1.64.208.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port probing on unauthorized port 5555	2020-04-06 04:21:59

Comments on same subnet:

IP	Type	Details	Datetime
1.64.208.171	attackspam	Unauthorized connection attempt detected from IP address 1.64.208.171 to port 5555 [J]	2020-03-03 09:55:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.64.208.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47070
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.64.208.72.			IN	A

;; AUTHORITY SECTION:
.			472	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040501 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 06 04:21:56 CST 2020
;; MSG SIZE  rcvd: 115

Host info

72.208.64.1.in-addr.arpa domain name pointer 1-64-208-072.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.208.64.1.in-addr.arpa	name = 1-64-208-072.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.52.31.165	attackbotsspam	28.07.2019 12:03:15 SSH access blocked by firewall	2019-07-28 20:18:21
152.32.128.223	attack	ZmEu Scanner Detection	2019-07-28 20:34:04
45.13.39.12	attackbotsspam	Jul 28 14:08:57 mail postfix/smtpd\[753\]: warning: unknown\[45.13.39.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 28 14:09:49 mail postfix/smtpd\[30971\]: warning: unknown\[45.13.39.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 28 14:10:45 mail postfix/smtpd\[753\]: warning: unknown\[45.13.39.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-28 20:24:42
132.232.104.35	attackbots	[ssh] SSH attack	2019-07-28 20:53:03
103.243.143.141	attackbots	Jul 28 14:21:06 yabzik sshd[25562]: Failed password for root from 103.243.143.141 port 12402 ssh2 Jul 28 14:25:45 yabzik sshd[27104]: Failed password for root from 103.243.143.141 port 53114 ssh2	2019-07-28 20:37:45
184.105.247.226	attackbotsspam	Automatic report - Port Scan Attack	2019-07-28 20:48:53
117.60.90.80	attackbotsspam	20 attempts against mh-ssh on ice.magehost.pro	2019-07-28 21:00:41
164.132.51.91	attackspambots	Jul 28 13:25:34 mail sshd\[28595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.51.91 user=root Jul 28 13:25:36 mail sshd\[28595\]: Failed password for root from 164.132.51.91 port 47666 ssh2 Jul 28 13:25:39 mail sshd\[28595\]: Failed password for root from 164.132.51.91 port 47666 ssh2 Jul 28 13:25:41 mail sshd\[28595\]: Failed password for root from 164.132.51.91 port 47666 ssh2 Jul 28 13:25:43 mail sshd\[28595\]: Failed password for root from 164.132.51.91 port 47666 ssh2	2019-07-28 20:22:29
36.68.66.200	attack	Unauthorized connection attempt from IP address 36.68.66.200 on Port 445(SMB)	2019-07-28 20:13:58
79.127.125.252	attack	Unauthorized connection attempt from IP address 79.127.125.252 on Port 445(SMB)	2019-07-28 20:34:54
58.147.170.51	attack	DLink DSL Remote OS Command Injection Vulnerability	2019-07-28 20:35:29
207.180.200.76	attack	Jul 28 08:45:34 TORMINT sshd\[9187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.180.200.76 user=root Jul 28 08:45:35 TORMINT sshd\[9187\]: Failed password for root from 207.180.200.76 port 60136 ssh2 Jul 28 08:49:37 TORMINT sshd\[9756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.180.200.76 user=root ...	2019-07-28 21:05:25
139.162.188.174	attackbots	port scan and connect, tcp 8080 (http-proxy)	2019-07-28 20:59:14
189.159.61.224	attack	19/7/28@07:30:37: FAIL: Alarm-Intrusion address from=189.159.61.224 ...	2019-07-28 20:12:53
190.211.141.217	attack	Jul 28 13:56:17 mail sshd\[1040\]: Invalid user rola from 190.211.141.217 port 15656 Jul 28 13:56:17 mail sshd\[1040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217 Jul 28 13:56:19 mail sshd\[1040\]: Failed password for invalid user rola from 190.211.141.217 port 15656 ssh2 Jul 28 14:01:47 mail sshd\[2343\]: Invalid user XiaoWang from 190.211.141.217 port 39713 Jul 28 14:01:47 mail sshd\[2343\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217	2019-07-28 20:19:43

Recently Reported IPs

225.8.119.44	66.148.157.196	66.81.17.247	42.190.20.65
74.227.19.225	78.157.203.226	33.178.161.51	78.168.109.54
165.248.128.4	208.90.126.108	129.161.63.191	12.218.151.59
46.122.68.16	251.51.40.99	80.1.231.39	242.252.141.14
49.167.54.202	218.3.122.15	120.92.114.71	34.87.13.196