124.113.219.157

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Anhui Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 05:05:20

Comments on same subnet:

IP	Type	Details	Datetime
124.113.219.211	attack		2020-08-02 12:36:37
124.113.219.158	attackbotsspam	spam	2020-07-17 21:37:16
124.113.219.162	attack	Spammer	2020-06-06 00:25:59
124.113.219.208	attackspam	Mar 1 05:53:18 grey postfix/smtpd\[2694\]: NOQUEUE: reject: RCPT from unknown\[124.113.219.208\]: 554 5.7.1 Service unavailable\; Client host \[124.113.219.208\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[124.113.219.208\]\; from=\ to=\ proto=SMTP helo=\ ...	2020-03-01 18:02:01
124.113.219.145	attackspam	Feb 28 22:56:16 grey postfix/smtpd\[5605\]: NOQUEUE: reject: RCPT from unknown\[124.113.219.145\]: 554 5.7.1 Service unavailable\; Client host \[124.113.219.145\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[124.113.219.145\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-29 08:28:30
124.113.219.74	attackspambots	Feb 26 14:37:41 grey postfix/smtpd\[19375\]: NOQUEUE: reject: RCPT from unknown\[124.113.219.74\]: 554 5.7.1 Service unavailable\; Client host \[124.113.219.74\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[124.113.219.74\]\; from=\ to=\ proto=SMTP helo=\ ...	2020-02-26 22:56:22
124.113.219.201	attackbots	Dec 23 15:56:57 icecube postfix/smtpd[69815]: NOQUEUE: reject: RCPT from unknown[124.113.219.201]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=	2019-12-24 02:27:52
124.113.219.202	attack	Dec 12 15:36:24 grey postfix/smtpd\[14537\]: NOQUEUE: reject: RCPT from unknown\[124.113.219.202\]: 554 5.7.1 Service unavailable\; Client host \[124.113.219.202\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[124.113.219.202\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-13 06:32:52
124.113.219.251	attackspam	$f2bV_matches	2019-11-30 22:43:17
124.113.219.135	attackspambots	Brute force SMTP login attempts.	2019-11-03 04:55:38
124.113.219.68	attack	Postfix RBL failed	2019-10-13 14:26:27
124.113.219.240	attack	Brute force SMTP login attempts.	2019-09-23 15:04:16
124.113.219.165	attack	$f2bV_matches	2019-09-15 09:48:52
124.113.219.81	attack	IP: 124.113.219.81 ASN: AS4134 No.31 Jin-rong Street Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 14/09/2019 6:20:46 PM UTC	2019-09-15 04:45:07
124.113.219.12	attackspambots	$f2bV_matches	2019-08-07 05:15:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.113.219.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29925
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.113.219.157.		IN	A

;; AUTHORITY SECTION:
.			401	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111801 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 19 05:05:17 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 157.219.113.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.219.113.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.232.97.184	attackspambots	Oct 21 00:30:10 odroid64 sshd\[23344\]: User root from 49.232.97.184 not allowed because not listed in AllowUsers Oct 21 00:30:10 odroid64 sshd\[23344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.97.184 user=root Oct 21 00:30:13 odroid64 sshd\[23344\]: Failed password for invalid user root from 49.232.97.184 port 50464 ssh2 Oct 21 00:30:10 odroid64 sshd\[23344\]: User root from 49.232.97.184 not allowed because not listed in AllowUsers Oct 21 00:30:10 odroid64 sshd\[23344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.97.184 user=root Oct 21 00:30:13 odroid64 sshd\[23344\]: Failed password for invalid user root from 49.232.97.184 port 50464 ssh2 ...	2019-10-24 08:16:45
129.211.77.44	attackspam	Oct 23 18:08:56 friendsofhawaii sshd\[17809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.77.44 user=root Oct 23 18:08:58 friendsofhawaii sshd\[17809\]: Failed password for root from 129.211.77.44 port 48604 ssh2 Oct 23 18:13:32 friendsofhawaii sshd\[18274\]: Invalid user arbaiah from 129.211.77.44 Oct 23 18:13:32 friendsofhawaii sshd\[18274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.77.44 Oct 23 18:13:35 friendsofhawaii sshd\[18274\]: Failed password for invalid user arbaiah from 129.211.77.44 port 59232 ssh2	2019-10-24 12:14:03
37.187.17.58	attack	Oct 24 04:17:31 hcbbdb sshd\[26933\]: Invalid user pju from 37.187.17.58 Oct 24 04:17:31 hcbbdb sshd\[26933\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ks3352882.kimsufi.com Oct 24 04:17:33 hcbbdb sshd\[26933\]: Failed password for invalid user pju from 37.187.17.58 port 51941 ssh2 Oct 24 04:21:56 hcbbdb sshd\[27410\]: Invalid user appldisc from 37.187.17.58 Oct 24 04:21:56 hcbbdb sshd\[27410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ks3352882.kimsufi.com	2019-10-24 12:27:31
184.105.247.198	attack	30005/tcp 8443/tcp 9200/tcp... [2019-08-29/10-24]39pkt,14pt.(tcp),1pt.(udp)	2019-10-24 12:00:01
175.115.235.60	attackbotsspam	Autoban 175.115.235.60 AUTH/CONNECT	2019-10-24 12:13:12
117.36.50.61	attackbotsspam	Oct 24 00:51:04 firewall sshd[13194]: Invalid user 3st from 117.36.50.61 Oct 24 00:51:06 firewall sshd[13194]: Failed password for invalid user 3st from 117.36.50.61 port 60030 ssh2 Oct 24 00:55:38 firewall sshd[13311]: Invalid user q1w2e3 from 117.36.50.61 ...	2019-10-24 12:23:49
104.219.250.214	attackspambots	Trying ports that it shouldn't be.	2019-10-24 12:02:12
83.97.20.47	attackbotsspam	10/24/2019-00:05:09.660472 83.97.20.47 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-24 12:14:49
206.189.122.133	attack	2019-10-24T03:55:54.581529abusebot-5.cloudsearch.cf sshd\[14060\]: Invalid user 123456 from 206.189.122.133 port 56708	2019-10-24 12:08:30
160.153.147.135	attack	Automatic report - XMLRPC Attack	2019-10-24 12:13:39
148.70.54.181	attackbotsspam	Oct 23 17:51:09 eddieflores sshd\[25450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.54.181 user=root Oct 23 17:51:11 eddieflores sshd\[25450\]: Failed password for root from 148.70.54.181 port 50882 ssh2 Oct 23 17:56:06 eddieflores sshd\[25836\]: Invalid user krea from 148.70.54.181 Oct 23 17:56:06 eddieflores sshd\[25836\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.54.181 Oct 23 17:56:08 eddieflores sshd\[25836\]: Failed password for invalid user krea from 148.70.54.181 port 37638 ssh2	2019-10-24 12:08:02
49.234.46.134	attack	Oct 24 05:56:00 dedicated sshd[7396]: Invalid user pass@word123! from 49.234.46.134 port 53156	2019-10-24 12:06:05
222.221.248.242	attackbots	Oct 24 01:20:03 meumeu sshd[23950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.221.248.242 Oct 24 01:20:06 meumeu sshd[23950]: Failed password for invalid user usrobotics from 222.221.248.242 port 51718 ssh2 Oct 24 01:24:23 meumeu sshd[24470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.221.248.242 ...	2019-10-24 08:19:33
46.101.27.6	attack	Oct 23 09:38:26 XXX sshd[31640]: Invalid user ftpuser from 46.101.27.6 port 34806	2019-10-24 08:19:09
180.121.84.90	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/180.121.84.90/ CN - 1H : (484) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 180.121.84.90 CIDR : 180.120.0.0/14 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 11 3H - 30 6H - 69 12H - 147 24H - 227 DateTime : 2019-10-23 22:11:29 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-24 08:23:30

Recently Reported IPs

58.194.168.198	2600:6c5d:5000:1cab:498f:24e6:b3ef:715e	14.231.241.37	167.190.75.157
97.217.200.117	59.9.4.182	124.82.24.42	133.5.208.1
156.209.26.84	193.255.173.85	78.47.120.153	102.140.197.121
220.152.110.170	142.44.196.225	123.30.236.77	123.21.66.145
86.25.245.179	14.231.37.153	23.101.0.233	2.57.77.109