219.140.117.163

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
219.140.117.221	attackbots	Unauthorized connection attempt detected from IP address 219.140.117.221 to port 81 [T]	2020-01-27 17:21:45
219.140.117.27	attack	Unauthorized connection attempt detected from IP address 219.140.117.27 to port 9090 [T]	2020-01-10 08:13:14
219.140.117.99	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5434ca08a91aebb1 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:22:09
219.140.117.141	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 541035b6bf9eeaf0 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:30:37
219.140.117.210	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540fdf51fa05e811 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:03:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.140.117.163
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45523
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;219.140.117.163.		IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 20:31:29 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 163.117.140.219.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 163.117.140.219.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
60.15.67.178	attackbots	$f2bV_matches	2020-07-06 20:04:06
128.199.143.89	attackbots	$f2bV_matches	2020-07-06 19:28:59
137.83.96.107	attack	Brute forcing email accounts	2020-07-06 19:54:40
172.104.112.228	attack	25589/tcp 19535/tcp 23835/tcp... [2020-06-22/07-06]48pkt,16pt.(tcp)	2020-07-06 20:04:37
13.71.134.242	attackbotsspam	Brute forcing email accounts	2020-07-06 19:54:12
113.187.111.7	attackspambots	firewall-block, port(s): 445/tcp	2020-07-06 19:14:42
146.0.41.70	attackbotsspam	Jul 6 07:42:43 bchgang sshd[18444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.41.70 Jul 6 07:42:45 bchgang sshd[18444]: Failed password for invalid user dev from 146.0.41.70 port 57300 ssh2 Jul 6 07:45:54 bchgang sshd[18497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.0.41.70 ...	2020-07-06 19:52:47
132.232.6.207	attackspambots	SSH Login Bruteforce	2020-07-06 19:39:29
139.59.3.170	attackspam	Jul 6 13:57:27 srv sshd[7570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.3.170	2020-07-06 19:59:52
61.177.172.102	attack	Jul 6 04:07:19 dignus sshd[12657]: Failed password for root from 61.177.172.102 port 39376 ssh2 Jul 6 04:07:22 dignus sshd[12657]: Failed password for root from 61.177.172.102 port 39376 ssh2 Jul 6 04:07:24 dignus sshd[12657]: Failed password for root from 61.177.172.102 port 39376 ssh2 Jul 6 04:07:26 dignus sshd[12684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root Jul 6 04:07:29 dignus sshd[12684]: Failed password for root from 61.177.172.102 port 64447 ssh2 ...	2020-07-06 19:09:34
36.81.198.112	attack	[Mon Jul 06 10:47:31.357452 2020] [:error] [pid 8388:tid 140335205041920] [client 36.81.198.112:50748] [client 36.81.198.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v3.js"] [unique_id "XwKe0w@SSZL6BNEesuZUwQABwwE"] ...	2020-07-06 19:56:31
220.132.81.86	attackbotsspam	[MK-Root1] Blocked by UFW	2020-07-06 19:09:02
141.98.10.199	attack	SSH Brute-Force reported by Fail2Ban	2020-07-06 20:10:23
111.231.121.62	attack	2020-07-06T09:02:59.302133dmca.cloudsearch.cf sshd[1447]: Invalid user qno from 111.231.121.62 port 49014 2020-07-06T09:02:59.308272dmca.cloudsearch.cf sshd[1447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.121.62 2020-07-06T09:02:59.302133dmca.cloudsearch.cf sshd[1447]: Invalid user qno from 111.231.121.62 port 49014 2020-07-06T09:03:01.053859dmca.cloudsearch.cf sshd[1447]: Failed password for invalid user qno from 111.231.121.62 port 49014 ssh2 2020-07-06T09:05:33.325117dmca.cloudsearch.cf sshd[1472]: Invalid user sysadm from 111.231.121.62 port 47432 2020-07-06T09:05:33.330445dmca.cloudsearch.cf sshd[1472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.121.62 2020-07-06T09:05:33.325117dmca.cloudsearch.cf sshd[1472]: Invalid user sysadm from 111.231.121.62 port 47432 2020-07-06T09:05:35.220963dmca.cloudsearch.cf sshd[1472]: Failed password for invalid user sysadm from 111.231.121.62 ...	2020-07-06 20:03:24
190.199.243.19	attackspam	1594007295 - 07/06/2020 05:48:15 Host: 190.199.243.19/190.199.243.19 Port: 445 TCP Blocked	2020-07-06 19:12:09

Recently Reported IPs

91.237.207.52	113.73.7.106	217.218.243.165	103.107.114.198
222.188.110.138	170.80.171.15	220.134.102.116	187.113.63.219
217.218.137.74	176.214.92.41	103.103.53.61	125.47.104.44
35.246.240.169	190.124.160.218	221.231.53.136	187.167.73.29
169.255.189.106	14.21.7.11	106.11.152.121	189.183.98.59