1.64.12.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 540f70c69cbedd1e \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: HK \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 \| CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:25:14

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 540f70c69cbedd1e | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: HK | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 | CF_DC: SIN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 07:25:14

Comments on same subnet:

IP	Type	Details	Datetime
1.64.12.154	attackspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-08-13 18:24:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.64.12.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8124
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.64.12.72.			IN	A

;; AUTHORITY SECTION:
.			275	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 07:25:09 CST 2019
;; MSG SIZE  rcvd: 114

Host info

72.12.64.1.in-addr.arpa domain name pointer 1-64-12-072.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.12.64.1.in-addr.arpa	name = 1-64-12-072.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.90.61.10	attackbotsspam	2020-08-08T05:45:16.428824amanda2.illicoweb.com sshd\[1491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 user=root 2020-08-08T05:45:18.258654amanda2.illicoweb.com sshd\[1491\]: Failed password for root from 119.90.61.10 port 50916 ssh2 2020-08-08T05:50:03.428417amanda2.illicoweb.com sshd\[1853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 user=root 2020-08-08T05:50:05.995404amanda2.illicoweb.com sshd\[1853\]: Failed password for root from 119.90.61.10 port 56006 ssh2 2020-08-08T05:54:50.145739amanda2.illicoweb.com sshd\[2341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 user=root ...	2020-08-08 16:04:37
79.98.112.12	attack	Unauthorized IMAP connection attempt	2020-08-08 16:07:43
37.49.224.88	attack	SSH Brute Force	2020-08-08 15:54:31
121.200.5.99	attackspambots	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-08-08 16:10:25
112.85.42.229	attackspambots	Aug 8 09:56:17 abendstille sshd\[708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Aug 8 09:56:18 abendstille sshd\[708\]: Failed password for root from 112.85.42.229 port 17742 ssh2 Aug 8 09:56:20 abendstille sshd\[753\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Aug 8 09:56:21 abendstille sshd\[708\]: Failed password for root from 112.85.42.229 port 17742 ssh2 Aug 8 09:56:22 abendstille sshd\[753\]: Failed password for root from 112.85.42.229 port 56081 ssh2 ...	2020-08-08 16:08:46
82.62.118.102	attack	Automatic report - Banned IP Access	2020-08-08 15:59:36
180.76.160.50	attackbotsspam	Aug 8 05:07:47 onepixel sshd[4091620]: Failed password for root from 180.76.160.50 port 34776 ssh2 Aug 8 05:10:06 onepixel sshd[4093099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.160.50 user=root Aug 8 05:10:08 onepixel sshd[4093099]: Failed password for root from 180.76.160.50 port 60606 ssh2 Aug 8 05:12:23 onepixel sshd[4094386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.160.50 user=root Aug 8 05:12:25 onepixel sshd[4094386]: Failed password for root from 180.76.160.50 port 58196 ssh2	2020-08-08 16:07:23
106.13.190.148	attack	Aug 8 06:21:00 rocket sshd[29434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.190.148 Aug 8 06:21:02 rocket sshd[29434]: Failed password for invalid user P4SSWORD from 106.13.190.148 port 54724 ssh2 ...	2020-08-08 16:22:19
104.236.115.5	attackbots	Aug 8 08:40:07 Ubuntu-1404-trusty-64-minimal sshd\[32194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.115.5 user=root Aug 8 08:40:08 Ubuntu-1404-trusty-64-minimal sshd\[32194\]: Failed password for root from 104.236.115.5 port 54403 ssh2 Aug 8 08:47:43 Ubuntu-1404-trusty-64-minimal sshd\[2572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.115.5 user=root Aug 8 08:47:45 Ubuntu-1404-trusty-64-minimal sshd\[2572\]: Failed password for root from 104.236.115.5 port 48625 ssh2 Aug 8 08:49:53 Ubuntu-1404-trusty-64-minimal sshd\[3207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.115.5 user=root	2020-08-08 15:48:54
124.160.83.138	attack	$f2bV_matches	2020-08-08 16:22:04
193.27.229.178	attackspambots	ET SCAN Suspicious inbound to mySQL port 3306 - port: 3306 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-08-08 15:58:43
106.69.228.53	attackbotsspam	<6 unauthorized SSH connections	2020-08-08 15:55:29
42.200.77.229	attack	2020-08-08T03:54:19.795312abusebot-4.cloudsearch.cf sshd[10468]: Invalid user admin from 42.200.77.229 port 3455 2020-08-08T03:54:20.070624abusebot-4.cloudsearch.cf sshd[10468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-77-229.static.imsbiz.com 2020-08-08T03:54:19.795312abusebot-4.cloudsearch.cf sshd[10468]: Invalid user admin from 42.200.77.229 port 3455 2020-08-08T03:54:22.519146abusebot-4.cloudsearch.cf sshd[10468]: Failed password for invalid user admin from 42.200.77.229 port 3455 ssh2 2020-08-08T03:54:25.217655abusebot-4.cloudsearch.cf sshd[10470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-77-229.static.imsbiz.com user=root 2020-08-08T03:54:27.752643abusebot-4.cloudsearch.cf sshd[10470]: Failed password for root from 42.200.77.229 port 22150 ssh2 2020-08-08T03:54:30.303786abusebot-4.cloudsearch.cf sshd[10472]: Invalid user admin from 42.200.77.229 port 9436 ...	2020-08-08 16:22:41
49.149.78.48	attack	1596858888 - 08/08/2020 05:54:48 Host: 49.149.78.48/49.149.78.48 Port: 445 TCP Blocked	2020-08-08 16:08:00
199.119.74.34	attackspam	Unauthorized IMAP connection attempt	2020-08-08 16:11:49

Recently Reported IPs

21.184.112.248	37.56.19.3	226.132.23.106	55.133.244.179
103.184.83.67	24.109.88.158	80.239.148.219	121.136.96.217
193.127.181.71	241.168.1.116	52.119.27.52	0.17.58.142
9.83.8.173	137.106.116.70	27.156.244.86	239.45.238.124
221.229.79.217	166.115.31.57	179.109.107.61	183.48.34.242