城市(city): unknown
省份(region): unknown
国家(country): China
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 42.156.139.7 | attackspambots | Automated report (2020-08-24T11:55:46+08:00). Misbehaving bot detected at this address. |
2020-08-24 13:08:11 |
| 42.156.139.151 | attackspambots | ICMP MH Probe, Scan /Distributed - |
2020-02-13 22:26:41 |
| 42.156.139.60 | attackspambots | The IP has triggered Cloudflare WAF. CF-Ray: 5410f168bac7ebd9 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: theme-suka.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 06:59:11 |
| 42.156.139.16 | attackspam | The IP has triggered Cloudflare WAF. CF-Ray: 5413b9b13abceef2 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 04:20:39 |
| 42.156.139.46 | attackspambots | The IP has triggered Cloudflare WAF. CF-Ray: 5415cf340f7d7704 | WAF_Rule_ID: f6705d4933894b0583ba1042603083f6 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 02:08:22 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.156.139.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52973
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;42.156.139.93. IN A
;; AUTHORITY SECTION:
. 530 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022062601 1800 900 604800 86400
;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 27 02:38:22 CST 2022
;; MSG SIZE rcvd: 106
93.139.156.42.in-addr.arpa domain name pointer shenmaspider-42-156-139-93.crawl.sm.cn.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
93.139.156.42.in-addr.arpa name = shenmaspider-42-156-139-93.crawl.sm.cn.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 167.99.66.13 | attackbots | [munged]::443 167.99.66.13 - - [28/Feb/2020:05:50:40 +0100] "POST /[munged]: HTTP/1.1" 200 5847 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:50:56 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:51:12 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:51:28 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:51:44 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:52:00 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:52:16 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:52:32 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:52:48 +0100] "POST /[munged]: HTTP/1.1" 200 5789 "-" "-" [munged]::443 167.99.66.13 - - [28/Feb/2020:05:53:04 +0100] "POST /[munged]: HTTP/1.1" 2 |
2020-02-28 17:00:48 |
| 181.112.150.243 | attackbotsspam | Honeypot attack, port: 445, PTR: 243.150.112.181.static.anycast.cnt-grms.ec. |
2020-02-28 16:20:39 |
| 107.181.59.84 | attackbotsspam | [portscan] tcp/23 [TELNET] [scan/connect: 2 time(s)] *(RWIN=18740)(02281053) |
2020-02-28 16:27:52 |
| 91.121.110.97 | attackbots | Feb 27 22:30:13 hanapaa sshd\[7843\]: Invalid user frodo from 91.121.110.97 Feb 27 22:30:14 hanapaa sshd\[7843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns350624.ip-91-121-110.eu Feb 27 22:30:16 hanapaa sshd\[7843\]: Failed password for invalid user frodo from 91.121.110.97 port 53156 ssh2 Feb 27 22:35:57 hanapaa sshd\[8299\]: Invalid user dan from 91.121.110.97 Feb 27 22:35:57 hanapaa sshd\[8299\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns350624.ip-91-121-110.eu |
2020-02-28 16:52:39 |
| 60.50.163.228 | attackbots | port scan and connect, tcp 23 (telnet) |
2020-02-28 16:39:36 |
| 92.222.15.203 | attackbots | Feb 27 21:12:28 web1 sshd\[27920\]: Invalid user wei from 92.222.15.203 Feb 27 21:12:28 web1 sshd\[27920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.15.203 Feb 27 21:12:30 web1 sshd\[27920\]: Failed password for invalid user wei from 92.222.15.203 port 50654 ssh2 Feb 27 21:16:57 web1 sshd\[28323\]: Invalid user omura from 92.222.15.203 Feb 27 21:16:57 web1 sshd\[28323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.15.203 |
2020-02-28 16:21:27 |
| 95.172.15.186 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-02-28 16:26:04 |
| 94.158.7.112 | attackbots | Honeypot attack, port: 5555, PTR: 94x158x7x112.dynamic.irkutsk.ertelecom.ru. |
2020-02-28 16:46:39 |
| 36.82.30.249 | attackspam | Honeypot attack, port: 81, PTR: PTR record not found |
2020-02-28 16:58:18 |
| 167.71.202.235 | attackspambots | Feb 28 09:12:31 silence02 sshd[24829]: Failed password for root from 167.71.202.235 port 44598 ssh2 Feb 28 09:21:18 silence02 sshd[25395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.202.235 Feb 28 09:21:20 silence02 sshd[25395]: Failed password for invalid user ghost from 167.71.202.235 port 33606 ssh2 |
2020-02-28 16:43:24 |
| 103.217.123.220 | attackbots | 1582865606 - 02/28/2020 05:53:26 Host: 103.217.123.220/103.217.123.220 Port: 445 TCP Blocked |
2020-02-28 16:41:00 |
| 222.186.175.140 | attackbotsspam | Feb 28 09:50:43 legacy sshd[21515]: Failed password for root from 222.186.175.140 port 2316 ssh2 Feb 28 09:50:56 legacy sshd[21515]: error: maximum authentication attempts exceeded for root from 222.186.175.140 port 2316 ssh2 [preauth] Feb 28 09:51:02 legacy sshd[21519]: Failed password for root from 222.186.175.140 port 3546 ssh2 ... |
2020-02-28 16:54:21 |
| 60.168.128.2 | attack | Feb 28 02:03:55 server sshd\[7661\]: Failed password for invalid user patrol from 60.168.128.2 port 41454 ssh2 Feb 28 08:05:10 server sshd\[14151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.168.128.2 user=root Feb 28 08:05:11 server sshd\[14151\]: Failed password for root from 60.168.128.2 port 43962 ssh2 Feb 28 08:10:01 server sshd\[14663\]: Invalid user tomcat from 60.168.128.2 Feb 28 08:10:01 server sshd\[14663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.168.128.2 ... |
2020-02-28 17:01:56 |
| 134.209.156.57 | attackbotsspam | Feb 27 21:58:06 tdfoods sshd\[10438\]: Invalid user bot from 134.209.156.57 Feb 27 21:58:06 tdfoods sshd\[10438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 Feb 27 21:58:08 tdfoods sshd\[10438\]: Failed password for invalid user bot from 134.209.156.57 port 38924 ssh2 Feb 27 22:04:36 tdfoods sshd\[11073\]: Invalid user hadoop from 134.209.156.57 Feb 27 22:04:36 tdfoods sshd\[11073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.156.57 |
2020-02-28 16:18:41 |
| 24.115.185.141 | attackbots | Honeypot attack, port: 81, PTR: 24.115.185.141.res-cmts.mlf.ptd.net. |
2020-02-28 16:55:24 |