42.156.139.173

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
42.156.139.7	attackspambots	Automated report (2020-08-24T11:55:46+08:00). Misbehaving bot detected at this address.	2020-08-24 13:08:11
42.156.139.151	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-02-13 22:26:41
42.156.139.60	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5410f168bac7ebd9 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:59:11
42.156.139.16	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5413b9b13abceef2 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:20:39
42.156.139.46	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415cf340f7d7704 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:08:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.139.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21100
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.156.139.173.			IN	A

;; AUTHORITY SECTION:
.			519	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062700 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 27 19:37:22 CST 2022
;; MSG SIZE  rcvd: 107

Host info

173.139.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-139-173.crawl.sm.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
173.139.156.42.in-addr.arpa	name = shenmaspider-42-156-139-173.crawl.sm.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.143.73.93	attackspambots	Jul 7 17:00:45 mail.srvfarm.net postfix/smtpd[2452524]: warning: unknown[185.143.73.93]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 17:01:19 mail.srvfarm.net postfix/smtpd[2456301]: warning: unknown[185.143.73.93]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 17:01:59 mail.srvfarm.net postfix/smtpd[2452524]: warning: unknown[185.143.73.93]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 17:02:37 mail.srvfarm.net postfix/smtpd[2456383]: warning: unknown[185.143.73.93]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 17:03:17 mail.srvfarm.net postfix/smtpd[2452223]: warning: unknown[185.143.73.93]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-07-08 00:40:14
139.199.204.61	attackbotsspam	Invalid user lj from 139.199.204.61 port 59399	2020-07-08 00:38:41
112.85.42.178	attackspam	2020-07-07T19:14:25.707934lavrinenko.info sshd[4201]: Failed password for root from 112.85.42.178 port 20559 ssh2 2020-07-07T19:14:30.353942lavrinenko.info sshd[4201]: Failed password for root from 112.85.42.178 port 20559 ssh2 2020-07-07T19:14:34.208786lavrinenko.info sshd[4201]: Failed password for root from 112.85.42.178 port 20559 ssh2 2020-07-07T19:14:37.600287lavrinenko.info sshd[4201]: Failed password for root from 112.85.42.178 port 20559 ssh2 2020-07-07T19:14:42.261212lavrinenko.info sshd[4201]: Failed password for root from 112.85.42.178 port 20559 ssh2 ...	2020-07-08 00:24:44
194.61.24.94	attackbots	194.61.24.94 - - [07/Jul/2020:13:11:49 +0000] "GET /adminer-4.4.0-mysql-en.php HTTP/1.1" 404 224 "-" "-"	2020-07-08 00:10:48
115.84.91.63	attackbotsspam	2020-07-07T16:02:57.977865abusebot-2.cloudsearch.cf sshd[20175]: Invalid user ben from 115.84.91.63 port 33768 2020-07-07T16:02:57.983716abusebot-2.cloudsearch.cf sshd[20175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.91.63 2020-07-07T16:02:57.977865abusebot-2.cloudsearch.cf sshd[20175]: Invalid user ben from 115.84.91.63 port 33768 2020-07-07T16:02:59.525204abusebot-2.cloudsearch.cf sshd[20175]: Failed password for invalid user ben from 115.84.91.63 port 33768 ssh2 2020-07-07T16:05:21.711009abusebot-2.cloudsearch.cf sshd[20189]: Invalid user caesar from 115.84.91.63 port 40722 2020-07-07T16:05:21.726230abusebot-2.cloudsearch.cf sshd[20189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.84.91.63 2020-07-07T16:05:21.711009abusebot-2.cloudsearch.cf sshd[20189]: Invalid user caesar from 115.84.91.63 port 40722 2020-07-07T16:05:23.703836abusebot-2.cloudsearch.cf sshd[20189]: Failed password f ...	2020-07-08 00:13:12
147.50.135.171	attackbotsspam	Jul 7 16:59:58 gw1 sshd[29197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.50.135.171 Jul 7 17:00:00 gw1 sshd[29197]: Failed password for invalid user ofbiz from 147.50.135.171 port 49444 ssh2 ...	2020-07-08 00:11:52
159.65.130.168	attack	$f2bV_matches	2020-07-08 00:45:56
192.241.217.151	attackspambots	Lines containing failures of 192.241.217.151 2020-07-07 15:13:47 SMTP protocol synchronization error (input sent whostnamehout wahostnameing for greeting): rejected connection from H=[192.241.217.151] input="EHLO zg-0626a-102 " ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.241.217.151	2020-07-08 00:39:49
118.25.36.79	attackbots	Jul 7 12:58:45 ajax sshd[12660]: Failed password for root from 118.25.36.79 port 34452 ssh2	2020-07-08 00:44:19
178.62.186.49	attackbotsspam	Jul 7 12:06:47 Tower sshd[43075]: Connection from 178.62.186.49 port 38752 on 192.168.10.220 port 22 rdomain "" Jul 7 12:06:50 Tower sshd[43075]: Invalid user zhanggefei from 178.62.186.49 port 38752 Jul 7 12:06:50 Tower sshd[43075]: error: Could not get shadow information for NOUSER Jul 7 12:06:50 Tower sshd[43075]: Failed password for invalid user zhanggefei from 178.62.186.49 port 38752 ssh2 Jul 7 12:06:50 Tower sshd[43075]: Received disconnect from 178.62.186.49 port 38752:11: Bye Bye [preauth] Jul 7 12:06:50 Tower sshd[43075]: Disconnected from invalid user zhanggefei 178.62.186.49 port 38752 [preauth]	2020-07-08 00:17:58
14.192.213.244	attack	14.192.213.244 - - [07/Jul/2020:15:32:49 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 14.192.213.244 - - [07/Jul/2020:15:32:50 +0100] "POST /wp-login.php HTTP/1.1" 200 5808 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 14.192.213.244 - - [07/Jul/2020:15:51:35 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" ...	2020-07-08 00:24:09
49.235.151.50	attackbotsspam	2020-07-07T15:41:56.394648amanda2.illicoweb.com sshd\[26988\]: Invalid user word from 49.235.151.50 port 38836 2020-07-07T15:41:56.396848amanda2.illicoweb.com sshd\[26988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.151.50 2020-07-07T15:41:58.390433amanda2.illicoweb.com sshd\[26988\]: Failed password for invalid user word from 49.235.151.50 port 38836 ssh2 2020-07-07T15:46:33.557262amanda2.illicoweb.com sshd\[27454\]: Invalid user user from 49.235.151.50 port 51460 2020-07-07T15:46:33.562297amanda2.illicoweb.com sshd\[27454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.151.50 ...	2020-07-08 00:12:09
51.140.253.102	attack	Brute forcing email accounts	2020-07-08 00:16:29
178.88.254.76	attack	178.88.254.76 - - [07/Jul/2020:12:59:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2034 "http://wpeagleonepage.com/wp-login.php" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 178.88.254.76 - - [07/Jul/2020:12:59:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1991 "http://wpeagleonepage.com/wp-login.php" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 178.88.254.76 - - [07/Jul/2020:12:59:54 +0100] "POST /wp-login.php HTTP/1.1" 200 1991 "http://wpeagleonepage.com/wp-login.php" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" ...	2020-07-08 00:17:33
193.112.137.231	attackbots	SSH Attack	2020-07-08 00:43:50

Recently Reported IPs

122.169.96.100	180.76.139.156	17.48.40.23	180.76.134.128
106.111.29.3	106.111.12.248	106.111.12.228	137.226.234.168
192.241.216.106	182.23.67.99	42.156.138.250	137.226.29.11
169.229.80.42	169.229.107.128	169.229.106.57	169.229.107.59
169.229.107.127	169.229.109.2	137.226.250.201	106.75.67.240