164.52.1.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Capital Online Data Service HK Co Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	$f2bV_matches	2020-05-25 23:49:30

Comments on same subnet:

IP	Type	Details	Datetime
164.52.11.94	attackspambots	Jun 16 22:46:09 pi sshd[20147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.11.94 Jun 16 22:46:11 pi sshd[20147]: Failed password for invalid user kube from 164.52.11.94 port 45950 ssh2	2020-07-24 05:50:51
164.52.106.199	attackbots	Jun 13 07:21:27 pi sshd[5897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.106.199 Jun 13 07:21:28 pi sshd[5897]: Failed password for invalid user gengjiao from 164.52.106.199 port 38634 ssh2	2020-07-24 05:50:35
164.52.12.210	attackbots	May 6 13:47:15 pi sshd[20131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 6 13:47:17 pi sshd[20131]: Failed password for invalid user admin from 164.52.12.210 port 57949 ssh2	2020-07-24 05:49:02
164.52.195.86	attackbotsspam	Jul 17 05:53:31 server sshd[26824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.195.86 Jul 17 05:53:33 server sshd[26824]: Failed password for invalid user arp from 164.52.195.86 port 51718 ssh2 Jul 17 05:58:22 server sshd[27128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.195.86 ...	2020-07-17 12:09:41
164.52.106.199	attack	Jun 26 15:51:50 jumpserver sshd[227423]: Invalid user gian from 164.52.106.199 port 58612 Jun 26 15:51:51 jumpserver sshd[227423]: Failed password for invalid user gian from 164.52.106.199 port 58612 ssh2 Jun 26 15:55:47 jumpserver sshd[227471]: Invalid user martin from 164.52.106.199 port 44600 ...	2020-06-27 00:10:31
164.52.106.199	attack	Jun 19 23:57:20 [host] sshd[23037]: pam_unix(sshd: Jun 19 23:57:22 [host] sshd[23037]: Failed passwor Jun 20 00:00:08 [host] sshd[23365]: Invalid user s Jun 20 00:00:08 [host] sshd[23365]: pam_unix(sshd:	2020-06-20 06:23:59
164.52.106.199	attackbotsspam	Jun 16 20:56:12 OPSO sshd\[16481\]: Invalid user amber from 164.52.106.199 port 42978 Jun 16 20:56:12 OPSO sshd\[16481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.106.199 Jun 16 20:56:14 OPSO sshd\[16481\]: Failed password for invalid user amber from 164.52.106.199 port 42978 ssh2 Jun 16 21:00:07 OPSO sshd\[17350\]: Invalid user media from 164.52.106.199 port 58594 Jun 16 21:00:07 OPSO sshd\[17350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.106.199	2020-06-17 03:13:11
164.52.11.94	attack	Jun 15 22:42:31 host sshd[26492]: Invalid user jimmy from 164.52.11.94 port 59766 ...	2020-06-16 07:09:21
164.52.106.199	attackbots	Brute-Force,SSH	2020-05-29 19:19:08
164.52.106.199	attackspambots	sshd jail - ssh hack attempt	2020-05-28 13:48:34
164.52.12.210	attackbotsspam	May 4 10:19:04 melroy-server sshd[8875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 May 4 10:19:06 melroy-server sshd[8875]: Failed password for invalid user centos from 164.52.12.210 port 33026 ssh2 ...	2020-05-04 17:47:26
164.52.193.111	attack	Apr 10 02:09:53 tuotantolaitos sshd[17519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.111 Apr 10 02:09:55 tuotantolaitos sshd[17519]: Failed password for invalid user elvis from 164.52.193.111 port 9870 ssh2 ...	2020-04-10 07:46:54
164.52.12.210	attackspam	2020-03-18T04:40:08.124733 sshd[16000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.12.210 user=root 2020-03-18T04:40:09.567069 sshd[16000]: Failed password for root from 164.52.12.210 port 58187 ssh2 2020-03-18T04:54:45.051395 sshd[16247]: Invalid user husty from 164.52.12.210 port 36645 ...	2020-03-18 12:44:17
164.52.152.12	attackbots	Jan 19 15:17:29 odroid64 sshd\[15424\]: User root from 164.52.152.12 not allowed because not listed in AllowUsers Jan 19 15:17:29 odroid64 sshd\[15424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.152.12 user=root ...	2020-03-06 02:13:50
164.52.193.155	attack	Oct 21 17:52:28 odroid64 sshd\[15518\]: Invalid user user from 164.52.193.155 Oct 21 17:52:28 odroid64 sshd\[15518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.155 Oct 21 17:52:30 odroid64 sshd\[15518\]: Failed password for invalid user user from 164.52.193.155 port 38036 ssh2 Oct 21 17:52:28 odroid64 sshd\[15518\]: Invalid user user from 164.52.193.155 Oct 21 17:52:28 odroid64 sshd\[15518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.155 Oct 21 17:52:30 odroid64 sshd\[15518\]: Failed password for invalid user user from 164.52.193.155 port 38036 ssh2 Oct 21 17:52:28 odroid64 sshd\[15518\]: Invalid user user from 164.52.193.155 Oct 21 17:52:28 odroid64 sshd\[15518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.52.193.155 Oct 21 17:52:30 odroid64 sshd\[15518\]: Failed password for invalid user user from 164.52.193.155 po ...	2020-03-06 02:09:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 164.52.1.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29732
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;164.52.1.70.			IN	A

;; AUTHORITY SECTION:
.			349	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052500 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 25 23:49:18 CST 2020
;; MSG SIZE  rcvd: 115

Host info

70.1.52.164.in-addr.arpa has no PTR record

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 70.1.52.164.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.241.44.68	attackspam	Jan 31 09:26:58 toyboy sshd[30399]: Invalid user admin from 180.241.44.68 Jan 31 09:26:58 toyboy sshd[30403]: Invalid user admin from 180.241.44.68 Jan 31 09:26:58 toyboy sshd[30401]: Invalid user admin from 180.241.44.68 Jan 31 09:26:58 toyboy sshd[30399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.241.44.68 Jan 31 09:26:58 toyboy sshd[30403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.241.44.68 Jan 31 09:26:58 toyboy sshd[30401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.241.44.68 Jan 31 09:26:59 toyboy sshd[30399]: Failed password for invalid user admin from 180.241.44.68 port 33477 ssh2 Jan 31 09:26:59 toyboy sshd[30403]: Failed password for invalid user admin from 180.241.44.68 port 64720 ssh2 Jan 31 09:26:59 toyboy sshd[30401]: Failed password for invalid user admin from 180.241.44.68 port 13306 ssh2 Jan 31 09:26:59 to........ -------------------------------	2020-01-31 23:18:04
218.92.0.205	attack	Jan 31 10:45:20 MK-Soft-Root1 sshd[31395]: Failed password for root from 218.92.0.205 port 64467 ssh2 Jan 31 10:45:24 MK-Soft-Root1 sshd[31395]: Failed password for root from 218.92.0.205 port 64467 ssh2 ...	2020-01-31 23:13:44
1.53.207.12	attackbots	Jan 31 09:27:58 mxgate1 postfix/postscreen[11466]: CONNECT from [1.53.207.12]:38875 to [176.31.12.44]:25 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.10 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.3 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11471]: addr 1.53.207.12 listed by domain zen.spamhaus.org as 127.0.0.4 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11468]: addr 1.53.207.12 listed by domain cbl.abuseat.org as 127.0.0.2 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11467]: addr 1.53.207.12 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11469]: addr 1.53.207.12 listed by domain bl.spamcop.net as 127.0.0.2 Jan 31 09:27:58 mxgate1 postfix/dnsblog[11470]: addr 1.53.207.12 listed by domain b.barracudacentral.org as 127.0.0.2 Jan 31 09:28:04 mxgate1 postfix/postscreen[11466]: DNSBL rank 6 for [1.53.207.12]:38875 ........ -------------------------------	2020-01-31 23:22:10
212.92.104.85	attackbots	RDP brute forcing (r)	2020-01-31 23:41:42
175.139.166.252	attackspambots	Jan 31 09:31:07 srv01 sshd[12096]: Invalid user admin from 175.139.166.252 port 49307 Jan 31 09:31:07 srv01 sshd[12096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.166.252 Jan 31 09:31:07 srv01 sshd[12096]: Invalid user admin from 175.139.166.252 port 49307 Jan 31 09:31:09 srv01 sshd[12096]: Failed password for invalid user admin from 175.139.166.252 port 49307 ssh2 Jan 31 09:31:07 srv01 sshd[12096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.166.252 Jan 31 09:31:07 srv01 sshd[12096]: Invalid user admin from 175.139.166.252 port 49307 Jan 31 09:31:09 srv01 sshd[12096]: Failed password for invalid user admin from 175.139.166.252 port 49307 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=175.139.166.252	2020-01-31 23:32:03
104.156.250.136	attackspam	firewall-block, port(s): 16921/tcp, 16934/tcp, 16952/tcp, 16962/tcp, 17191/tcp, 17205/tcp, 17236/tcp, 17253/tcp	2020-01-31 23:05:20
81.22.45.133	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 79 - port: 37165 proto: TCP cat: Misc Attack	2020-01-31 23:06:27
132.145.173.64	attackspam	Unauthorized connection attempt detected from IP address 132.145.173.64 to port 2220 [J]	2020-01-31 23:22:37
102.65.65.6	attackspambots	TCP Port Scanning	2020-01-31 23:38:00
114.113.126.163	attackspambots	Unauthorized connection attempt detected from IP address 114.113.126.163 to port 2220 [J]	2020-01-31 23:29:11
180.166.192.66	attackbotsspam	Brute-force attempt banned	2020-01-31 23:20:14
138.68.242.220	attackbotsspam	Invalid user swaminath from 138.68.242.220 port 59856	2020-01-31 23:11:43
159.65.158.30	attackbotsspam	Invalid user saradasri from 159.65.158.30 port 40474	2020-01-31 23:32:51
79.199.103.113	attackspambots	Jan 31 02:28:22 shell sshd[11091]: Connection from 79.199.103.113 port 47652 on 66.146.192.9 port 22 Jan 31 02:28:22 shell sshd[11092]: Connection from 79.199.103.113 port 47654 on 66.146.192.9 port 22 Jan 31 02:28:25 shell sshd[11091]: Failed password for invalid user pi from 79.199.103.113 port 47652 ssh2 Jan 31 02:28:25 shell sshd[11092]: Failed password for invalid user pi from 79.199.103.113 port 47654 ssh2 Jan 31 02:28:26 shell sshd[11092]: Connection closed by 79.199.103.113 [preauth] Jan 31 02:28:26 shell sshd[11091]: Connection closed by 79.199.103.113 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=79.199.103.113	2020-01-31 23:23:55
94.50.153.47	attackspambots	Jan 31 09:23:51 www sshd[3242]: Failed password for r.r from 94.50.153.47 port 35748 ssh2 Jan 31 09:23:53 www sshd[3242]: Failed password for r.r from 94.50.153.47 port 35748 ssh2 Jan 31 09:23:56 www sshd[3242]: Failed password for r.r from 94.50.153.47 port 35748 ssh2 Jan 31 09:24:01 www sshd[3248]: Failed password for r.r from 94.50.153.47 port 35755 ssh2 Jan 31 09:24:03 www sshd[3248]: Failed password for r.r from 94.50.153.47 port 35755 ssh2 Jan 31 09:24:05 www sshd[3248]: Failed password for r.r from 94.50.153.47 port 35755 ssh2 Jan 31 09:24:10 www sshd[3259]: Failed password for r.r from 94.50.153.47 port 35762 ssh2 Jan 31 09:24:13 www sshd[3259]: Failed password for r.r from 94.50.153.47 port 35762 ssh2 Jan 31 09:24:14 www sshd[3259]: Failed password for r.r from 94.50.153.47 port 35762 ssh2 Jan 31 09:24:21 www sshd[3261]: Failed password for r.r from 94.50.153.47 port 35770 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.50.153.47	2020-01-31 23:11:09

Recently Reported IPs

150.221.57.153	125.222.135.149	88.132.3.142	93.134.23.207
232.154.233.252	189.207.39.203	156.213.56.228	91.153.149.224
52.186.40.140	185.153.199.45	142.93.48.155	185.234.216.111
113.119.44.122	42.117.20.158	215.196.209.105	106.12.192.91
21.196.88.188	151.137.155.212	32.84.99.113	27.26.42.74