1.64.14.9 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Honeypot attack, port: 5555, PTR: 1-64-14-009.static.netvigator.com.	2020-01-23 12:40:17

Comments on same subnet:

IP	Type	Details	Datetime
1.64.144.195	attack	Port probing on unauthorized port 5555	2020-03-27 01:18:03
1.64.144.195	attackspambots	Honeypot attack, port: 5555, PTR: 1-64-144-195.static.netvigator.com.	2020-03-25 01:44:26
1.64.14.7	attackbotsspam	5555/tcp 5555/tcp [2020-02-24/03-05]2pkt	2020-03-05 19:52:20
1.64.14.7	attack	Honeypot attack, port: 5555, PTR: 1-64-14-007.static.netvigator.com.	2020-02-25 09:04:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.64.14.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55507
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.64.14.9.			IN	A

;; AUTHORITY SECTION:
.			333	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012202 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 12:40:14 CST 2020
;; MSG SIZE  rcvd: 113

Host info

9.14.64.1.in-addr.arpa domain name pointer 1-64-14-009.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
9.14.64.1.in-addr.arpa	name = 1-64-14-009.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.219.219	attackbots	Apr 27 01:50:06 mail sshd\[7335\]: Invalid user postgres from 106.13.219.219 Apr 27 01:50:06 mail sshd\[7335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.219 Apr 27 01:50:07 mail sshd\[7335\]: Failed password for invalid user postgres from 106.13.219.219 port 43562 ssh2 ...	2020-04-27 08:53:04
189.213.40.230	attackbotsspam	Automatic report - Port Scan Attack	2020-04-27 08:46:58
45.55.128.109	attackbots	Apr 26 12:14:05 XXX sshd[23250]: Invalid user sam from 45.55.128.109 port 59978	2020-04-27 08:25:01
103.111.103.2	attackspam	Automatic report - Banned IP Access	2020-04-27 08:41:32
222.186.42.7	attackspambots	2020-04-27T00:44:45.101041dmca.cloudsearch.cf sshd[7993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root 2020-04-27T00:44:46.858646dmca.cloudsearch.cf sshd[7993]: Failed password for root from 222.186.42.7 port 34943 ssh2 2020-04-27T00:44:49.557039dmca.cloudsearch.cf sshd[7993]: Failed password for root from 222.186.42.7 port 34943 ssh2 2020-04-27T00:44:45.101041dmca.cloudsearch.cf sshd[7993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root 2020-04-27T00:44:46.858646dmca.cloudsearch.cf sshd[7993]: Failed password for root from 222.186.42.7 port 34943 ssh2 2020-04-27T00:44:49.557039dmca.cloudsearch.cf sshd[7993]: Failed password for root from 222.186.42.7 port 34943 ssh2 2020-04-27T00:44:45.101041dmca.cloudsearch.cf sshd[7993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root 2020-04-27T00:44:46.85 ...	2020-04-27 08:51:32
163.172.42.71	attack	[2020-04-26 16:35:02] NOTICE[1170] chan_sip.c: Registration from '"100"' failed for '163.172.42.71:3791' - Wrong password [2020-04-26 16:35:02] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-26T16:35:02.834-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="100",SessionID="0x7f6c0806cbd8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.42.71/3791",Challenge="125cd6d1",ReceivedChallenge="125cd6d1",ReceivedHash="22ff77df1d859034ea1ea64fea53f591" [2020-04-26 16:35:46] NOTICE[1170] chan_sip.c: Registration from '"102"' failed for '163.172.42.71:4679' - Wrong password [2020-04-26 16:35:46] SECURITY[1184] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-04-26T16:35:46.172-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="102",SessionID="0x7f6c08064098",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.42 ...	2020-04-27 08:32:14
54.69.8.65	attackspam	Apr 25 06:31:44 online-web-vs-1 sshd[23672]: Invalid user multicraft from 54.69.8.65 port 40602 Apr 25 06:31:44 online-web-vs-1 sshd[23672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.69.8.65 Apr 25 06:31:45 online-web-vs-1 sshd[23672]: Failed password for invalid user multicraft from 54.69.8.65 port 40602 ssh2 Apr 25 06:31:46 online-web-vs-1 sshd[23672]: Received disconnect from 54.69.8.65 port 40602:11: Bye Bye [preauth] Apr 25 06:31:46 online-web-vs-1 sshd[23672]: Disconnected from 54.69.8.65 port 40602 [preauth] Apr 25 06:40:02 online-web-vs-1 sshd[24233]: Invalid user nuxeo from 54.69.8.65 port 59824 Apr 25 06:40:02 online-web-vs-1 sshd[24233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.69.8.65 Apr 25 06:40:04 online-web-vs-1 sshd[24233]: Failed password for invalid user nuxeo from 54.69.8.65 port 59824 ssh2 Apr 25 06:40:04 online-web-vs-1 sshd[24233]: Received disconnec........ -------------------------------	2020-04-27 08:32:58
2.139.174.205	attack	Brute force attempt	2020-04-27 08:28:16
84.22.144.52	attack	Automatic report - Banned IP Access	2020-04-27 08:35:37
185.128.80.32	attack	Port probing on unauthorized port 16989	2020-04-27 08:29:15
213.55.83.51	attackspambots	Icarus honeypot on github	2020-04-27 08:28:44
198.108.66.168	attackspambots	" "	2020-04-27 08:25:42
106.12.93.251	attackbots	Apr 26 22:28:35 icinga sshd[49329]: Failed password for root from 106.12.93.251 port 36962 ssh2 Apr 26 22:35:44 icinga sshd[60878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.251 Apr 26 22:35:46 icinga sshd[60878]: Failed password for invalid user ubuntu from 106.12.93.251 port 36828 ssh2 ...	2020-04-27 08:34:12
123.206.26.133	attack	Apr 27 03:11:33 XXX sshd[20969]: Invalid user had from 123.206.26.133 port 43998	2020-04-27 12:05:44
106.12.183.6	attackbots	Apr 26 23:26:53 OPSO sshd\[23559\]: Invalid user mcserver from 106.12.183.6 port 40094 Apr 26 23:26:53 OPSO sshd\[23559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.183.6 Apr 26 23:26:55 OPSO sshd\[23559\]: Failed password for invalid user mcserver from 106.12.183.6 port 40094 ssh2 Apr 26 23:33:18 OPSO sshd\[25222\]: Invalid user denis from 106.12.183.6 port 46428 Apr 26 23:33:18 OPSO sshd\[25222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.183.6	2020-04-27 08:30:11

Recently Reported IPs

109.228.233.36	213.102.87.37	109.238.186.155	1.172.78.94
208.103.52.25	114.4.102.78	190.52.34.63	129.226.117.18
181.209.63.139	62.90.144.0	165.142.218.57	108.3.89.227
103.83.144.80	143.90.250.254	231.116.211.184	187.154.205.156
19.237.140.104	152.170.155.243	139.78.212.149	109.62.146.247