42.120.160.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.120.160.121	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54361032bca7eef6 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:49:02
42.120.160.50	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5433760a38afe4c4 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:37:52
42.120.160.112	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5415ee769a19eb51 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:21:48
42.120.160.51	attack	The IP has triggered Cloudflare WAF. CF-Ray: 541558d4fe79e7c5 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:09:18
42.120.160.123	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 5416f9cdfa82e7a4 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:44:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.120.160.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59015
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.120.160.34.			IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023100601 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 06 23:08:44 CST 2023
;; MSG SIZE  rcvd: 106

Host info

34.160.120.42.in-addr.arpa domain name pointer shenmaspider-42-120-160-34.crawl.sm.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.160.120.42.in-addr.arpa	name = shenmaspider-42-120-160-34.crawl.sm.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.74.252.191	attackbots	Aug 26 04:42:33 shivevps sshd[27394]: Bad protocol version identification '\024' from 177.74.252.191 port 57960 Aug 26 04:44:18 shivevps sshd[30969]: Bad protocol version identification '\024' from 177.74.252.191 port 61625 Aug 26 04:44:50 shivevps sshd[31852]: Bad protocol version identification '\024' from 177.74.252.191 port 63186 ...	2020-08-26 15:53:09
222.186.30.167	attackbots	Aug 26 09:29:22 * sshd[2719]: Failed password for root from 222.186.30.167 port 58487 ssh2	2020-08-26 15:31:04
124.105.197.141	attackspambots	Aug 26 04:41:26 shivevps sshd[25666]: Bad protocol version identification '\024' from 124.105.197.141 port 33405 Aug 26 04:42:26 shivevps sshd[27002]: Bad protocol version identification '\024' from 124.105.197.141 port 34099 Aug 26 04:43:57 shivevps sshd[30332]: Bad protocol version identification '\024' from 124.105.197.141 port 35377 ...	2020-08-26 15:41:36
202.40.177.234	attackspam	Aug 26 04:42:45 shivevps sshd[27822]: Bad protocol version identification '\024' from 202.40.177.234 port 52020 Aug 26 04:43:32 shivevps sshd[29301]: Bad protocol version identification '\024' from 202.40.177.234 port 53266 Aug 26 04:44:16 shivevps sshd[30871]: Bad protocol version identification '\024' from 202.40.177.234 port 54681 ...	2020-08-26 15:57:38
95.0.66.97	attackbotsspam	Aug 26 04:38:27 shivevps sshd[20808]: Bad protocol version identification '\024' from 95.0.66.97 port 55776 Aug 26 04:43:52 shivevps sshd[30047]: Bad protocol version identification '\024' from 95.0.66.97 port 42952 Aug 26 04:44:22 shivevps sshd[31161]: Bad protocol version identification '\024' from 95.0.66.97 port 43794 ...	2020-08-26 15:20:46
188.127.224.75	attack	SpamScore above: 10.0	2020-08-26 15:38:52
185.121.2.31	attackspam	Aug 26 04:37:52 shivevps sshd[19492]: Bad protocol version identification '\024' from 185.121.2.31 port 36510 Aug 26 04:42:26 shivevps sshd[27007]: Bad protocol version identification '\024' from 185.121.2.31 port 40087 Aug 26 04:43:53 shivevps sshd[30127]: Bad protocol version identification '\024' from 185.121.2.31 port 41224 ...	2020-08-26 15:58:11
159.192.97.43	attackspambots	Aug 26 04:42:21 shivevps sshd[26634]: Bad protocol version identification '\024' from 159.192.97.43 port 47407 Aug 26 04:43:03 shivevps sshd[28630]: Bad protocol version identification '\024' from 159.192.97.43 port 47867 Aug 26 04:44:19 shivevps sshd[31035]: Bad protocol version identification '\024' from 159.192.97.43 port 49399 ...	2020-08-26 15:23:16
125.27.251.24	attackspambots	Aug 26 04:39:32 shivevps sshd[22785]: Bad protocol version identification '\024' from 125.27.251.24 port 49699 Aug 26 04:42:31 shivevps sshd[27338]: Bad protocol version identification '\024' from 125.27.251.24 port 55305 Aug 26 04:45:29 shivevps sshd[32217]: Bad protocol version identification '\024' from 125.27.251.24 port 59450 ...	2020-08-26 15:15:56
185.220.102.243	attackspam	Time: Wed Aug 26 06:19:23 2020 +0000 IP: 185.220.102.243 (DE/Germany/185-220-102-243.torservers.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 26 06:19:09 ca-37-ams1 sshd[7989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.102.243 user=root Aug 26 06:19:11 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2 Aug 26 06:19:13 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2 Aug 26 06:19:15 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2 Aug 26 06:19:18 ca-37-ams1 sshd[7989]: Failed password for root from 185.220.102.243 port 22142 ssh2	2020-08-26 15:22:48
222.186.175.150	attack	Aug 26 09:44:36 abendstille sshd\[6542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root Aug 26 09:44:36 abendstille sshd\[6544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root Aug 26 09:44:37 abendstille sshd\[6542\]: Failed password for root from 222.186.175.150 port 2918 ssh2 Aug 26 09:44:38 abendstille sshd\[6544\]: Failed password for root from 222.186.175.150 port 60568 ssh2 Aug 26 09:44:41 abendstille sshd\[6542\]: Failed password for root from 222.186.175.150 port 2918 ssh2 ...	2020-08-26 15:44:57
182.176.228.147	attackspam	Aug 26 04:43:56 shivevps sshd[30279]: Bad protocol version identification '\024' from 182.176.228.147 port 59177 Aug 26 04:44:18 shivevps sshd[31004]: Bad protocol version identification '\024' from 182.176.228.147 port 59538 Aug 26 04:44:26 shivevps sshd[31344]: Bad protocol version identification '\024' from 182.176.228.147 port 59736 ...	2020-08-26 15:28:04
117.239.149.94	attackbots	[Wed Aug 26 10:53:34.803560 2020] [:error] [pid 30543:tid 139707031746304] [client 117.239.149.94:63017] [client 117.239.149.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/manager/html"] [unique_id "X0XcviXBG@3tAFpdD8koaAAAAnY"] ...	2020-08-26 15:14:11
186.89.170.206	attackbots	Unauthorised access (Aug 26) SRC=186.89.170.206 LEN=52 TTL=114 ID=29579 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-26 15:57:54
23.129.64.187	attackspambots	$lgm	2020-08-26 15:56:38

Recently Reported IPs

188.93.140.177	98.188.152.130	110.54.206.122	34.248.59.52
235.174.6.78	6.83.192.36	114.111.233.210	26.210.95.167
117.211.83.63	143.196.70.189	210.4.202.140	30.221.36.195
119.9.242.220	49.33.201.171	66.249.79.189	57.115.56.76
93.91.3.102	86.46.11.133	26.64.184.161	54.128.225.143