42.3.135.107 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 42.3.135.107 to port 5555 [J]	2020-01-20 02:18:32

Comments on same subnet:

IP	Type	Details	Datetime
42.3.135.228	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 541708b9a8cbdd7b \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: HK \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:44:23

Type

Details

Datetime

42.3.135.228

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 541708b9a8cbdd7b | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 06:44:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.3.135.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27168
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.3.135.107.			IN	A

;; AUTHORITY SECTION:
.			199	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011900 1800 900 604800 86400

;; Query time: 138 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 20 02:18:27 CST 2020
;; MSG SIZE  rcvd: 116

Host info

107.135.3.42.in-addr.arpa domain name pointer 42-3-135-107.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
107.135.3.42.in-addr.arpa	name = 42-3-135-107.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.165.65.236	attackspam	Mar 10 05:17:03 localhost sshd\[25220\]: Invalid user sven from 82.165.65.236 port 44104 Mar 10 05:17:03 localhost sshd\[25220\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.165.65.236 Mar 10 05:17:06 localhost sshd\[25220\]: Failed password for invalid user sven from 82.165.65.236 port 44104 ssh2	2020-03-10 12:30:19
206.189.103.18	attackspambots	2020-03-10T02:52:03.784726 sshd[27630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.103.18 2020-03-10T02:52:03.770323 sshd[27630]: Invalid user work from 206.189.103.18 port 46280 2020-03-10T02:52:05.894594 sshd[27630]: Failed password for invalid user work from 206.189.103.18 port 46280 ssh2 2020-03-10T04:56:00.239254 sshd[29597]: Invalid user tsadmin from 206.189.103.18 port 59700 ...	2020-03-10 12:27:00
113.25.207.34	attackbotsspam	20/3/9@23:55:37: FAIL: Alarm-Telnet address from=113.25.207.34 ...	2020-03-10 12:44:26
14.29.219.152	attackbotsspam	2020-03-10T04:55:37.900572 sshd[29573]: Invalid user nivinform from 14.29.219.152 port 53381 2020-03-10T04:55:37.916343 sshd[29573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.219.152 2020-03-10T04:55:37.900572 sshd[29573]: Invalid user nivinform from 14.29.219.152 port 53381 2020-03-10T04:55:39.503744 sshd[29573]: Failed password for invalid user nivinform from 14.29.219.152 port 53381 ssh2 ...	2020-03-10 12:43:20
222.186.175.220	attack	2020-03-10T05:18:17.098264vps773228.ovh.net sshd[2759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root 2020-03-10T05:18:19.392716vps773228.ovh.net sshd[2759]: Failed password for root from 222.186.175.220 port 35656 ssh2 2020-03-10T05:18:22.677019vps773228.ovh.net sshd[2759]: Failed password for root from 222.186.175.220 port 35656 ssh2 2020-03-10T05:18:17.098264vps773228.ovh.net sshd[2759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root 2020-03-10T05:18:19.392716vps773228.ovh.net sshd[2759]: Failed password for root from 222.186.175.220 port 35656 ssh2 2020-03-10T05:18:22.677019vps773228.ovh.net sshd[2759]: Failed password for root from 222.186.175.220 port 35656 ssh2 2020-03-10T05:18:17.098264vps773228.ovh.net sshd[2759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root 2020-03-10T05:1 ...	2020-03-10 12:30:56
223.240.208.230	attackbots	SSH invalid-user multiple login try	2020-03-10 12:45:53
73.155.236.74	attackspam	Mar 10 04:56:09 vmd17057 sshd[4640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.155.236.74 Mar 10 04:56:11 vmd17057 sshd[4640]: Failed password for invalid user user from 73.155.236.74 port 44322 ssh2 ...	2020-03-10 12:18:01
222.186.173.226	attack	v+ssh-bruteforce	2020-03-10 12:07:17
5.135.165.131	attackspambots	Mar 10 04:37:51 hcbbdb sshd\[336\]: Invalid user des from 5.135.165.131 Mar 10 04:37:51 hcbbdb sshd\[336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3091480.ip-5-135-165.eu Mar 10 04:37:53 hcbbdb sshd\[336\]: Failed password for invalid user des from 5.135.165.131 port 48344 ssh2 Mar 10 04:41:43 hcbbdb sshd\[815\]: Invalid user rian from 5.135.165.131 Mar 10 04:41:43 hcbbdb sshd\[815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3091480.ip-5-135-165.eu	2020-03-10 12:44:56
203.189.206.109	attackspam	Mar 9 17:47:24 php1 sshd\[28003\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.189.206.109 user=tradewindcap Mar 9 17:47:26 php1 sshd\[28003\]: Failed password for tradewindcap from 203.189.206.109 port 35528 ssh2 Mar 9 17:52:00 php1 sshd\[28419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.189.206.109 user=tradewindcap Mar 9 17:52:02 php1 sshd\[28419\]: Failed password for tradewindcap from 203.189.206.109 port 33350 ssh2 Mar 9 17:56:20 php1 sshd\[28870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.189.206.109 user=tradewindcap	2020-03-10 12:12:38
122.154.241.147	attack	Mar 10 05:16:58 localhost sshd\[25216\]: Invalid user 123456 from 122.154.241.147 port 47126 Mar 10 05:16:58 localhost sshd\[25216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.241.147 Mar 10 05:17:00 localhost sshd\[25216\]: Failed password for invalid user 123456 from 122.154.241.147 port 47126 ssh2	2020-03-10 12:25:16
156.96.148.10	attack	$f2bV_matches	2020-03-10 12:14:17
119.28.133.210	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-03-10 12:47:13
116.99.251.131	attackspam	1583812571 - 03/10/2020 04:56:11 Host: 116.99.251.131/116.99.251.131 Port: 445 TCP Blocked	2020-03-10 12:20:22
178.62.248.61	attack	detected by Fail2Ban	2020-03-10 12:42:07

Recently Reported IPs

227.200.239.147	186.224.247.95	72.100.16.101	12.190.133.226
82.195.143.212	247.231.84.194	223.215.187.95	14.170.95.161
190.201.13.16	178.176.165.33	173.226.178.69	103.122.168.210
111.90.150.60	165.22.109.28	14.165.92.107	167.71.215.235
113.175.198.236	27.2.88.154	14.232.152.74	72.230.185.2