42.156.138.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
42.156.138.94	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 541577b5aee6e821 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:46:31
42.156.138.40	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54157a78e8eeeb99 \| WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:29:54

类型

评论内容

时间

42.156.138.94

attackbotsspam

The IP has triggered Cloudflare WAF. CF-Ray: 541577b5aee6e821 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:46:31

42.156.138.40

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54157a78e8eeeb99 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:29:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.138.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21547
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;42.156.138.140.			IN	A

;; AUTHORITY SECTION:
.			141	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022062600 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 26 22:57:17 CST 2022
;; MSG SIZE  rcvd: 107

HOST信息:

140.138.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-138-140.crawl.sm.cn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.138.156.42.in-addr.arpa	name = shenmaspider-42-156-138-140.crawl.sm.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.142.195.7	attack	smtp	2020-05-10 22:45:45
197.255.160.225	attackbotsspam	Brute-force attempt banned	2020-05-10 22:26:10
141.98.9.159	attackspam	May 10 16:22:01 srv01 sshd[24254]: Invalid user admin from 141.98.9.159 port 33671 May 10 16:22:01 srv01 sshd[24254]: Failed none for invalid user admin from 141.98.9.159 port 33671 ssh2 May 10 16:22:01 srv01 sshd[24254]: Invalid user admin from 141.98.9.159 port 33671 May 10 16:22:01 srv01 sshd[24254]: Failed none for invalid user admin from 141.98.9.159 port 33671 ssh2 May 10 16:22:01 srv01 sshd[24254]: Invalid user admin from 141.98.9.159 port 33671 May 10 16:22:01 srv01 sshd[24254]: Failed none for invalid user admin from 141.98.9.159 port 33671 ssh2 ...	2020-05-10 22:54:16
51.83.44.111	attack	May 10 21:59:16 web1 sshd[27569]: Invalid user may from 51.83.44.111 port 46704 May 10 21:59:16 web1 sshd[27569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.44.111 May 10 21:59:16 web1 sshd[27569]: Invalid user may from 51.83.44.111 port 46704 May 10 21:59:18 web1 sshd[27569]: Failed password for invalid user may from 51.83.44.111 port 46704 ssh2 May 10 22:11:18 web1 sshd[30862]: Invalid user postgres from 51.83.44.111 port 39752 May 10 22:11:18 web1 sshd[30862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.44.111 May 10 22:11:18 web1 sshd[30862]: Invalid user postgres from 51.83.44.111 port 39752 May 10 22:11:20 web1 sshd[30862]: Failed password for invalid user postgres from 51.83.44.111 port 39752 ssh2 May 10 22:14:09 web1 sshd[31504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.44.111 user=root May 10 22:14:12 web1 sshd[31504]: Faile ...	2020-05-10 22:18:11
218.92.0.145	attackspam	SSH/22 MH Probe, BF, Hack -	2020-05-10 22:23:04
58.69.175.201	attack	port scan and connect, tcp 80 (http)	2020-05-10 22:53:03
61.177.144.130	attackspambots	Brute-force attempt banned	2020-05-10 22:47:02
37.187.195.209	attackbots	$f2bV_matches	2020-05-10 22:19:53
24.243.96.89	attack	US_Charter_<177>1589112809 [1:2403318:57153] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 10 [Classification: Misc Attack] [Priority: 2]: {TCP} 24.243.96.89:34589	2020-05-10 22:57:27
120.148.222.243	attack	2020-05-10T13:53:44.844843shield sshd\[8907\]: Invalid user user from 120.148.222.243 port 56045 2020-05-10T13:53:44.849067shield sshd\[8907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.148.222.243 2020-05-10T13:53:46.558391shield sshd\[8907\]: Failed password for invalid user user from 120.148.222.243 port 56045 ssh2 2020-05-10T13:58:51.209004shield sshd\[10244\]: Invalid user postgres from 120.148.222.243 port 58937 2020-05-10T13:58:51.214184shield sshd\[10244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.148.222.243	2020-05-10 22:27:45
104.244.73.248	attackspambots	Telnet Server BruteForce Attack	2020-05-10 22:52:03
152.136.39.46	attackspambots	May 10 15:00:54 vpn01 sshd[7873]: Failed password for root from 152.136.39.46 port 60802 ssh2 ...	2020-05-10 22:52:34
178.128.56.89	attackbotsspam	May 10 15:05:56 localhost sshd\[23385\]: Invalid user test from 178.128.56.89 May 10 15:05:56 localhost sshd\[23385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.56.89 May 10 15:05:58 localhost sshd\[23385\]: Failed password for invalid user test from 178.128.56.89 port 58870 ssh2 May 10 15:08:36 localhost sshd\[23437\]: Invalid user nina from 178.128.56.89 May 10 15:08:36 localhost sshd\[23437\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.56.89 ...	2020-05-10 22:15:50
211.75.202.208	attack	05/10/2020-08:14:14.775103 211.75.202.208 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-10 22:15:27
159.89.177.46	attackspam	May 10 16:14:38 lukav-desktop sshd\[6196\]: Invalid user tssrv from 159.89.177.46 May 10 16:14:38 lukav-desktop sshd\[6196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.177.46 May 10 16:14:40 lukav-desktop sshd\[6196\]: Failed password for invalid user tssrv from 159.89.177.46 port 44422 ssh2 May 10 16:16:58 lukav-desktop sshd\[6212\]: Invalid user ordplugins from 159.89.177.46 May 10 16:16:58 lukav-desktop sshd\[6212\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.177.46	2020-05-10 22:33:48

最近上报的IP列表

42.156.137.82	190.120.248.4	137.226.249.5	137.226.224.233
137.226.225.123	137.226.223.234	42.156.138.121	137.226.89.73
137.226.224.54	46.8.15.223	180.76.95.240	137.226.224.104
137.226.226.115	180.76.0.130	180.76.36.76	137.226.228.33
137.226.228.38	180.76.36.115	180.76.35.184	169.229.114.55