42.156.139.109

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.156.139.7	attackspambots	Automated report (2020-08-24T11:55:46+08:00). Misbehaving bot detected at this address.	2020-08-24 13:08:11
42.156.139.151	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-02-13 22:26:41
42.156.139.60	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5410f168bac7ebd9 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:59:11
42.156.139.16	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5413b9b13abceef2 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:20:39
42.156.139.46	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415cf340f7d7704 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:08:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.139.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42326
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.156.139.109.			IN	A

;; AUTHORITY SECTION:
.			380	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062600 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 26 21:51:59 CST 2022
;; MSG SIZE  rcvd: 107

Host info

109.139.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-139-109.crawl.sm.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
109.139.156.42.in-addr.arpa	name = shenmaspider-42-156-139-109.crawl.sm.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.166.34.129	attackspam	Invalid user hduser from 188.166.34.129 port 53078	2019-08-04 13:43:10
46.239.38.216	attackspam	Multiple failed RDP login attempts	2019-08-04 12:40:36
185.143.221.58	attackspam	Aug 4 05:30:42 h2177944 kernel: \[3213339.940947\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.221.58 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=20501 PROTO=TCP SPT=52010 DPT=4173 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 4 05:38:11 h2177944 kernel: \[3213788.241082\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.221.58 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=12006 PROTO=TCP SPT=52010 DPT=4006 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 4 05:42:30 h2177944 kernel: \[3214047.173542\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.221.58 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=58058 PROTO=TCP SPT=52010 DPT=4151 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 4 05:43:58 h2177944 kernel: \[3214135.052841\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.221.58 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=41697 PROTO=TCP SPT=52010 DPT=4440 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 4 05:54:12 h2177944 kernel: \[3214749.438604\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.221.58 DST=85.214.	2019-08-04 12:44:55
50.112.60.54	attackbots	WordPress XMLRPC scan :: 50.112.60.54 0.356 BYPASS [04/Aug/2019:13:04:22 1000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 503 19380 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-04 12:42:42
167.71.182.213	attack	Aug 4 06:31:38 dedicated sshd[905]: Invalid user ball from 167.71.182.213 port 46362	2019-08-04 12:45:58
41.94.97.138	attackspam	SSH-BruteForce	2019-08-04 12:49:43
191.53.57.56	attackbots	$f2bV_matches	2019-08-04 12:46:45
106.12.136.207	attackspam	Aug 4 02:15:02 db01 sshd[14827]: Invalid user test from 106.12.136.207 Aug 4 02:15:02 db01 sshd[14827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.136.207 Aug 4 02:15:04 db01 sshd[14827]: Failed password for invalid user test from 106.12.136.207 port 53354 ssh2 Aug 4 02:15:04 db01 sshd[14827]: Received disconnect from 106.12.136.207: 11: Bye Bye [preauth] Aug 4 02:36:05 db01 sshd[16642]: Invalid user bea from 106.12.136.207 Aug 4 02:36:05 db01 sshd[16642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.136.207 Aug 4 02:36:07 db01 sshd[16642]: Failed password for invalid user bea from 106.12.136.207 port 49990 ssh2 Aug 4 02:36:08 db01 sshd[16642]: Received disconnect from 106.12.136.207: 11: Bye Bye [preauth] Aug 4 02:38:41 db01 sshd[16768]: Invalid user colleen from 106.12.136.207 Aug 4 02:38:41 db01 sshd[16768]: pam_unix(sshd:auth): authentication failure; lo........ -------------------------------	2019-08-04 12:46:19
125.77.252.164	attackspam	Aug 4 02:33:12 Ubuntu-1404-trusty-64-minimal sshd\[13342\]: Invalid user rosicler from 125.77.252.164 Aug 4 02:33:12 Ubuntu-1404-trusty-64-minimal sshd\[13342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.77.252.164 Aug 4 02:33:14 Ubuntu-1404-trusty-64-minimal sshd\[13342\]: Failed password for invalid user rosicler from 125.77.252.164 port 53894 ssh2 Aug 4 02:48:39 Ubuntu-1404-trusty-64-minimal sshd\[19567\]: Invalid user yui from 125.77.252.164 Aug 4 02:48:40 Ubuntu-1404-trusty-64-minimal sshd\[19567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.77.252.164	2019-08-04 12:41:11
129.204.108.105	attackspambots	Dec 26 09:05:14 motanud sshd\[13759\]: Invalid user test2 from 129.204.108.105 port 39158 Dec 26 09:05:14 motanud sshd\[13759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.108.105 Dec 26 09:05:17 motanud sshd\[13759\]: Failed password for invalid user test2 from 129.204.108.105 port 39158 ssh2	2019-08-04 12:54:49
183.109.9.235	attackspam	Honeypot attack, port: 81, PTR: PTR record not found	2019-08-04 13:08:24
144.52.107.55	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2019-08-04 13:23:01
164.52.24.173	attack	Honeypot attack, port: 81, PTR: PTR record not found	2019-08-04 13:27:35
51.68.230.105	attackspam	SSH-BruteForce	2019-08-04 12:43:27
176.221.2.59	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-04 13:25:13

Recently Reported IPs

42.156.138.2	178.137.16.233	137.226.251.183	180.76.107.89
180.76.108.179	180.76.33.48	180.76.34.35	180.76.34.53
180.76.34.65	138.0.46.4	180.76.34.68	180.76.34.117
180.76.34.184	180.76.35.35	180.76.82.13	180.76.69.115
180.76.80.168	180.76.60.165	180.76.78.221	137.226.236.52