157.89.63.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Eastern Kentucky University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	LGS,WP GET /wp-login.php	2019-09-17 13:02:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.89.63.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7030
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.89.63.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 13:02:21 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 70.63.89.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 70.63.89.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.9.85.99	attack	23/tcp [2019-08-15]1pkt	2019-08-16 07:02:09
14.63.223.226	attackspam	Aug 16 00:43:22 vps691689 sshd[12479]: Failed password for root from 14.63.223.226 port 48255 ssh2 Aug 16 00:50:32 vps691689 sshd[12652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.223.226 ...	2019-08-16 07:00:17
154.66.113.78	attackspam	2019-08-15T22:20:25.712436abusebot.cloudsearch.cf sshd\[8658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.66.113.78 user=root	2019-08-16 06:49:02
222.186.52.89	attackbotsspam	2019-08-15T23:10:21.574546abusebot-2.cloudsearch.cf sshd\[28786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.89 user=root	2019-08-16 07:14:19
61.19.247.121	attack	Aug 16 04:08:21 vibhu-HP-Z238-Microtower-Workstation sshd\[1298\]: Invalid user deployer from 61.19.247.121 Aug 16 04:08:21 vibhu-HP-Z238-Microtower-Workstation sshd\[1298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.247.121 Aug 16 04:08:23 vibhu-HP-Z238-Microtower-Workstation sshd\[1298\]: Failed password for invalid user deployer from 61.19.247.121 port 36668 ssh2 Aug 16 04:13:48 vibhu-HP-Z238-Microtower-Workstation sshd\[1593\]: Invalid user oracle from 61.19.247.121 Aug 16 04:13:48 vibhu-HP-Z238-Microtower-Workstation sshd\[1593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.247.121 ...	2019-08-16 06:48:11
82.240.11.249	attackspambots	SSH Brute Force	2019-08-16 06:51:58
185.10.186.26	attackbots	Aug 15 21:26:54 hcbbdb sshd\[20492\]: Invalid user edit from 185.10.186.26 Aug 15 21:26:54 hcbbdb sshd\[20492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.10.186.26 Aug 15 21:26:56 hcbbdb sshd\[20492\]: Failed password for invalid user edit from 185.10.186.26 port 60672 ssh2 Aug 15 21:31:30 hcbbdb sshd\[20961\]: Invalid user nagios from 185.10.186.26 Aug 15 21:31:30 hcbbdb sshd\[20961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.10.186.26	2019-08-16 07:24:47
190.88.212.34	attack	5431/tcp [2019-08-15]1pkt	2019-08-16 07:24:15
202.100.185.197	attack	23/tcp 23/tcp 23/tcp... [2019-08-15]4pkt,1pt.(tcp)	2019-08-16 06:52:51
114.67.70.94	attack	SSH-BruteForce	2019-08-16 06:57:57
92.118.37.74	attackspambots	Aug 16 00:35:30 h2177944 kernel: \[4232241.918521\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=39012 PROTO=TCP SPT=46525 DPT=55428 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:36:12 h2177944 kernel: \[4232283.265607\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=33227 PROTO=TCP SPT=46525 DPT=11784 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:39:07 h2177944 kernel: \[4232458.119892\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=60196 PROTO=TCP SPT=46525 DPT=55772 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:40:23 h2177944 kernel: \[4232534.609295\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=8591 PROTO=TCP SPT=46525 DPT=57955 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:44:41 h2177944 kernel: \[4232792.515087\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 L	2019-08-16 07:10:12
203.87.133.174	attackbotsspam	445/tcp [2019-08-15]1pkt	2019-08-16 07:16:22
167.114.210.86	attackspam	Aug 16 00:18:56 dedicated sshd[7030]: Invalid user sheri from 167.114.210.86 port 49892	2019-08-16 06:44:43
94.102.56.235	attack	Aug 16 00:33:15 h2177944 kernel: \[4232107.052998\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=94.102.56.235 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=30150 PROTO=TCP SPT=50122 DPT=1116 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:33:45 h2177944 kernel: \[4232137.084253\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=94.102.56.235 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=40776 PROTO=TCP SPT=50139 DPT=1352 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:34:27 h2177944 kernel: \[4232178.741197\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=94.102.56.235 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=59923 PROTO=TCP SPT=50122 DPT=1162 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:40:01 h2177944 kernel: \[4232512.931541\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=94.102.56.235 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=60768 PROTO=TCP SPT=50190 DPT=1818 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:52:33 h2177944 kernel: \[4233264.039560\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=94.102.56.235 DST=85.214.117.9	2019-08-16 07:13:54
222.186.42.117	attack	Aug 16 00:55:24 MainVPS sshd[581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root Aug 16 00:55:26 MainVPS sshd[581]: Failed password for root from 222.186.42.117 port 44542 ssh2 Aug 16 00:55:33 MainVPS sshd[592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root Aug 16 00:55:36 MainVPS sshd[592]: Failed password for root from 222.186.42.117 port 47674 ssh2 Aug 16 00:55:48 MainVPS sshd[612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.117 user=root Aug 16 00:55:51 MainVPS sshd[612]: Failed password for root from 222.186.42.117 port 34378 ssh2 ...	2019-08-16 07:07:44

Recently Reported IPs

232.237.55.52	198.30.87.41	122.14.121.249	37.114.142.252
235.35.29.151	27.220.75.206	243.128.180.103	159.203.201.113
107.132.255.255	173.73.39.2	36.38.43.47	187.8.191.44
129.135.161.76	187.177.58.18	144.48.240.249	156.114.213.75
5.11.112.233	0.145.62.18	205.230.219.11	180.88.4.41