175.42.0.137 - IPInfo

Basic Info

City: unknown

Region: Fujian

Country: China

Internet Service Provider: Fuzhou City Fujian Provincial Network of Unicom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5436a5e80de49382 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:38:12

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5436a5e80de49382 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 04:38:12

Comments on same subnet:

IP	Type	Details	Datetime
175.42.0.203	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5437e233fc686cda \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:29:57
175.42.0.159	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5436e99798ac93a6 \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:23:09
175.42.0.157	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54384aa26a5fed3f \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:25:10
175.42.0.52	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f51b2fbbf6c3e \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 00:02:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.42.0.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53545
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.42.0.137.			IN	A

;; AUTHORITY SECTION:
.			334	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 04:38:09 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 137.0.42.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.0.42.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
197.185.103.93	attackspam	Email Spam	2020-07-09 04:35:28
157.7.44.144	attack	Automatic report - Banned IP Access	2020-07-09 04:11:44
185.143.73.148	attackbots	Rude login attack (1882 tries in 1d)	2020-07-09 04:04:34
66.249.66.80	attack	Automatic report - Banned IP Access	2020-07-09 04:23:46
216.45.23.6	attack	Jul 8 20:59:31 rocket sshd[31357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.45.23.6 Jul 8 20:59:33 rocket sshd[31357]: Failed password for invalid user xerox from 216.45.23.6 port 45706 ssh2 ...	2020-07-09 04:08:32
52.178.134.11	attack	Jul 8 23:15:32 journals sshd\[32608\]: Invalid user adams from 52.178.134.11 Jul 8 23:15:32 journals sshd\[32608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.178.134.11 Jul 8 23:15:34 journals sshd\[32608\]: Failed password for invalid user adams from 52.178.134.11 port 61363 ssh2 Jul 8 23:18:58 journals sshd\[33010\]: Invalid user arias from 52.178.134.11 Jul 8 23:18:58 journals sshd\[33010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.178.134.11 ...	2020-07-09 04:20:00
122.51.130.21	attackbotsspam	Jul 9 06:02:55 NG-HHDC-SVS-001 sshd[30157]: Invalid user student from 122.51.130.21 ...	2020-07-09 04:19:47
123.142.108.122	attack	Jul 8 21:02:31 ajax sshd[3829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.142.108.122 Jul 8 21:02:34 ajax sshd[3829]: Failed password for invalid user chentangming from 123.142.108.122 port 51394 ssh2	2020-07-09 04:34:32
185.86.80.114	attackbots	Jul 8 20:28:31 web01.agentur-b-2.de postfix/smtpd[565640]: NOQUEUE: reject: RCPT from unknown[185.86.80.114]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Jul 8 20:28:57 web01.agentur-b-2.de postfix/smtpd[567037]: NOQUEUE: reject: RCPT from unknown[185.86.80.114]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Jul 8 20:30:51 web01.agentur-b-2.de postfix/smtpd[565674]: NOQUEUE: reject: RCPT from unknown[185.86.80.114]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=	2020-07-09 04:06:15
94.25.181.150	attackspam	Brute force attempt	2020-07-09 04:07:52
185.143.72.23	attackbotsspam	Jul 8 21:42:39 websrv1.derweidener.de postfix/smtpd[980175]: warning: unknown[185.143.72.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:43:14 websrv1.derweidener.de postfix/smtpd[980175]: warning: unknown[185.143.72.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:43:46 websrv1.derweidener.de postfix/smtpd[981676]: warning: unknown[185.143.72.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:44:19 websrv1.derweidener.de postfix/smtpd[981670]: warning: unknown[185.143.72.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 21:44:51 websrv1.derweidener.de postfix/smtpd[981676]: warning: unknown[185.143.72.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-07-09 04:05:50
222.186.175.148	attack	Jul 8 22:28:55 home sshd[28500]: Failed password for root from 222.186.175.148 port 43646 ssh2 Jul 8 22:29:09 home sshd[28500]: error: maximum authentication attempts exceeded for root from 222.186.175.148 port 43646 ssh2 [preauth] Jul 8 22:29:14 home sshd[28521]: Failed password for root from 222.186.175.148 port 60080 ssh2 ...	2020-07-09 04:30:40
218.92.0.133	attack	2020-07-08T22:28:20.916149vps773228.ovh.net sshd[1655]: Failed password for root from 218.92.0.133 port 12253 ssh2 2020-07-08T22:28:23.815776vps773228.ovh.net sshd[1655]: Failed password for root from 218.92.0.133 port 12253 ssh2 2020-07-08T22:28:27.120994vps773228.ovh.net sshd[1655]: Failed password for root from 218.92.0.133 port 12253 ssh2 2020-07-08T22:28:30.177420vps773228.ovh.net sshd[1655]: Failed password for root from 218.92.0.133 port 12253 ssh2 2020-07-08T22:28:33.636680vps773228.ovh.net sshd[1655]: Failed password for root from 218.92.0.133 port 12253 ssh2 ...	2020-07-09 04:28:55
118.70.183.103	attack	Port probing on unauthorized port 445	2020-07-09 04:02:09
37.187.54.45	attack	Jul 8 12:58:17 dignus sshd[10487]: Failed password for invalid user wusm from 37.187.54.45 port 34454 ssh2 Jul 8 13:00:44 dignus sshd[10771]: Invalid user toor from 37.187.54.45 port 50276 Jul 8 13:00:44 dignus sshd[10771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.54.45 Jul 8 13:00:45 dignus sshd[10771]: Failed password for invalid user toor from 37.187.54.45 port 50276 ssh2 Jul 8 13:03:10 dignus sshd[11014]: Invalid user todd from 37.187.54.45 port 37848 ...	2020-07-09 04:06:58

Recently Reported IPs

5.87.248.91	75.65.191.85	172.252.158.50	171.12.10.165
78.71.139.98	150.255.9.232	14.185.107.225	151.29.246.141
191.13.23.100	125.119.220.215	187.189.87.17	190.44.59.36
125.84.176.243	35.164.131.10	83.3.161.171	124.235.138.203
65.164.142.240	168.115.93.254	2.31.231.122	221.140.211.55