219.77.212.157

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f8b9d9816dd16 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: HK \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Safari/605.1.15 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:57:54

Type

Details

Datetime

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 540f8b9d9816dd16 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Safari/605.1.15 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:57:54

Comments on same subnet:

IP	Type	Details	Datetime
219.77.212.68	attackbotsspam	Honeypot attack, port: 5555, PTR: n219077212068.netvigator.com.	2020-01-22 04:52:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.77.212.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27595
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.77.212.157.			IN	A

;; AUTHORITY SECTION:
.			562	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 02:57:51 CST 2019
;; MSG SIZE  rcvd: 118

Host info

157.212.77.219.in-addr.arpa domain name pointer n219077212157.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
157.212.77.219.in-addr.arpa	name = n219077212157.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.1.207.189	attackbotsspam	Port 22 Scan, PTR: None	2020-01-04 20:36:18
171.239.192.255	attack	unauthorized connection attempt	2020-01-04 20:30:42
3.1.8.31	attackspambots	Jan 3 14:33:42 vps5 sshd[20769]: Invalid user butter from 3.1.8.31 Jan 3 14:33:42 vps5 sshd[20769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-3-1-8-31.ap-southeast-1.compute.amazonaws.com Jan 3 14:33:44 vps5 sshd[20769]: Failed password for invalid user butter from 3.1.8.31 port 53726 ssh2 Jan 3 14:33:44 vps5 sshd[20769]: Received disconnect from 3.1.8.31: 11: Normal Shutdown, Thank you for playing [preauth] Jan 3 14:35:46 vps5 sshd[20945]: Invalid user administrateur from 3.1.8.31 Jan 3 14:35:46 vps5 sshd[20945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-3-1-8-31.ap-southeast-1.compute.amazonaws.com Jan 3 14:35:48 vps5 sshd[20945]: Failed password for invalid user administrateur from 3.1.8.31 port 45492 ssh2 Jan 3 14:35:48 vps5 sshd[20945]: Received disconnect from 3.1.8.31: 11: Normal Shutdown, Thank you for playing [preauth] Jan 3 14:38:04 vps5 sshd[21125]: ........ -------------------------------	2020-01-04 20:31:32
125.62.178.185	attackspam	unauthorized connection attempt	2020-01-04 20:00:41
181.231.78.192	attackspam	DATE:2020-01-04 12:31:41,IP:181.231.78.192,MATCHES:11,PORT:ssh	2020-01-04 20:38:11
118.70.233.121	attack	unauthorized connection attempt	2020-01-04 20:28:04
114.5.81.73	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 04-01-2020 04:45:08.	2020-01-04 20:28:30
49.205.100.18	attack	Unauthorized connection attempt from IP address 49.205.100.18 on Port 445(SMB)	2020-01-04 20:05:51
68.5.173.39	attackspam	$f2bV_matches	2020-01-04 20:09:24
51.11.53.148	attack	2020-01-04T12:59:06.281597scmdmz1 sshd[4188]: Invalid user scmfonderie from 51.11.53.148 port 33326 2020-01-04T12:59:06.284199scmdmz1 sshd[4188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.11.53.148 2020-01-04T12:59:06.281597scmdmz1 sshd[4188]: Invalid user scmfonderie from 51.11.53.148 port 33326 2020-01-04T12:59:08.431223scmdmz1 sshd[4188]: Failed password for invalid user scmfonderie from 51.11.53.148 port 33326 ssh2 2020-01-04T12:59:33.865741scmdmz1 sshd[4241]: Invalid user scmfonderie from 51.11.53.148 port 39478 ...	2020-01-04 20:13:56
162.144.46.28	attack	Automatic report - XMLRPC Attack	2020-01-04 20:19:17
42.117.213.40	attackspambots	unauthorized connection attempt	2020-01-04 20:15:40
209.17.96.82	attack	port scan and connect, tcp 8888 (sun-answerbook)	2020-01-04 20:40:41
138.197.73.215	attackbots	Jan 4 07:23:06 ms-srv sshd[4410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.73.215 Jan 4 07:23:08 ms-srv sshd[4410]: Failed password for invalid user teste2 from 138.197.73.215 port 40850 ssh2	2020-01-04 20:31:04
113.125.23.185	attackbots	SSH bruteforce	2020-01-04 20:17:12

Recently Reported IPs

66.148.16.83	180.95.231.47	113.105.200.130	175.184.165.11
111.207.43.66	78.222.234.63	134.209.108.243	78.18.159.42
217.63.114.248	123.158.48.231	217.166.253.36	107.202.51.202
122.115.235.105	134.29.73.214	164.111.249.94	121.57.226.205
206.12.32.73	168.0.198.110	121.57.224.208	98.198.79.232