1.64.96.6 - IPInfo

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.64.96.135	attackspam	Honeypot attack, port: 5555, PTR: 1-64-96-135.static.netvigator.com.	2020-02-15 07:42:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.64.96.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18951
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.64.96.6.			IN	A

;; AUTHORITY SECTION:
.			221	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022040301 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 04 11:53:06 CST 2022
;; MSG SIZE  rcvd: 102

Host info

6.96.64.1.in-addr.arpa domain name pointer 1-64-96-006.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.96.64.1.in-addr.arpa	name = 1-64-96-006.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.55	attack	Feb 6 03:17:06 dedicated sshd[16376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Feb 6 03:17:08 dedicated sshd[16376]: Failed password for root from 49.88.112.55 port 40048 ssh2	2020-02-06 10:23:52
41.232.182.41	attackspam	1580951711 - 02/06/2020 02:15:11 Host: 41.232.182.41/41.232.182.41 Port: 445 TCP Blocked	2020-02-06 10:03:25
47.240.59.43	attackspam	Error 404. The requested page (/xmlrpc.php) was not found	2020-02-06 10:06:26
152.136.115.150	attack	Feb 5 15:47:36 hpm sshd\[4908\]: Invalid user kqk from 152.136.115.150 Feb 5 15:47:36 hpm sshd\[4908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.115.150 Feb 5 15:47:38 hpm sshd\[4908\]: Failed password for invalid user kqk from 152.136.115.150 port 49340 ssh2 Feb 5 15:51:43 hpm sshd\[5456\]: Invalid user pkc from 152.136.115.150 Feb 5 15:51:43 hpm sshd\[5456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.115.150	2020-02-06 09:53:21
46.8.213.19	attackbots	Contact for SPAM BOT	2020-02-06 09:51:45
113.170.126.91	attackbotsspam	SMB Server BruteForce Attack	2020-02-06 09:49:02
124.129.30.246	attack	IMAP brute force ...	2020-02-06 09:48:46
101.71.3.102	attackspam	Feb 6 03:13:35 MK-Soft-Root2 sshd[19157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.71.3.102 Feb 6 03:13:38 MK-Soft-Root2 sshd[19157]: Failed password for invalid user ftr from 101.71.3.102 port 7456 ssh2 ...	2020-02-06 10:26:35
222.186.175.140	attackbotsspam	Feb 6 02:49:11 ns381471 sshd[28309]: Failed password for root from 222.186.175.140 port 31732 ssh2 Feb 6 02:49:23 ns381471 sshd[28309]: error: maximum authentication attempts exceeded for root from 222.186.175.140 port 31732 ssh2 [preauth]	2020-02-06 09:50:36
77.242.27.82	attackbots	IMAP brute force ...	2020-02-06 10:01:04
106.13.37.170	attackspam	Feb 6 04:08:26 server sshd\[1329\]: Invalid user plz from 106.13.37.170 Feb 6 04:08:26 server sshd\[1329\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.170 Feb 6 04:08:29 server sshd\[1329\]: Failed password for invalid user plz from 106.13.37.170 port 34496 ssh2 Feb 6 04:14:43 server sshd\[2564\]: Invalid user wyb from 106.13.37.170 Feb 6 04:14:43 server sshd\[2564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.170 ...	2020-02-06 10:22:39
134.209.228.253	attack	Feb 5 15:30:05 hpm sshd\[2661\]: Invalid user gun from 134.209.228.253 Feb 5 15:30:05 hpm sshd\[2661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253 Feb 5 15:30:08 hpm sshd\[2661\]: Failed password for invalid user gun from 134.209.228.253 port 54520 ssh2 Feb 5 15:33:05 hpm sshd\[3030\]: Invalid user xrk from 134.209.228.253 Feb 5 15:33:05 hpm sshd\[3030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.228.253	2020-02-06 09:55:08
49.233.92.166	attack	$f2bV_matches	2020-02-06 09:57:14
37.9.113.46	attackspam	[Thu Feb 06 08:14:37.103674 2020] [:error] [pid 1635:tid 140262657820416] [client 37.9.113.46:36014] [client 37.9.113.46] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XjtofXFl@3nQo4OTo5IZuQAAAUs"] ...	2020-02-06 10:26:19
36.68.169.237	attack	Feb 6 01:14:39 localhost sshd\[28965\]: Invalid user admin from 36.68.169.237 port 42145 Feb 6 01:14:39 localhost sshd\[28965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.68.169.237 Feb 6 01:14:41 localhost sshd\[28965\]: Failed password for invalid user admin from 36.68.169.237 port 42145 ssh2 ...	2020-02-06 10:24:10

Recently Reported IPs

1.64.85.47	1.65.139.118	1.65.158.235	1.65.164.178
1.65.167.30	1.65.185.122	1.65.196.218	1.65.202.134
1.65.216.118	1.67.43.178	1.68.135.170	1.70.66.17
1.70.66.217	1.70.67.161	1.70.67.165	1.70.67.237
1.70.82.189	1.71.138.227	141.224.254.164	1.80.0.87