42.156.139.143

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.156.139.7	attackspambots	Automated report (2020-08-24T11:55:46+08:00). Misbehaving bot detected at this address.	2020-08-24 13:08:11
42.156.139.151	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-02-13 22:26:41
42.156.139.60	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5410f168bac7ebd9 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:59:11
42.156.139.16	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5413b9b13abceef2 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:20:39
42.156.139.46	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415cf340f7d7704 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:08:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.139.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57235
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.156.139.143.			IN	A

;; AUTHORITY SECTION:
.			295	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022063000 1800 900 604800 86400

;; Query time: 141 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 30 21:28:42 CST 2022
;; MSG SIZE  rcvd: 107

Host info

143.139.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-139-143.crawl.sm.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
143.139.156.42.in-addr.arpa	name = shenmaspider-42-156-139-143.crawl.sm.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.209.188.250	attackspam	Aug 7 20:09:33 mxgate1 postfix/postscreen[23366]: CONNECT from [134.209.188.250]:53484 to [176.31.12.44]:25 Aug 7 20:09:33 mxgate1 postfix/dnsblog[23369]: addr 134.209.188.250 listed by domain zen.spamhaus.org as 127.0.0.3 Aug 7 20:09:33 mxgate1 postfix/dnsblog[23367]: addr 134.209.188.250 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Aug 7 20:09:39 mxgate1 postfix/postscreen[23366]: DNSBL rank 3 for [134.209.188.250]:53484 Aug 7 20:09:39 mxgate1 postfix/tlsproxy[23476]: CONNECT from [134.209.188.250]:53484 Aug x@x Aug 7 20:09:39 mxgate1 postfix/postscreen[23366]: DISCONNECT [134.209.188.250]:53484 Aug 7 20:09:39 mxgate1 postfix/tlsproxy[23476]: DISCONNECT [134.209.188.250]:53484 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.209.188.250	2019-08-08 08:03:39
219.241.212.2	attack	Aug 7 19:32:48 root sshd[7878]: Failed password for root from 219.241.212.2 port 48842 ssh2 Aug 7 19:32:51 root sshd[7878]: Failed password for root from 219.241.212.2 port 48842 ssh2 Aug 7 19:32:56 root sshd[7878]: Failed password for root from 219.241.212.2 port 48842 ssh2 Aug 7 19:32:58 root sshd[7878]: Failed password for root from 219.241.212.2 port 48842 ssh2 ...	2019-08-08 08:25:24
103.104.17.139	attackspam	Aug 7 19:45:53 debian sshd\[5608\]: Invalid user jenkins from 103.104.17.139 port 47856 Aug 7 19:45:53 debian sshd\[5608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.104.17.139 Aug 7 19:45:55 debian sshd\[5608\]: Failed password for invalid user jenkins from 103.104.17.139 port 47856 ssh2 ...	2019-08-08 08:22:53
185.93.3.106	attackbots	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	2019-08-08 07:54:16
202.79.174.122	attackspambots	Unauthorised access (Aug 7) SRC=202.79.174.122 LEN=40 TTL=242 ID=35415 TCP DPT=445 WINDOW=1024 SYN	2019-08-08 08:18:03
178.255.126.198	attack	DATE:2019-08-08 00:59:06, IP:178.255.126.198, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-08-08 08:25:59
103.82.242.93	attackbotsspam	SQL injection:/index.php?menu_selected=144&sub_menu_selected=1024&country=ESTONIA&language=FR1111111111111'%20UNION%20SELECT%20CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR(45,120,52,45,81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45),CHAR(45,120,55,45,81,45),CHAR(45,120,56,45,81,45),CHAR(45,120,57,45,81,45),CHAR(45,120,49,48,45,81,45),CHAR(45,120,49,49,45,81,45),CHAR(45,120,49,50,45,81,45),CHAR(45,120,49,51,45,81,45),CHAR(45,120,49,52,45,81,45),CHAR(45,120,49,53,45,81,45),CHAR(45,120,49,54,45,81,45),CHAR(45,120,49,55,45,81,45),CHAR(45,120,49,56,45,81,45),CHAR(45,120,49,57,45,81,45),CHAR(45,120,50,48,45,81,45),CHAR(45,120,50,49,45,81,45),CHAR(45,120,50,50,45,81,45),CHAR(45,120,50,51,45,81,45),CHAR(45,120,50,52,45,81,45),CHAR(45,120,50,53,45,81,45),CHAR(45,120,50,54,45,81,45),CHAR(45,120,50,55,45,81,45),CHAR(45,120,50,56,45,81,45),CHAR(45,120,50,57,45,81,45),CHAR(45,120,51,48,45,81,45),CHAR(45,120,51,49,45,81,45),CHAR(45,120,51,50,45,81,45),CHAR(45,120,51,51,45,81,45),	2019-08-08 07:52:28
182.18.208.27	attackbotsspam	SSH invalid-user multiple login attempts	2019-08-08 08:37:35
124.158.164.42	attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-08 08:10:11
181.211.12.246	attackbots	Unauthorized connection attempt from IP address 181.211.12.246 on Port 445(SMB)	2019-08-08 08:07:24
51.255.234.209	attackspam	Aug 7 22:34:28 nextcloud sshd\[10747\]: Invalid user yolanda123 from 51.255.234.209 Aug 7 22:34:28 nextcloud sshd\[10747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.234.209 Aug 7 22:34:30 nextcloud sshd\[10747\]: Failed password for invalid user yolanda123 from 51.255.234.209 port 50842 ssh2 ...	2019-08-08 08:10:28
132.232.17.23	attack	Aug 7 22:33:57 www2 sshd\[1555\]: Invalid user rh from 132.232.17.23Aug 7 22:33:59 www2 sshd\[1555\]: Failed password for invalid user rh from 132.232.17.23 port 49342 ssh2Aug 7 22:39:09 www2 sshd\[2149\]: Failed password for root from 132.232.17.23 port 41792 ssh2 ...	2019-08-08 08:09:13
148.66.135.178	attackspambots	Aug 7 21:56:35 plex sshd[9821]: Invalid user tara from 148.66.135.178 port 54922	2019-08-08 08:14:09
162.243.144.186	attackspam	12191/tcp 139/tcp 8140/tcp... [2019-06-06/08-07]62pkt,49pt.(tcp),3pt.(udp)	2019-08-08 08:34:53
23.129.64.207	attackspam	2019-08-07T23:27:44.056719abusebot-6.cloudsearch.cf sshd\[22694\]: Invalid user Administrator from 23.129.64.207 port 42534	2019-08-08 08:27:55

Recently Reported IPs

42.156.139.220	180.76.198.123	106.11.152.82	180.76.40.84
169.229.158.245	211.199.112.28	194.31.98.244	98.229.51.137
175.137.78.183	59.13.252.171	183.211.83.6	180.76.239.157
169.229.204.162	180.76.101.227	180.76.227.205	169.229.226.4
169.229.197.69	20.226.46.159	202.95.12.121	165.227.89.110