42.156.138.172

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.156.138.94	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 541577b5aee6e821 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:46:31
42.156.138.40	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54157a78e8eeeb99 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:29:54

Type

Details

Datetime

42.156.138.94

attackbotsspam

The IP has triggered Cloudflare WAF. CF-Ray: 541577b5aee6e821 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:46:31

42.156.138.40

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54157a78e8eeeb99 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:29:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.138.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34730
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.156.138.172.			IN	A

;; AUTHORITY SECTION:
.			176	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062600 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 27 00:22:58 CST 2022
;; MSG SIZE  rcvd: 107

Host info

172.138.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-138-172.crawl.sm.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
172.138.156.42.in-addr.arpa	name = shenmaspider-42-156-138-172.crawl.sm.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.219.242.22	attack	detected by Fail2Ban	2020-04-05 21:04:10
61.161.169.50	attackbotsspam	Apr 5 14:38:31 * sshd[26851]: Failed password for root from 61.161.169.50 port 33764 ssh2	2020-04-05 21:06:47
118.69.148.52	attackspambots	They have constantly tried to gain access to my email.	2020-04-05 20:44:13
78.191.126.80	attack	Unauthorized connection attempt from IP address 78.191.126.80 on Port 445(SMB)	2020-04-05 20:56:14
112.85.42.173	attackspambots	Apr 5 15:19:45 server sshd[36304]: Failed none for root from 112.85.42.173 port 38064 ssh2 Apr 5 15:19:47 server sshd[36304]: Failed password for root from 112.85.42.173 port 38064 ssh2 Apr 5 15:20:05 server sshd[36412]: Failed password for root from 112.85.42.173 port 3599 ssh2	2020-04-05 21:26:24
14.169.220.149	attack	failed_logins	2020-04-05 21:04:57
116.24.36.146	attack	1586090725 - 04/05/2020 14:45:25 Host: 116.24.36.146/116.24.36.146 Port: 445 TCP Blocked	2020-04-05 21:06:29
34.92.40.205	attackspam	Apr 5 12:40:36 sshgateway sshd\[24589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.40.92.34.bc.googleusercontent.com user=root Apr 5 12:40:38 sshgateway sshd\[24589\]: Failed password for root from 34.92.40.205 port 58884 ssh2 Apr 5 12:45:50 sshgateway sshd\[24615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.40.92.34.bc.googleusercontent.com user=root	2020-04-05 21:18:04
88.91.13.216	attackspam	2020-04-05T12:36:50.208629dmca.cloudsearch.cf sshd[16921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ti2999a430-0215.bb.online.no user=root 2020-04-05T12:36:52.969801dmca.cloudsearch.cf sshd[16921]: Failed password for root from 88.91.13.216 port 35558 ssh2 2020-04-05T12:41:22.600691dmca.cloudsearch.cf sshd[17359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ti2999a430-0215.bb.online.no user=root 2020-04-05T12:41:24.031899dmca.cloudsearch.cf sshd[17359]: Failed password for root from 88.91.13.216 port 42172 ssh2 2020-04-05T12:43:25.724157dmca.cloudsearch.cf sshd[17542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ti2999a430-0215.bb.online.no user=root 2020-04-05T12:43:27.376187dmca.cloudsearch.cf sshd[17542]: Failed password for root from 88.91.13.216 port 46150 ssh2 2020-04-05T12:45:18.536619dmca.cloudsearch.cf sshd[17678]: pam_unix(sshd:auth): authe ...	2020-04-05 21:21:38
122.99.125.85	attackbots	2020-04-05T14:45:30.766543 sshd[1025]: Invalid user ts3server2 from 122.99.125.85 port 43830 2020-04-05T14:45:30.780127 sshd[1025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.99.125.85 2020-04-05T14:45:30.766543 sshd[1025]: Invalid user ts3server2 from 122.99.125.85 port 43830 2020-04-05T14:45:32.590088 sshd[1025]: Failed password for invalid user ts3server2 from 122.99.125.85 port 43830 ssh2 ...	2020-04-05 21:01:32
49.234.194.208	attackbotsspam	Apr 5 14:41:24 ncomp sshd[31948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.194.208 user=root Apr 5 14:41:27 ncomp sshd[31948]: Failed password for root from 49.234.194.208 port 37110 ssh2 Apr 5 14:46:14 ncomp sshd[32045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.194.208 user=root Apr 5 14:46:16 ncomp sshd[32045]: Failed password for root from 49.234.194.208 port 55060 ssh2	2020-04-05 21:07:20
129.211.65.70	attackspam	Apr 5 15:32:22 gw1 sshd[5365]: Failed password for root from 129.211.65.70 port 47840 ssh2 ...	2020-04-05 20:42:55
42.118.242.189	attackspambots	Apr 5 19:49:53 webhost01 sshd[32689]: Failed password for root from 42.118.242.189 port 56962 ssh2 ...	2020-04-05 21:09:06
203.205.58.74	attack	Unauthorized connection attempt from IP address 203.205.58.74 on Port 445(SMB)	2020-04-05 20:58:00
82.64.24.17	attackspam	Apr 5 15:06:20 silence02 sshd[7751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.24.17 Apr 5 15:06:22 silence02 sshd[7751]: Failed password for invalid user liurui from 82.64.24.17 port 58982 ssh2 Apr 5 15:07:01 silence02 sshd[7782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.24.17	2020-04-05 21:08:37

Recently Reported IPs

42.120.160.205	218.30.103.11	80.82.76.199	180.76.39.30
180.76.39.190	104.14.132.210	172.252.231.198	217.64.132.149
137.226.82.187	137.226.23.136	137.226.241.247	137.226.153.106
180.76.111.32	180.76.6.196	180.76.111.241	180.76.13.89
169.229.168.216	137.226.245.136	169.229.168.240	169.229.170.79