175.42.3.91 - IPInfo

Basic Info

City: unknown

Region: Fujian

Country: China

Internet Service Provider: Fuzhou City Fujian Provincial Network of Unicom

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5412e6d42d389382 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:57:01

Type

Details

Datetime

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 5412e6d42d389382 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:57:01

Comments on same subnet:

IP	Type	Details	Datetime
175.42.3.162	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54302863bee2ed8b \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:41:08
175.42.3.98	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54147f39cf2a930a \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.082584686 Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:06:35
175.42.3.226	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 541085aadb12ed3b \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:11:15
175.42.3.32	attackspambots	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:35:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 175.42.3.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;175.42.3.91.			IN	A

;; AUTHORITY SECTION:
.			331	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 128 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 04:56:58 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 91.3.42.175.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 91.3.42.175.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.129.42	attackspambots	TCP port 3389: Scan and connection	2020-03-14 05:02:05
111.231.71.157	attackbotsspam	[ssh] SSH attack	2020-03-14 05:00:29
210.140.173.155	attackspam	Invalid user thorstenschwarz from 210.140.173.155 port 47249	2020-03-14 05:14:00
182.61.26.50	attackbotsspam	Jan 10 18:03:55 pi sshd[23355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.26.50 Jan 10 18:03:56 pi sshd[23355]: Failed password for invalid user ryan from 182.61.26.50 port 42328 ssh2	2020-03-14 05:16:09
186.136.128.148	attack	Mar 13 18:01:32 localhost sshd\[16752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.136.128.148 user=root Mar 13 18:01:34 localhost sshd\[16752\]: Failed password for root from 186.136.128.148 port 39938 ssh2 Mar 13 18:07:44 localhost sshd\[17406\]: Invalid user quest from 186.136.128.148 port 56146 Mar 13 18:07:44 localhost sshd\[17406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.136.128.148	2020-03-14 04:49:20
42.230.201.112	attackspam	Honeypot attack, port: 81, PTR: hn.kd.ny.adsl.	2020-03-14 05:15:23
46.22.212.90	attackbots	SpamScore above: 10.0	2020-03-14 04:58:43
106.12.192.247	attackbots	Lines containing failures of 106.12.192.247 Mar 12 21:48:09 shared06 sshd[1047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.247 user=r.r Mar 12 21:48:11 shared06 sshd[1047]: Failed password for r.r from 106.12.192.247 port 35134 ssh2 Mar 12 21:48:11 shared06 sshd[1047]: Received disconnect from 106.12.192.247 port 35134:11: Bye Bye [preauth] Mar 12 21:48:11 shared06 sshd[1047]: Disconnected from authenticating user r.r 106.12.192.247 port 35134 [preauth] Mar 12 21:57:09 shared06 sshd[4422]: Invalid user appserver from 106.12.192.247 port 35560 Mar 12 21:57:09 shared06 sshd[4422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.247 Mar 12 21:57:11 shared06 sshd[4422]: Failed password for invalid user appserver from 106.12.192.247 port 35560 ssh2 Mar 12 21:57:11 shared06 sshd[4422]: Received disconnect from 106.12.192.247 port 35560:11: Bye Bye [preauth] Mar 12 21:57........ ------------------------------	2020-03-14 05:02:22
125.161.56.254	attackspam	Honeypot attack, port: 445, PTR: 254.subnet125-161-56.speedy.telkom.net.id.	2020-03-14 04:43:32
89.165.72.175	attackspambots	Automatic report - Port Scan Attack	2020-03-14 05:17:12
14.244.145.86	attack	Feb 15 13:21:24 pi sshd[13163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.244.145.86 Feb 15 13:21:26 pi sshd[13163]: Failed password for invalid user system from 14.244.145.86 port 56663 ssh2	2020-03-14 04:44:01
182.61.3.223	attackspambots	Mar 14 03:53:28 webhost01 sshd[7978]: Failed password for root from 182.61.3.223 port 43280 ssh2 ...	2020-03-14 05:03:52
36.159.108.110	attackspambots	Mar 13 14:44:18 Tower sshd[18595]: Connection from 36.159.108.110 port 44700 on 192.168.10.220 port 22 rdomain "" Mar 13 14:44:21 Tower sshd[18595]: Failed password for root from 36.159.108.110 port 44700 ssh2	2020-03-14 05:13:14
14.250.122.219	attackbotsspam	Feb 14 06:31:49 pi sshd[31968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.250.122.219 Feb 14 06:31:52 pi sshd[31968]: Failed password for invalid user database from 14.250.122.219 port 63211 ssh2	2020-03-14 04:41:16
95.168.96.42	attackspambots	T: f2b postfix aggressive 3x	2020-03-14 04:51:34

Recently Reported IPs

114.23.221.153	207.156.12.87	12.183.72.180	193.222.129.164
191.113.34.212	90.190.224.58	137.226.113.42	74.214.255.53
41.107.209.89	42.153.199.103	163.215.180.254	125.59.32.139
75.195.212.189	121.233.116.26	190.74.225.168	124.225.44.150
104.160.32.241	37.106.144.127	148.212.149.226	221.149.108.244