42.156.139.7 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Zhejiang Taobao Network Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Automated report (2020-08-24T11:55:46+08:00). Misbehaving bot detected at this address.	2020-08-24 13:08:11

Comments on same subnet:

IP	Type	Details	Datetime
42.156.139.151	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-02-13 22:26:41
42.156.139.60	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5410f168bac7ebd9 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:59:11
42.156.139.16	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5413b9b13abceef2 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:20:39
42.156.139.46	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415cf340f7d7704 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:08:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.139.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51118
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.156.139.7.			IN	A

;; AUTHORITY SECTION:
.			165	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082301 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 24 13:08:06 CST 2020
;; MSG SIZE  rcvd: 116

Host info

7.139.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-139-7.crawl.sm.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
7.139.156.42.in-addr.arpa	name = shenmaspider-42-156-139-7.crawl.sm.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.130.192.242	attack	May 28 04:56:14 mockhub sshd[19164]: Failed password for root from 203.130.192.242 port 45813 ssh2 May 28 05:04:14 mockhub sshd[19501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.192.242 ...	2020-05-28 20:11:57
142.93.114.213	attackbotsspam	May 28 11:57:05 ip-172-31-61-156 sshd[17281]: Failed password for root from 142.93.114.213 port 38496 ssh2 May 28 12:00:30 ip-172-31-61-156 sshd[17449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.114.213 user=root May 28 12:00:32 ip-172-31-61-156 sshd[17449]: Failed password for root from 142.93.114.213 port 44262 ssh2 May 28 12:03:50 ip-172-31-61-156 sshd[17572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.114.213 user=root May 28 12:03:53 ip-172-31-61-156 sshd[17572]: Failed password for root from 142.93.114.213 port 50026 ssh2 ...	2020-05-28 20:26:23
106.13.66.103	attackbotsspam	2020-05-28T14:23:05.527475billing sshd[19316]: Failed password for root from 106.13.66.103 port 60818 ssh2 2020-05-28T14:25:57.638479billing sshd[26060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.66.103 user=root 2020-05-28T14:25:59.732259billing sshd[26060]: Failed password for root from 106.13.66.103 port 37318 ssh2 ...	2020-05-28 19:52:57
222.186.31.166	attackbotsspam	2020-05-28T11:40:57.372841shield sshd\[1109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root 2020-05-28T11:40:59.230899shield sshd\[1109\]: Failed password for root from 222.186.31.166 port 31370 ssh2 2020-05-28T11:41:01.914927shield sshd\[1109\]: Failed password for root from 222.186.31.166 port 31370 ssh2 2020-05-28T11:41:03.679862shield sshd\[1109\]: Failed password for root from 222.186.31.166 port 31370 ssh2 2020-05-28T11:41:21.798579shield sshd\[1152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root	2020-05-28 19:47:10
14.134.189.204	attackbotsspam	SSH login attempts.	2020-05-28 19:51:02
49.233.42.247	attackbots	Invalid user ts3 from 49.233.42.247 port 43316	2020-05-28 19:48:48
121.254.94.19	attackspambots	SSH login attempts.	2020-05-28 20:00:02
189.28.165.140	attackspambots	May 28 12:49:14 sso sshd[25773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.28.165.140 May 28 12:49:16 sso sshd[25773]: Failed password for invalid user guest from 189.28.165.140 port 34556 ssh2 ...	2020-05-28 19:58:14
114.242.139.19	attackspam	May 28 13:04:00 ajax sshd[24103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.242.139.19 May 28 13:04:02 ajax sshd[24103]: Failed password for invalid user kelly from 114.242.139.19 port 54136 ssh2	2020-05-28 20:18:16
45.142.195.7	attackbots	May 28 14:27:40 srv01 postfix/smtpd\[1016\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 14:27:51 srv01 postfix/smtpd\[8522\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 14:27:54 srv01 postfix/smtpd\[13853\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 14:27:55 srv01 postfix/smtpd\[1016\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 14:28:36 srv01 postfix/smtpd\[1016\]: warning: unknown\[45.142.195.7\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-28 20:29:20
60.187.232.57	attack	IP 60.187.232.57 attacked honeypot on port: 1433 at 5/28/2020 8:54:04 AM	2020-05-28 19:58:01
177.157.222.138	attackbots	Automatic report - Port Scan Attack	2020-05-28 20:23:38
194.61.24.30	attackbots	SSH Scan	2020-05-28 19:52:43
134.209.7.179	attackspambots	Repeated brute force against a port	2020-05-28 20:22:37
64.225.47.162	attackbotsspam	May 28 09:00:10 firewall sshd[4808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.47.162 user=root May 28 09:00:12 firewall sshd[4808]: Failed password for root from 64.225.47.162 port 47010 ssh2 May 28 09:03:55 firewall sshd[4876]: Invalid user guest1 from 64.225.47.162 ...	2020-05-28 20:24:43

Recently Reported IPs

87.44.4.233	46.209.214.208	190.186.250.245	136.186.48.68
183.190.66.137	207.58.145.116	130.31.111.147	175.24.87.22
94.46.15.22	14.175.99.222	202.179.187.18	113.88.83.34
68.170.74.254	122.51.74.100	159.69.73.37	103.95.42.109
41.33.188.148	187.66.59.193	61.164.52.180	14.232.243.96