42.120.161.82 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.120.161.43	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54356e01cb6fe7c5 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:16:20
42.120.161.37	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54137e915f02d376 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:20:56

Type

Details

Datetime

42.120.161.43

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 54356e01cb6fe7c5 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 00:16:20

42.120.161.37

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54137e915f02d376 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:20:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.120.161.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 236
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.120.161.82.			IN	A

;; AUTHORITY SECTION:
.			588	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062601 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 27 02:38:28 CST 2022
;; MSG SIZE  rcvd: 106

Host info

82.161.120.42.in-addr.arpa domain name pointer shenmaspider-42-120-161-82.crawl.sm.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
82.161.120.42.in-addr.arpa	name = shenmaspider-42-120-161-82.crawl.sm.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.2.13.35	attackbots	Automatic report - Port Scan Attack	2019-08-09 11:52:31
175.43.162.75	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-09 11:58:00
113.57.197.11	attackspam	Aug 9 06:26:18 lcl-usvr-01 sshd[15263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.57.197.11 user=root	2019-08-09 11:14:11
145.239.198.218	attackbotsspam	Aug 9 04:57:44 SilenceServices sshd[6998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.198.218 Aug 9 04:57:46 SilenceServices sshd[6998]: Failed password for invalid user nova from 145.239.198.218 port 43436 ssh2 Aug 9 05:01:46 SilenceServices sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.198.218	2019-08-09 11:14:57
177.21.193.196	attackbots	failed_logins	2019-08-09 11:13:37
178.21.11.161	attack	Aug 9 05:30:58 dedicated sshd[5013]: Invalid user ta from 178.21.11.161 port 50298	2019-08-09 11:49:12
155.4.255.138	attack	fire	2019-08-09 11:53:05
203.229.206.22	attack	Aug 9 04:00:10 mail sshd\[15849\]: Failed password for root from 203.229.206.22 port 51012 ssh2 Aug 9 04:15:34 mail sshd\[16066\]: Invalid user tomcat1 from 203.229.206.22 port 52172 ...	2019-08-09 11:19:59
132.232.52.35	attackspam	Aug 9 03:04:59 MK-Soft-VM5 sshd\[11650\]: Invalid user adelia from 132.232.52.35 port 41178 Aug 9 03:04:59 MK-Soft-VM5 sshd\[11650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.52.35 Aug 9 03:05:01 MK-Soft-VM5 sshd\[11650\]: Failed password for invalid user adelia from 132.232.52.35 port 41178 ssh2 ...	2019-08-09 11:30:07
167.99.190.30	attack	fire	2019-08-09 11:40:35
104.248.254.222	attackspam	Aug 8 23:47:29 host sshd\[48089\]: Invalid user user2 from 104.248.254.222 port 50728 Aug 8 23:47:29 host sshd\[48089\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.254.222 ...	2019-08-09 11:15:51
191.53.237.232	attack	Aug 8 17:46:51 web1 postfix/smtpd[13314]: warning: unknown[191.53.237.232]: SASL PLAIN authentication failed: authentication failure ...	2019-08-09 11:34:34
109.236.70.207	attackspam	[portscan] Port scan	2019-08-09 11:33:05
87.101.240.10	attack	2019-08-09T03:22:46.090474abusebot-5.cloudsearch.cf sshd\[15411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.240.10 user=root	2019-08-09 11:30:37
23.102.51.95	botsattack	23.102.51.95 - - [09/Aug/2019:11:31:51 +0800] "POST /%25%7b(%23dm%3d%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS).(%23_memberAccess%3f(%23_memberAccess%3d%23dm)%3a((%23container%3d%23context%5b%27com.opensymphony.xwork2.ActionContext.container%27%5d).(%23ognlUtil%3d%23container.getInstance(%40com.opensymphony.xwork2.ognl.OgnlUtil%40class)).(%23ognlUtil.getExcludedPackageNames().clear()).(%23ognlUtil.getExcludedClasses().clear()).(%23context.setMemberAccess(%23dm)))).(%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse()).(%23res.addHeader(%27eresult%27%2c%27struts2_security_check%27))%7d/login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0" 23.102.51.95 - - [09/Aug/2019:11:31:51 +0800] "POST /login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0" 23.102.51.95 - - [09/Aug/2019:11:31:52 +0800] "POST /login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0" 23.102.51.95 - - [09/Aug/2019:11:31:52 +0800] "POST /login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0" 23.102.51.95 - - [09/Aug/2019:11:31:53 +0800] "POST /login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0" 23.102.51.95 - - [09/Aug/2019:11:31:53 +0800] "POST /login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0" 23.102.51.95 - - [09/Aug/2019:11:31:54 +0800] "POST /login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0" 23.102.51.95 - - [09/Aug/2019:11:31:55 +0800] "POST /login.action HTTP/1.1" 301 194 "-" "Auto Spider 1.0"	2019-08-09 11:33:52

Recently Reported IPs

42.156.139.5	42.156.138.60	49.85.140.205	137.226.252.173
137.226.190.9	137.226.174.111	103.146.110.254	103.205.48.25
169.229.123.159	169.229.89.255	169.229.88.232	169.229.113.79
169.229.88.69	169.229.89.225	169.229.134.8	169.229.133.225
169.229.134.116	169.229.134.103	169.229.133.245	169.229.99.133