42.156.138.102

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): None

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
42.156.138.94	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 541577b5aee6e821 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:46:31
42.156.138.40	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54157a78e8eeeb99 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:29:54

类型

评论内容

时间

42.156.138.94

attackbotsspam

The IP has triggered Cloudflare WAF. CF-Ray: 541577b5aee6e821 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:46:31

42.156.138.40

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54157a78e8eeeb99 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:29:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.138.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13835
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.156.138.102.			IN	A

;; AUTHORITY SECTION:
.			535	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062601 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 27 03:14:12 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

102.138.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-138-102.crawl.sm.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
102.138.156.42.in-addr.arpa	name = shenmaspider-42-156-138-102.crawl.sm.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
125.214.60.144	attackbots	2019-11-20 07:09:49 H=([125.214.60.144]) [125.214.60.144]:64653 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.214.60.144) 2019-11-20 07:09:49 unexpected disconnection while reading SMTP command from ([125.214.60.144]) [125.214.60.144]:64653 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 07:18:18 H=([125.214.60.144]) [125.214.60.144]:50125 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.214.60.144) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.214.60.144	2019-11-20 20:07:41
125.212.182.159	attack	2019-11-20 06:14:28 H=([125.212.182.159]) [125.212.182.159]:63237 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.212.182.159) 2019-11-20 06:14:29 unexpected disconnection while reading SMTP command from ([125.212.182.159]) [125.212.182.159]:63237 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-11-20 07:14:32 H=([125.212.182.159]) [125.212.182.159]:17354 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.212.182.159) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.212.182.159	2019-11-20 19:42:50
112.216.93.141	attackspam	Nov 20 02:42:42 plusreed sshd[13126]: Invalid user miah from 112.216.93.141 ...	2019-11-20 19:29:26
188.49.103.184	attackbots	2019-11-20 06:44:49 H=([188.49.103.184]) [188.49.103.184]:41315 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=188.49.103.184) 2019-11-20 06:44:50 unexpected disconnection while reading SMTP command from ([188.49.103.184]) [188.49.103.184]:41315 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-11-20 07:17:55 H=([188.49.103.184]) [188.49.103.184]:49979 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=188.49.103.184) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=188.49.103.184	2019-11-20 20:05:50
193.87.1.1	attackbotsspam	Nov 20 14:30:12 server sshd\[27938\]: Invalid user holm from 193.87.1.1 Nov 20 14:30:12 server sshd\[27938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=auriga.ta3.sk Nov 20 14:30:15 server sshd\[27938\]: Failed password for invalid user holm from 193.87.1.1 port 59586 ssh2 Nov 20 14:45:17 server sshd\[31656\]: Invalid user toshiter from 193.87.1.1 Nov 20 14:45:17 server sshd\[31656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=auriga.ta3.sk ...	2019-11-20 20:09:47
45.70.247.224	attack	Unauthorised access (Nov 20) SRC=45.70.247.224 LEN=44 PREC=0x20 TTL=47 ID=32205 TCP DPT=23 WINDOW=37035 SYN	2019-11-20 19:57:44
129.122.180.216	attack	2019-11-20 06:59:04 H=lad-cust-129-122-180-216.zapfibra.co.ao [129.122.180.216]:16349 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=129.122.180.216) 2019-11-20 06:59:04 unexpected disconnection while reading SMTP command from lad-cust-129-122-180-216.zapfibra.co.ao [129.122.180.216]:16349 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-11-20 07:16:28 H=lad-cust-129-122-180-216.zapfibra.co.ao [129.122.180.216]:19336 I=[10.100.18.25]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=129.122.180.216) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=129.122.180.216	2019-11-20 19:51:43
112.45.122.8	attackbotsspam	Nov 20 11:26:49 andromeda postfix/smtpd\[48091\]: warning: unknown\[112.45.122.8\]: SASL LOGIN authentication failed: authentication failure Nov 20 11:26:54 andromeda postfix/smtpd\[37957\]: warning: unknown\[112.45.122.8\]: SASL LOGIN authentication failed: authentication failure Nov 20 11:26:58 andromeda postfix/smtpd\[47577\]: warning: unknown\[112.45.122.8\]: SASL LOGIN authentication failed: authentication failure Nov 20 11:27:04 andromeda postfix/smtpd\[48091\]: warning: unknown\[112.45.122.8\]: SASL LOGIN authentication failed: authentication failure Nov 20 11:27:09 andromeda postfix/smtpd\[44118\]: warning: unknown\[112.45.122.8\]: SASL LOGIN authentication failed: authentication failure	2019-11-20 19:39:35
116.110.105.160	attackbots	Automatic report - Port Scan Attack	2019-11-20 19:37:20
81.28.100.133	attackspam	2019-11-20T07:23:29.204553stark.klein-stark.info postfix/smtpd\[6518\]: NOQUEUE: reject: RCPT from dazzling.shrewdmhealth.com\[81.28.100.133\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\ ...	2019-11-20 19:50:36
123.134.159.186	attackspambots	badbot	2019-11-20 19:30:04
213.32.65.111	attack	Nov 19 23:09:44 web9 sshd\[21722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.65.111 user=root Nov 19 23:09:46 web9 sshd\[21722\]: Failed password for root from 213.32.65.111 port 58182 ssh2 Nov 19 23:13:19 web9 sshd\[22188\]: Invalid user jawana from 213.32.65.111 Nov 19 23:13:19 web9 sshd\[22188\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.65.111 Nov 19 23:13:21 web9 sshd\[22188\]: Failed password for invalid user jawana from 213.32.65.111 port 43234 ssh2	2019-11-20 20:01:41
220.94.205.226	attackbotsspam	Nov 20 10:40:32 XXX sshd[59664]: Invalid user ofsaa from 220.94.205.226 port 35522	2019-11-20 20:11:52
219.91.254.52	attackspambots	Unauthorised access (Nov 20) SRC=219.91.254.52 LEN=48 PREC=0x20 TTL=50 ID=3675 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-20 20:06:36
122.14.216.49	attackbotsspam	Nov 20 07:49:44 microserver sshd[47647]: Invalid user erdal from 122.14.216.49 port 61943 Nov 20 07:49:44 microserver sshd[47647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.14.216.49 Nov 20 07:49:46 microserver sshd[47647]: Failed password for invalid user erdal from 122.14.216.49 port 61943 ssh2 Nov 20 07:55:56 microserver sshd[48782]: Invalid user camp4 from 122.14.216.49 port 14459 Nov 20 07:55:56 microserver sshd[48782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.14.216.49 Nov 20 08:08:08 microserver sshd[50291]: Invalid user gomber from 122.14.216.49 port 47449 Nov 20 08:08:08 microserver sshd[50291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.14.216.49 Nov 20 08:08:11 microserver sshd[50291]: Failed password for invalid user gomber from 122.14.216.49 port 47449 ssh2 Nov 20 08:14:23 microserver sshd[51017]: Invalid user suthurst from 122.14.216.49 port 63944	2019-11-20 19:58:37

最近上报的IP列表

169.229.124.128	169.229.77.196	169.229.77.207	169.229.78.0
169.229.79.14	169.229.78.210	169.229.78.254	169.229.79.188
169.229.80.56	169.229.80.160	169.229.80.174	169.229.124.146
169.229.105.181	169.229.125.18	169.229.124.244	169.229.127.107
169.229.127.252	169.229.128.67	169.229.128.42	169.229.129.103