111.162.140.149

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
111.162.140.216	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5435b41c3cc4eb9d \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:07:51

Type

Details

Datetime

111.162.140.216

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5435b41c3cc4eb9d | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 01:07:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.162.140.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30978
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;111.162.140.149.		IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 160 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 00:30:18 CST 2022
;; MSG SIZE  rcvd: 108

Host info

149.140.162.111.in-addr.arpa domain name pointer dns149.online.tj.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
149.140.162.111.in-addr.arpa	name = dns149.online.tj.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
174.19.98.226	attack	SSH/22 MH Probe, BF, Hack -	2020-08-20 20:05:42
180.76.161.77	attack	Aug 20 07:47:45 marvibiene sshd[25942]: Failed password for root from 180.76.161.77 port 61962 ssh2 Aug 20 07:48:45 marvibiene sshd[25983]: Failed password for root from 180.76.161.77 port 39828 ssh2 Aug 20 07:49:45 marvibiene sshd[26027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.161.77	2020-08-20 19:49:30
161.35.100.131	attack	Aug 19 01:17:48 km20725 sshd[25828]: Did not receive identification string from 161.35.100.131 port 37598 Aug 19 01:18:05 km20725 sshd[25876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.100.131 user=r.r Aug 19 01:18:07 km20725 sshd[25876]: Failed password for r.r from 161.35.100.131 port 56024 ssh2 Aug 19 01:18:09 km20725 sshd[25876]: Received disconnect from 161.35.100.131 port 56024:11: Normal Shutdown, Thank you for playing [preauth] Aug 19 01:18:09 km20725 sshd[25876]: Disconnected from authenticating user r.r 161.35.100.131 port 56024 [preauth] Aug 19 01:18:21 km20725 sshd[25885]: Invalid user oracle from 161.35.100.131 port 52012 Aug 19 01:18:21 km20725 sshd[25885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.100.131 Aug 19 01:18:23 km20725 sshd[25885]: Failed password for invalid user oracle from 161.35.100.131 port 52012 ssh2 Aug 19 01:18:24 km20725 sshd[2588........ -------------------------------	2020-08-20 20:14:19
218.255.75.156	attackspam	20 attempts against mh-misbehave-ban on wood	2020-08-20 20:12:42
177.39.118.33	attack	$f2bV_matches	2020-08-20 19:38:31
213.158.29.179	attack	2020-08-19 UTC: (2x) - vbc(2x)	2020-08-20 19:37:23
111.224.53.9	attack	Unauthorized IMAP connection attempt	2020-08-20 19:55:29
138.204.24.69	attackspam	sshd: Failed password for invalid user .... from 138.204.24.69 port 38575 ssh2 (5 attempts)	2020-08-20 19:44:34
106.12.171.253	attackspambots	Aug 20 06:17:42 [host] sshd[5705]: Invalid user ma Aug 20 06:17:42 [host] sshd[5705]: pam_unix(sshd:a Aug 20 06:17:44 [host] sshd[5705]: Failed password	2020-08-20 19:52:08
37.228.255.140	attackspam	GET /xmlrpc.php HTTP/1.1	2020-08-20 19:56:47
162.247.74.201	attackspam	2020-08-20T06:47:30+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-08-20 19:40:44
116.228.160.20	attack	2020-08-20T12:44:02.783685galaxy.wi.uni-potsdam.de sshd[32759]: Invalid user rodney from 116.228.160.20 port 49874 2020-08-20T12:44:02.785799galaxy.wi.uni-potsdam.de sshd[32759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.160.20 2020-08-20T12:44:02.783685galaxy.wi.uni-potsdam.de sshd[32759]: Invalid user rodney from 116.228.160.20 port 49874 2020-08-20T12:44:04.896482galaxy.wi.uni-potsdam.de sshd[32759]: Failed password for invalid user rodney from 116.228.160.20 port 49874 ssh2 2020-08-20T12:47:19.801625galaxy.wi.uni-potsdam.de sshd[677]: Invalid user juliet from 116.228.160.20 port 47998 2020-08-20T12:47:19.806791galaxy.wi.uni-potsdam.de sshd[677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.160.20 2020-08-20T12:47:19.801625galaxy.wi.uni-potsdam.de sshd[677]: Invalid user juliet from 116.228.160.20 port 47998 2020-08-20T12:47:21.626874galaxy.wi.uni-potsdam.de sshd[677]: Failed pas ...	2020-08-20 19:41:16
93.90.217.149	attack	93.90.217.149 - - [20/Aug/2020:13:08:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.90.217.149 - - [20/Aug/2020:13:08:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.90.217.149 - - [20/Aug/2020:13:08:39 +0100] "POST /wp-login.php HTTP/1.1" 200 1887 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-20 20:17:53
78.128.113.118	attackspam	2020-08-20 14:14:43 dovecot_login authenticator failed for $\[78.128.113.118\]$ \[78.128.113.118\]: 535 Incorrect authentication data $set_id=forum@darkrp.com$ 2020-08-20 14:14:50 dovecot_login authenticator failed for $\[78.128.113.118\]$ \[78.128.113.118\]: 535 Incorrect authentication data 2020-08-20 14:14:59 dovecot_login authenticator failed for $\[78.128.113.118\]$ \[78.128.113.118\]: 535 Incorrect authentication data 2020-08-20 14:15:03 dovecot_login authenticator failed for $\[78.128.113.118\]$ \[78.128.113.118\]: 535 Incorrect authentication data 2020-08-20 14:15:15 dovecot_login authenticator failed for $\[78.128.113.118\]$ \[78.128.113.118\]: 535 Incorrect authentication data 2020-08-20 14:15:20 dovecot_login authenticator failed for $\[78.128.113.118\]$ \[78.128.113.118\]: 535 Incorrect authentication data 2020-08-20 14:15:25 dovecot_login authenticator failed for $\[78.128.113.118\]$ \[78.128.113.118\]: 535 Incorrect authentication data 2020-08-20 14:15:30 ...	2020-08-20 20:17:10
222.239.98.29	attackbotsspam	Portscan detected	2020-08-20 20:16:00

Recently Reported IPs

200.76.206.185	200.91.114.249	201.150.182.173	122.176.30.182
46.185.163.185	1.65.153.111	190.105.160.67	193.93.62.47
5.219.119.181	122.116.76.144	210.209.183.210	176.198.148.150
201.150.180.138	116.96.235.183	116.25.225.151	23.225.163.218
73.27.78.90	61.65.81.116	106.75.173.209	91.187.100.237