219.133.104.157

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shenzhen Labor Market

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	$f2bV_matches	2020-05-04 05:47:00
attackspam	odoo8 ...	2020-04-09 19:40:46
attackbotsspam	Apr 2 01:34:49 minden010 sshd[29495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.133.104.157 Apr 2 01:34:51 minden010 sshd[29495]: Failed password for invalid user test9 from 219.133.104.157 port 42502 ssh2 Apr 2 01:36:46 minden010 sshd[30247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.133.104.157 ...	2020-04-02 09:10:47
attackspambots	(sshd) Failed SSH login from 219.133.104.157 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 10 10:07:49 amsweb01 sshd[27447]: Invalid user reizen from 219.133.104.157 port 59686 Mar 10 10:07:51 amsweb01 sshd[27447]: Failed password for invalid user reizen from 219.133.104.157 port 59686 ssh2 Mar 10 10:19:28 amsweb01 sshd[28570]: Invalid user reizen.euroknaller from 219.133.104.157 port 59188 Mar 10 10:19:30 amsweb01 sshd[28570]: Failed password for invalid user reizen.euroknaller from 219.133.104.157 port 59188 ssh2 Mar 10 10:24:46 amsweb01 sshd[29177]: Invalid user reizeneuroknaller from 219.133.104.157 port 44612	2020-03-10 20:16:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.133.104.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30276
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.133.104.157.		IN	A

;; AUTHORITY SECTION:
.			258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031000 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 10 20:16:36 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 157.104.133.219.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.104.133.219.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.6.116	attack	Nov 7 03:58:57 web1 sshd\[16792\]: Invalid user shou from 106.13.6.116 Nov 7 03:58:57 web1 sshd\[16792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 Nov 7 03:58:59 web1 sshd\[16792\]: Failed password for invalid user shou from 106.13.6.116 port 46100 ssh2 Nov 7 04:01:47 web1 sshd\[17088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 user=root Nov 7 04:01:49 web1 sshd\[17088\]: Failed password for root from 106.13.6.116 port 45264 ssh2	2019-11-07 22:03:36
159.203.36.154	attackspambots	Nov 6 22:14:52 mockhub sshd[30025]: Failed password for root from 159.203.36.154 port 53339 ssh2 ...	2019-11-07 22:28:38
37.187.79.55	attack	2019-11-07T08:59:58.236557abusebot-7.cloudsearch.cf sshd\[25566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tde.terre-des-elements.net user=root	2019-11-07 22:33:35
5.36.36.117	attack	Hits on port : 445	2019-11-07 22:09:43
118.192.66.52	attackspambots	Nov 7 14:29:10 dev0-dcde-rnet sshd[22697]: Failed password for root from 118.192.66.52 port 42048 ssh2 Nov 7 14:43:22 dev0-dcde-rnet sshd[22733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.192.66.52 Nov 7 14:43:24 dev0-dcde-rnet sshd[22733]: Failed password for invalid user t from 118.192.66.52 port 49932 ssh2	2019-11-07 22:31:06
222.122.94.10	attackspam	2019-11-07T12:33:41.995591abusebot-5.cloudsearch.cf sshd\[19610\]: Invalid user robert from 222.122.94.10 port 54890	2019-11-07 22:30:42
222.186.180.17	attack	2019-11-07T14:20:28.931035abusebot-7.cloudsearch.cf sshd\[27194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root	2019-11-07 22:21:22
35.220.224.198	attackbotsspam	kidness.family 35.220.224.198 \[07/Nov/2019:07:18:55 +0100\] "POST /wp-login.php HTTP/1.1" 200 5618 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" kidness.family 35.220.224.198 \[07/Nov/2019:07:18:57 +0100\] "POST /wp-login.php HTTP/1.1" 200 5612 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-07 22:13:21
193.70.2.117	attack	2019-11-07T08:59:48.622783scmdmz1 sshd\[17717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.ip-193-70-2.eu user=root 2019-11-07T08:59:50.917049scmdmz1 sshd\[17717\]: Failed password for root from 193.70.2.117 port 40818 ssh2 2019-11-07T09:03:00.108177scmdmz1 sshd\[18285\]: Invalid user whipper from 193.70.2.117 port 53868 ...	2019-11-07 22:32:40
188.158.47.148	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/188.158.47.148/ IR - 1H : (86) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IR NAME ASN : ASN39501 IP : 188.158.47.148 CIDR : 188.158.32.0/19 PREFIX COUNT : 91 UNIQUE IP COUNT : 203776 ATTACKS DETECTED ASN39501 : 1H - 1 3H - 1 6H - 1 12H - 3 24H - 9 DateTime : 2019-11-07 07:18:29 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-07 22:30:15
167.99.7.149	attackspam	2019-11-07T07:00:14.143536 sshd[5219]: Invalid user nginx from 167.99.7.149 port 34050 2019-11-07T07:00:14.158530 sshd[5219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.7.149 2019-11-07T07:00:14.143536 sshd[5219]: Invalid user nginx from 167.99.7.149 port 34050 2019-11-07T07:00:15.858384 sshd[5219]: Failed password for invalid user nginx from 167.99.7.149 port 34050 ssh2 2019-11-07T07:18:46.612362 sshd[5480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.7.149 user=root 2019-11-07T07:18:48.302578 sshd[5480]: Failed password for root from 167.99.7.149 port 38930 ssh2 ...	2019-11-07 22:19:17
159.89.229.244	attackspam	Nov 7 03:51:58 auw2 sshd\[759\]: Invalid user upload from 159.89.229.244 Nov 7 03:51:58 auw2 sshd\[759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.229.244 Nov 7 03:52:00 auw2 sshd\[759\]: Failed password for invalid user upload from 159.89.229.244 port 51060 ssh2 Nov 7 03:55:42 auw2 sshd\[1049\]: Invalid user kashyap from 159.89.229.244 Nov 7 03:55:42 auw2 sshd\[1049\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.229.244	2019-11-07 22:02:57
36.154.39.14	attack	Nov 6 22:35:32 ws24vmsma01 sshd[243468]: Failed password for root from 36.154.39.14 port 54190 ssh2 ...	2019-11-07 22:29:11
106.12.92.88	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-11-07 22:14:38
192.81.219.241	attack	Chat Spam	2019-11-07 22:10:42

Recently Reported IPs

45.143.220.248	203.55.21.111	36.85.145.85	173.88.151.178
39.82.235.80	87.103.253.198	125.99.71.46	36.92.147.163
14.29.249.248	1.53.250.136	208.102.51.6	191.194.0.160
204.93.196.113	180.242.154.250	198.12.152.136	89.111.186.230
2001:41d0:700:1337::1	139.59.95.22	79.157.25.180	192.151.157.210