42.120.161.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
42.120.161.43	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 54356e01cb6fe7c5 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:16:20
42.120.161.37	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54137e915f02d376 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:20:56

类型

评论内容

时间

42.120.161.43

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 54356e01cb6fe7c5 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 00:16:20

42.120.161.37

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54137e915f02d376 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:20:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.120.161.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4170
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.120.161.13.			IN	A

;; AUTHORITY SECTION:
.			488	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062600 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 26 21:40:52 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

13.161.120.42.in-addr.arpa domain name pointer shenmaspider-42-120-161-13.crawl.sm.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.161.120.42.in-addr.arpa	name = shenmaspider-42-120-161-13.crawl.sm.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
150.158.110.27	attack	ssh brute force	2020-08-28 12:38:40
81.68.90.10	attackbotsspam	Aug 28 05:47:12 server sshd[23717]: Failed password for root from 81.68.90.10 port 37210 ssh2 Aug 28 05:51:48 server sshd[26012]: Failed password for invalid user hqy from 81.68.90.10 port 39700 ssh2 Aug 28 05:56:34 server sshd[28335]: Failed password for invalid user wangqiang from 81.68.90.10 port 42188 ssh2	2020-08-28 12:19:17
106.12.38.231	attack	Brute force attempt	2020-08-28 12:39:07
181.31.129.12	attack	Aug 28 06:39:06 pve1 sshd[15060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.31.129.12 Aug 28 06:39:07 pve1 sshd[15060]: Failed password for invalid user marianela from 181.31.129.12 port 16161 ssh2 ...	2020-08-28 12:41:56
62.102.148.68	attackspambots	2020-08-28T05:55:37.437285mail2.broermann.family sshd[19419]: User sshd from 62.102.148.68 not allowed because not listed in AllowUsers 2020-08-28T05:55:39.496944mail2.broermann.family sshd[19419]: Failed password for invalid user sshd from 62.102.148.68 port 58808 ssh2 2020-08-28T05:55:39.695574mail2.broermann.family sshd[19419]: Failed password for invalid user sshd from 62.102.148.68 port 58808 ssh2 2020-08-28T05:55:42.172792mail2.broermann.family sshd[19419]: Failed password for invalid user sshd from 62.102.148.68 port 58808 ssh2 2020-08-28T05:55:44.555047mail2.broermann.family sshd[19419]: Failed password for invalid user sshd from 62.102.148.68 port 58808 ssh2 2020-08-28T05:55:47.052088mail2.broermann.family sshd[19419]: Failed password for invalid user sshd from 62.102.148.68 port 58808 ssh2 2020-08-28T05:55:48.651536mail2.broermann.family sshd[19419]: Failed password for invalid user sshd from 62.102.148.68 port 58808 ssh2 2020-08-28T05:55:50.697558mail2.broermann.family sshd[ ...	2020-08-28 12:46:19
74.82.47.5	attackspam	srvr2: (mod_security) mod_security (id:920350) triggered by 74.82.47.5 (US/-/scan-12.shadowserver.org): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/28 05:55:47 [error] 377966#0: 142185 [client 74.82.47.5] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159858694721.516644"] [ref "o0,13v21,13"], client: 74.82.47.5, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-28 12:48:12
175.125.95.160	attackbotsspam	2020-08-28T04:07:03.421485shield sshd\[31825\]: Invalid user ny from 175.125.95.160 port 59286 2020-08-28T04:07:03.432257shield sshd\[31825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.125.95.160 2020-08-28T04:07:05.662513shield sshd\[31825\]: Failed password for invalid user ny from 175.125.95.160 port 59286 ssh2 2020-08-28T04:09:42.774993shield sshd\[32046\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.125.95.160 user=root 2020-08-28T04:09:44.834557shield sshd\[32046\]: Failed password for root from 175.125.95.160 port 37778 ssh2	2020-08-28 12:21:21
139.59.211.245	attackbotsspam	Aug 28 06:36:43 eventyay sshd[17016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.211.245 Aug 28 06:36:45 eventyay sshd[17016]: Failed password for invalid user giaou from 139.59.211.245 port 48412 ssh2 Aug 28 06:45:21 eventyay sshd[17399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.211.245 ...	2020-08-28 12:47:25
192.144.187.153	attackbots	Failed password for invalid user xu from 192.144.187.153 port 54198 ssh2	2020-08-28 12:41:26
128.199.176.134	attackbots	spam	2020-08-28 12:24:07
91.241.19.42	attackspam	$f2bV_matches	2020-08-28 12:32:36
13.67.40.250	attackspam	Aug 28 05:08:20 roki-contabo sshd\[11576\]: Invalid user lw from 13.67.40.250 Aug 28 05:08:20 roki-contabo sshd\[11576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.67.40.250 Aug 28 05:08:22 roki-contabo sshd\[11576\]: Failed password for invalid user lw from 13.67.40.250 port 59012 ssh2 Aug 28 05:56:23 roki-contabo sshd\[12091\]: Invalid user mna from 13.67.40.250 Aug 28 05:56:23 roki-contabo sshd\[12091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.67.40.250 ...	2020-08-28 12:26:00
218.92.0.145	attackspambots	Aug 28 05:59:25 marvibiene sshd[17058]: Failed password for root from 218.92.0.145 port 29190 ssh2 Aug 28 05:59:31 marvibiene sshd[17058]: Failed password for root from 218.92.0.145 port 29190 ssh2	2020-08-28 12:10:56
14.239.39.174	attackbots	1598586986 - 08/28/2020 05:56:26 Host: 14.239.39.174/14.239.39.174 Port: 445 TCP Blocked ...	2020-08-28 12:24:36
5.62.20.37	attackspambots	(From blankenship.ricky@hotmail.com) Hi, I was just checking out your site and submitted this message via your contact form. The contact page on your site sends you these messages via email which is the reason you're reading my message at this moment right? That's the most important accomplishment with any type of online ad, getting people to actually READ your message and this is exactly what you're doing now! If you have something you would like to promote to millions of websites via their contact forms in the U.S. or to any country worldwide let me know, I can even focus on your required niches and my pricing is very reasonable. Reply here: kinleytrey96@gmail.com discontinue seeing these ad messages https://bit.ly/2yp4480	2020-08-28 12:10:31

最近上报的IP列表

42.120.160.136	180.76.32.159	49.26.1.206	180.76.32.252
180.76.33.55	180.76.33.64	180.76.33.95	180.76.33.150
180.76.34.4	180.76.34.64	180.76.35.6	180.76.34.220
180.76.35.163	180.76.35.44	169.229.254.89	42.156.138.199
111.206.221.163	180.76.56.63	137.226.144.178	137.226.87.18