:29:57
175.42.0.159	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5436e99798ac93a6 \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:23:09
175.42.0.157	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54384aa26a5fed3f \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:25:10
175.42.0.52	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f51b2fbbf6c3e \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 00:02:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.42.0.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53545
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.42.0.137.			IN	A

;; AUTHORITY SECTION:
.			334	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 04:38:09 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 137.0.42.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.0.42.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.156.169.7	attackbots	Triggered by Fail2Ban at Ares web server	2020-03-25 04:46:50
186.118.192.22	attack	Email rejected due to spam filtering	2020-03-25 04:44:20
179.109.38.77	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 24-03-2020 18:30:19.	2020-03-25 04:42:34
219.149.190.234	attack	Unauthorized connection attempt from IP address 219.149.190.234 on Port 445(SMB)	2020-03-25 04:32:34
42.200.206.225	attackbots	SSH Brute-Force Attack	2020-03-25 04:36:59
95.24.27.122	attack	Unauthorized connection attempt from IP address 95.24.27.122 on Port 445(SMB)	2020-03-25 04:47:33
182.151.58.230	attackbots	SSH Login Bruteforce	2020-03-25 04:49:14
192.99.70.208	attackbotsspam	Mar 24 21:55:39 lukav-desktop sshd\[482\]: Invalid user nk from 192.99.70.208 Mar 24 21:55:39 lukav-desktop sshd\[482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.70.208 Mar 24 21:55:41 lukav-desktop sshd\[482\]: Failed password for invalid user nk from 192.99.70.208 port 48874 ssh2 Mar 24 21:59:38 lukav-desktop sshd\[4580\]: Invalid user neutron from 192.99.70.208 Mar 24 21:59:38 lukav-desktop sshd\[4580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.70.208	2020-03-25 04:33:36
164.68.127.15	normal	JANGAN LUPA LIKE	2020-03-25 04:52:11
51.158.189.0	attack	Mar 24 13:49:32 askasleikir sshd[1380]: Failed password for invalid user pleomax from 51.158.189.0 port 33596 ssh2 Mar 24 13:39:49 askasleikir sshd[446685]: Failed password for invalid user ghost from 51.158.189.0 port 45966 ssh2 Mar 24 13:23:10 askasleikir sshd[445544]: Failed password for invalid user linux from 51.158.189.0 port 45638 ssh2	2020-03-25 04:52:49
27.3.226.69	attackbots	Automatic report - Port Scan Attack	2020-03-25 04:49:47
198.12.152.199	attackbotsspam	Mar 24 20:51:47 vpn01 sshd[21363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.12.152.199 Mar 24 20:51:49 vpn01 sshd[21363]: Failed password for invalid user admin from 198.12.152.199 port 44670 ssh2 ...	2020-03-25 04:39:36
45.55.210.248	attack	k+ssh-bruteforce	2020-03-25 04:52:36
80.82.70.118	attack	03/24/2020-17:03:29.467482 80.82.70.118 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-25 05:04:34
193.142.146.21	attackbots	2020-03-24T20:47:40.720979shield sshd\[32726\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.142.146.21 user=root 2020-03-24T20:47:42.205883shield sshd\[32726\]: Failed password for root from 193.142.146.21 port 44530 ssh2 2020-03-24T20:47:42.976121shield sshd\[32737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.142.146.21 user=root 2020-03-24T20:47:45.060110shield sshd\[32737\]: Failed password for root from 193.142.146.21 port 42814 ssh2 2020-03-24T20:47:45.836325shield sshd\[32745\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.142.146.21 user=root	2020-03-25 04:48:30

Recently Reported IPs

5.87.248.91	75.65.191.85	172.252.158.50	171.12.10.165
78.71.139.98	150.255.9.232	14.185.107.225	151.29.246.141
191.13.23.100	125.119.220.215	187.189.87.17	190.44.59.36
125.84.176.243	35.164.131.10	83.3.161.171	124.235.138.203
65.164.142.240	168.115.93.254	2.31.231.122	221.140.211.55