119.39.47.161 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Hunan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54321be24e6b9382 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:46:28

Type

Details

Datetime

attackbotsspam

The IP has triggered Cloudflare WAF. CF-Ray: 54321be24e6b9382 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 06:46:28

Comments on same subnet:

IP	Type	Details	Datetime
119.39.47.104	attackspam	Web Server Scan. RayID: 58e1905d0f5d02ab, UA: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36, Country: CN	2020-05-21 04:05:11
119.39.47.181	attackbots	Unauthorized connection attempt detected from IP address 119.39.47.181 to port 1194 [T]	2020-05-20 11:56:22
119.39.47.158	attackspambots	Unauthorized connection attempt detected from IP address 119.39.47.158 to port 8200 [T]	2020-05-09 04:03:51
119.39.47.182	attackbots	Fail2Ban Ban Triggered	2020-03-18 14:16:37
119.39.47.96	attack	Unauthorized connection attempt detected from IP address 119.39.47.96 to port 22 [J]	2020-03-03 02:22:01
119.39.47.145	attackspam	Unauthorized connection attempt detected from IP address 119.39.47.145 to port 3389 [J]	2020-03-02 21:32:41
119.39.47.251	attack	Unauthorized connection attempt detected from IP address 119.39.47.251 to port 3389 [J]	2020-03-02 21:32:12
119.39.47.45	attackspam	Unauthorized connection attempt detected from IP address 119.39.47.45 to port 22 [J]	2020-03-02 16:44:53
119.39.47.218	attack	Unauthorized connection attempt detected from IP address 119.39.47.218 to port 22 [J]	2020-03-02 15:02:49
119.39.47.206	attackspambots	Unauthorized connection attempt detected from IP address 119.39.47.206 to port 3097 [J]	2020-01-19 14:16:27
119.39.47.15	attack	Unauthorized connection attempt detected from IP address 119.39.47.15 to port 808 [J]	2020-01-14 18:00:28
119.39.47.92	attackspambots	Unauthorized connection attempt detected from IP address 119.39.47.92 to port 80 [J]	2020-01-14 15:43:27
119.39.47.231	attackspam	Unauthorized connection attempt detected from IP address 119.39.47.231 to port 802 [T]	2020-01-10 09:19:31
119.39.47.169	attackbots	Unauthorized connection attempt detected from IP address 119.39.47.169 to port 8001 [T]	2020-01-10 08:50:32
119.39.47.3	attackspambots	Unauthorized connection attempt detected from IP address 119.39.47.3 to port 8082	2020-01-04 09:25:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.39.47.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48363
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.39.47.161.			IN	A

;; AUTHORITY SECTION:
.			486	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 06:46:25 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 161.47.39.119.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 161.47.39.119.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.93.254.122	attackbots	Oct 8 22:32:36 jane sshd[771]: Failed password for root from 142.93.254.122 port 57012 ssh2 ...	2020-10-09 05:04:49
211.22.154.223	attack	$f2bV_matches	2020-10-09 05:04:25
80.251.216.109	attackspam	80.251.216.109 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 8 14:19:44 server5 sshd[14397]: Failed password for root from 106.12.69.35 port 48876 ssh2 Oct 8 14:20:08 server5 sshd[14522]: Failed password for root from 103.45.129.159 port 45418 ssh2 Oct 8 14:19:42 server5 sshd[14397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.69.35 user=root Oct 8 14:20:05 server5 sshd[14522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.129.159 user=root Oct 8 14:20:42 server5 sshd[14857]: Failed password for root from 80.251.216.109 port 37946 ssh2 Oct 8 14:19:14 server5 sshd[14046]: Failed password for root from 203.81.67.138 port 36551 ssh2 IP Addresses Blocked: 106.12.69.35 (CN/China/-) 103.45.129.159 (CN/China/-)	2020-10-09 05:02:41
103.110.89.148	attackbots	2020-10-09T02:00:39.659703hostname sshd[31094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.110.89.148 2020-10-09T02:00:39.640815hostname sshd[31094]: Invalid user vnc from 103.110.89.148 port 60158 2020-10-09T02:00:41.592555hostname sshd[31094]: Failed password for invalid user vnc from 103.110.89.148 port 60158 ssh2 ...	2020-10-09 04:50:13
37.120.198.197	attackbots	2020-10-07 23:07:11 dovecot_login authenticator failed for $WIN-25FFVSIPLS1$ \[37.120.198.197\]: 535 Incorrect authentication data $set_id=infoeozo$ 2020-10-07 23:07:11 H=$WIN-25FFVSIPLS1$ \[37.120.198.197\] sender verify fail for \: Unrouteable address 2020-10-07 23:07:11 H=$WIN-25FFVSIPLS1$ \[37.120.198.197\] F=\ rejected RCPT \: Sender verify failed 2020-10-07 23:07:23 dovecot_login authenticator failed for $WIN-25FFVSIPLS1$ \[37.120.198.197\]: 535 Incorrect authentication data $set_id=info$ 2020-10-07 23:07:23 H=$WIN-25FFVSIPLS1$ \[37.120.198.197\] F=\ rejected RCPT \: relay not permitted	2020-10-09 05:07:32
171.252.202.151	attackspam	Unauthorized connection attempt detected from IP address 171.252.202.151 to port 23 [T]	2020-10-09 05:07:54
111.121.78.79	attack	...	2020-10-09 05:18:16
210.12.130.161	attackspambots	IP 210.12.130.161 attacked honeypot on port: 1433 at 10/7/2020 1:46:22 PM	2020-10-09 04:44:47
165.227.176.208	attackbotsspam	Fail2Ban Ban Triggered	2020-10-09 05:19:20
27.77.237.200	attackbots	Auto Detect Rule! proto TCP (SYN), 27.77.237.200:44500->gjan.info:23, len 40	2020-10-09 04:48:50
114.224.178.217	attack	Oct 8 10:17:39 Tower sshd[6296]: Connection from 114.224.178.217 port 60886 on 192.168.10.220 port 22 rdomain "" Oct 8 10:17:43 Tower sshd[6296]: Failed password for root from 114.224.178.217 port 60886 ssh2 Oct 8 10:17:43 Tower sshd[6296]: Received disconnect from 114.224.178.217 port 60886:11: Bye Bye [preauth] Oct 8 10:17:43 Tower sshd[6296]: Disconnected from authenticating user root 114.224.178.217 port 60886 [preauth]	2020-10-09 05:05:13
180.167.240.210	attackbots	Brute-force attempt banned	2020-10-09 04:44:34
106.12.71.159	attackspam	Oct 8 20:06:24 host1 sshd[1594409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.71.159 user=root Oct 8 20:06:26 host1 sshd[1594409]: Failed password for root from 106.12.71.159 port 56632 ssh2 ...	2020-10-09 04:58:23
192.241.185.120	attackbots	2020-10-08T10:48:27.037269linuxbox-skyline sshd[50951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.185.120 user=root 2020-10-08T10:48:29.042664linuxbox-skyline sshd[50951]: Failed password for root from 192.241.185.120 port 40499 ssh2 ...	2020-10-09 05:16:10
117.220.5.49	attackspambots	Port Scan ...	2020-10-09 04:56:20

Recently Reported IPs

38.106.21.186	36.32.3.91	36.32.3.76	35.233.197.181
35.197.88.134	27.224.137.50	27.224.137.15	27.224.136.22
39.72.202.72	5.62.39.235	245.67.194.183	223.166.75.132
221.13.12.189	221.13.12.174	221.13.12.161	221.0.23.24
220.181.108.80	220.181.51.124	220.181.51.70	218.62.245.127