1.64.12.154 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-08-13 18:24:35

Comments on same subnet:

IP	Type	Details	Datetime
1.64.12.72	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540f70c69cbedd1e \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: HK \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:25:14

Type

Details

Datetime

1.64.12.72

attack

The IP has triggered Cloudflare WAF. CF-Ray: 540f70c69cbedd1e | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 07:25:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.64.12.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2884
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.64.12.154.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 13 18:24:30 CST 2019
;; MSG SIZE  rcvd: 115

Host info

154.12.64.1.in-addr.arpa domain name pointer 1-64-12-154.static.netvigator.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
154.12.64.1.in-addr.arpa	name = 1-64-12-154.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.102.57.186	attackbotsspam	[MK-VM5] Blocked by UFW	2020-09-23 01:49:50
179.175.246.211	attackbotsspam	2020-09-21T17:00:55.701127Z e781b1b0e0d4 New connection: 179.175.246.211:48447 (172.17.0.5:2222) [session: e781b1b0e0d4] 2020-09-21T17:00:58.975051Z 4d0522e61253 New connection: 179.175.246.211:48479 (172.17.0.5:2222) [session: 4d0522e61253]	2020-09-23 01:40:10
132.148.166.225	attackspam	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-09-23 01:29:30
51.89.149.241	attackbotsspam	5x Failed Password	2020-09-23 02:02:08
167.114.86.47	attackbots	2020-09-23T00:25:03.522411hostname sshd[14926]: Invalid user servidor from 167.114.86.47 port 43722 ...	2020-09-23 01:39:24
167.99.49.115	attack	Brute-force attempt banned	2020-09-23 01:48:00
5.202.177.123	attackspambots	Invalid user dario from 5.202.177.123 port 37798	2020-09-23 01:31:33
189.207.102.23	attackspambots	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=49066 . dstport=23 . (3204)	2020-09-23 02:20:16
61.155.233.227	attackbots	(sshd) Failed SSH login from 61.155.233.227 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 22 07:54:40 server2 sshd[12709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.155.233.227 user=operator Sep 22 07:54:41 server2 sshd[12709]: Failed password for operator from 61.155.233.227 port 19726 ssh2 Sep 22 08:04:22 server2 sshd[23215]: Invalid user test from 61.155.233.227 Sep 22 08:04:22 server2 sshd[23215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.155.233.227 Sep 22 08:04:24 server2 sshd[23215]: Failed password for invalid user test from 61.155.233.227 port 35527 ssh2	2020-09-23 01:33:18
104.248.130.17	attackspam	Sep 22 16:45:31 IngegnereFirenze sshd[13794]: Failed password for invalid user josh from 104.248.130.17 port 44478 ssh2 ...	2020-09-23 02:03:46
182.156.209.222	attackbotsspam	Sep 22 01:13:55 web9 sshd\[20848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.209.222 user=root Sep 22 01:13:57 web9 sshd\[20848\]: Failed password for root from 182.156.209.222 port 32569 ssh2 Sep 22 01:16:02 web9 sshd\[21242\]: Invalid user python from 182.156.209.222 Sep 22 01:16:02 web9 sshd\[21242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.156.209.222 Sep 22 01:16:04 web9 sshd\[21242\]: Failed password for invalid user python from 182.156.209.222 port 64226 ssh2	2020-09-23 01:28:51
124.225.42.93	attack	TCP (SYN) 124.225.42.93:31198 -> port 80, len 44	2020-09-23 02:15:00
192.241.235.22	attackbots	Port scan denied	2020-09-23 02:13:32
181.169.74.100	attackbots	SSH/22 MH Probe, BF, Hack -	2020-09-23 02:02:57
220.134.250.251	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-23 01:27:39

Recently Reported IPs

188.127.231.66	177.154.239.25	177.19.255.17	157.55.39.240
157.52.140.120	156.220.118.158	154.85.116.158	121.136.42.112
115.113.158.98	109.147.53.61	61.194.215.180	103.219.154.13
103.218.169.2	91.236.62.243	88.209.213.104	86.244.202.30
207.89.197.178	78.163.124.5	68.183.2.153	51.254.225.227