1.172.19.57 - IPInfo

Basic Info

City: Magong

Region: Penghu County

Country: Taiwan, China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: Data Communication Business Group

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08301000)	2019-08-31 00:23:05

Comments on same subnet:

IP	Type	Details	Datetime
1.172.193.118	attackspambots	1592798129 - 06/22/2020 05:55:29 Host: 1.172.193.118/1.172.193.118 Port: 23 TCP Blocked	2020-06-22 12:16:15
1.172.199.87	attack	1580304720 - 01/29/2020 14:32:00 Host: 1.172.199.87/1.172.199.87 Port: 445 TCP Blocked	2020-01-30 03:23:15
1.172.195.60	attackbots	1576909607 - 12/21/2019 07:26:47 Host: 1.172.195.60/1.172.195.60 Port: 445 TCP Blocked	2019-12-21 18:10:59
1.172.191.107	attack	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=64008)(10151156)	2019-10-16 00:25:53
1.172.190.227	attackspam	Port Scan: TCP/23	2019-09-20 23:11:10
1.172.190.75	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-19 04:27:42,246 INFO [amun_request_handler] PortScan Detected on Port: 445 (1.172.190.75)	2019-07-19 18:27:48
1.172.198.142	attackbots	Honeypot attack, port: 445, PTR: 1-172-198-142.dynamic-ip.hinet.net.	2019-06-29 08:26:44
1.172.190.54	attack	37215/tcp [2019-06-22]1pkt	2019-06-22 13:13:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.172.19.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8106
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.172.19.57.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083000 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 31 00:22:34 CST 2019
;; MSG SIZE  rcvd: 115

Host info

57.19.172.1.in-addr.arpa domain name pointer 1-172-19-57.dynamic-ip.hinet.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
57.19.172.1.in-addr.arpa	name = 1-172-19-57.dynamic-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.188.123	attackspambots	Oct 6 01:11:06 sanyalnet-cloud-vps3 sshd[7543]: Connection from 68.183.188.123 port 56526 on 45.62.248.66 port 22 Oct 6 01:11:07 sanyalnet-cloud-vps3 sshd[7543]: User r.r from 68.183.188.123 not allowed because not listed in AllowUsers Oct 6 01:11:07 sanyalnet-cloud-vps3 sshd[7543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.188.123 user=r.r Oct 6 01:11:09 sanyalnet-cloud-vps3 sshd[7543]: Failed password for invalid user r.r from 68.183.188.123 port 56526 ssh2 Oct 6 01:11:09 sanyalnet-cloud-vps3 sshd[7543]: Received disconnect from 68.183.188.123: 11: Bye Bye [preauth] Oct 6 01:18:43 sanyalnet-cloud-vps3 sshd[7763]: Connection from 68.183.188.123 port 39534 on 45.62.248.66 port 22 Oct 6 01:18:44 sanyalnet-cloud-vps3 sshd[7763]: User r.r from 68.183.188.123 not allowed because not listed in AllowUsers Oct 6 01:18:44 sanyalnet-cloud-vps3 sshd[7763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 eui........ -------------------------------	2019-10-08 18:43:52
115.77.187.18	attack	Oct 7 20:33:01 wbs sshd\[4263\]: Invalid user 1z2x3c from 115.77.187.18 Oct 7 20:33:01 wbs sshd\[4263\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.77.187.18 Oct 7 20:33:03 wbs sshd\[4263\]: Failed password for invalid user 1z2x3c from 115.77.187.18 port 64774 ssh2 Oct 7 20:38:21 wbs sshd\[4760\]: Invalid user Internet_123 from 115.77.187.18 Oct 7 20:38:21 wbs sshd\[4760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.77.187.18	2019-10-08 18:27:08
51.77.145.97	attackbotsspam	Oct 8 05:37:42 kscrazy sshd\[16325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.145.97 user=root Oct 8 05:37:43 kscrazy sshd\[16325\]: Failed password for root from 51.77.145.97 port 49760 ssh2 Oct 8 05:51:33 kscrazy sshd\[17064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.145.97 user=root	2019-10-08 18:39:31
111.230.192.195	attackspambots	Apr 23 01:58:37 ubuntu sshd[23220]: Failed password for invalid user john from 111.230.192.195 port 40304 ssh2 Apr 23 02:01:46 ubuntu sshd[23612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.192.195 Apr 23 02:01:48 ubuntu sshd[23612]: Failed password for invalid user fan from 111.230.192.195 port 35764 ssh2 Apr 23 02:05:01 ubuntu sshd[24017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.192.195	2019-10-08 18:28:02
92.118.160.1	attackspam	08.10.2019 05:44:02 Connection to port 8443 blocked by firewall	2019-10-08 18:35:26
111.230.13.186	attackbots	Apr 21 03:06:32 ubuntu sshd[2748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.13.186 Apr 21 03:06:33 ubuntu sshd[2748]: Failed password for invalid user osilvera from 111.230.13.186 port 55438 ssh2 Apr 21 03:09:48 ubuntu sshd[4344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.13.186 Apr 21 03:09:50 ubuntu sshd[4344]: Failed password for invalid user www from 111.230.13.186 port 51858 ssh2	2019-10-08 18:43:14
52.172.44.97	attackbotsspam	Oct 8 04:23:11 work-partkepr sshd\[8390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.44.97 user=root Oct 8 04:23:13 work-partkepr sshd\[8390\]: Failed password for root from 52.172.44.97 port 43696 ssh2 ...	2019-10-08 18:47:06
186.147.237.51	attack	Sep 24 08:08:03 dallas01 sshd[815]: Failed password for invalid user ilario from 186.147.237.51 port 59130 ssh2 Sep 24 08:12:52 dallas01 sshd[1719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.147.237.51 Sep 24 08:12:54 dallas01 sshd[1719]: Failed password for invalid user admin from 186.147.237.51 port 43564 ssh2 Sep 24 08:17:46 dallas01 sshd[2539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.147.237.51	2019-10-08 18:39:53
212.64.106.151	attackbots	Oct 8 06:07:00 localhost sshd\[11149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.106.151 user=root Oct 8 06:07:02 localhost sshd\[11149\]: Failed password for root from 212.64.106.151 port 28410 ssh2 Oct 8 06:27:38 localhost sshd\[19743\]: Invalid user 123 from 212.64.106.151 port 40042 Oct 8 06:27:38 localhost sshd\[19743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.106.151	2019-10-08 18:34:32
158.69.220.70	attackspam	Jun 6 09:37:01 ubuntu sshd[9240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.70 Jun 6 09:37:03 ubuntu sshd[9240]: Failed password for invalid user bk from 158.69.220.70 port 45192 ssh2 Jun 6 09:39:41 ubuntu sshd[9527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.70 Jun 6 09:39:43 ubuntu sshd[9527]: Failed password for invalid user jeffrey from 158.69.220.70 port 40208 ssh2	2019-10-08 18:14:07
111.230.157.219	attackbots	Apr 19 22:24:57 ubuntu sshd[17664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.157.219 Apr 19 22:24:59 ubuntu sshd[17664]: Failed password for invalid user vowel from 111.230.157.219 port 54768 ssh2 Apr 19 22:27:45 ubuntu sshd[17739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.157.219 Apr 19 22:27:47 ubuntu sshd[17739]: Failed password for invalid user oracle from 111.230.157.219 port 48964 ssh2	2019-10-08 18:33:14
111.230.134.74	attackspambots	Apr 22 02:29:44 ubuntu sshd[20638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.134.74 Apr 22 02:29:47 ubuntu sshd[20638]: Failed password for invalid user mtch from 111.230.134.74 port 51430 ssh2 Apr 22 02:32:43 ubuntu sshd[20711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.134.74 Apr 22 02:32:46 ubuntu sshd[20711]: Failed password for invalid user le from 111.230.134.74 port 45234 ssh2	2019-10-08 18:39:08
49.88.112.68	attackspambots	Oct 8 13:22:44 sauna sshd[18488]: Failed password for root from 49.88.112.68 port 49193 ssh2 ...	2019-10-08 18:36:12
46.105.16.246	attack	Oct 8 09:24:51 vps647732 sshd[510]: Failed password for root from 46.105.16.246 port 56200 ssh2 ...	2019-10-08 18:15:16
42.58.20.193	attackbots	Unauthorised access (Oct 8) SRC=42.58.20.193 LEN=40 TTL=49 ID=42401 TCP DPT=8080 WINDOW=16295 SYN	2019-10-08 18:21:33

Recently Reported IPs

74.139.132.68	202.36.48.246	23.137.224.149	45.30.32.21
5.145.119.187	109.94.190.14	154.0.161.146	162.183.58.15
67.81.204.187	169.50.220.33	223.176.31.217	2.72.245.22
71.58.236.3	106.224.31.48	164.163.73.25	110.171.239.138
153.127.208.103	87.143.122.204	50.183.188.172	107.4.155.184