157.89.63.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Eastern Kentucky University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	LGS,WP GET /wp-login.php	2019-09-17 13:02:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.89.63.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7030
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.89.63.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 13:02:21 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 70.63.89.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 70.63.89.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.240.94.16	attackspambots	proto=tcp . spt=36743 . dpt=25 . (listed on Dark List de Jul 14) (613)	2019-07-15 07:41:53
178.62.239.96	attackbotsspam	Jul 15 00:15:21 ubuntu-2gb-nbg1-dc3-1 sshd[22724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.239.96 Jul 15 00:15:23 ubuntu-2gb-nbg1-dc3-1 sshd[22724]: Failed password for invalid user shashi from 178.62.239.96 port 35780 ssh2 ...	2019-07-15 07:14:34
39.82.20.110	attack	Automatic report - Port Scan Attack	2019-07-15 07:31:08
177.55.253.162	attack	proto=tcp . spt=51352 . dpt=25 . (listed on Blocklist de Jul 14) (621)	2019-07-15 07:24:32
118.40.141.130	attack	Automatic report - Port Scan Attack	2019-07-15 07:45:52
77.42.79.116	attackspam	Automatic report - Port Scan Attack	2019-07-15 07:16:56
103.19.255.174	attackbots	proto=tcp . spt=33332 . dpt=25 . (listed on Blocklist de Jul 14) (626)	2019-07-15 07:14:56
93.14.78.71	attack	14.07.2019 22:56:40 SSH access blocked by firewall	2019-07-15 07:15:54
185.34.17.39	attackbotsspam	proto=tcp . spt=58770 . dpt=25 . (listed on Blocklist de Jul 14) (624)	2019-07-15 07:19:36
67.4.43.99	attackbotsspam	ssh default account attempted login	2019-07-15 07:34:53
124.237.122.12	attackbotsspam	Jul 14 23:14:06 localhost postfix/smtpd\[19501\]: warning: unknown\[124.237.122.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 23:14:13 localhost postfix/smtpd\[19457\]: warning: unknown\[124.237.122.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 23:14:25 localhost postfix/smtpd\[19501\]: warning: unknown\[124.237.122.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 23:14:50 localhost postfix/smtpd\[19457\]: warning: unknown\[124.237.122.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 14 23:14:58 localhost postfix/smtpd\[19501\]: warning: unknown\[124.237.122.12\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-07-15 07:21:29
174.127.241.94	attackbots	Jul 14 23:31:35 mail sshd\[585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.127.241.94 user=root Jul 14 23:31:37 mail sshd\[585\]: Failed password for root from 174.127.241.94 port 35112 ssh2 Jul 14 23:36:37 mail sshd\[624\]: Invalid user michael from 174.127.241.94 port 33676 Jul 14 23:36:37 mail sshd\[624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.127.241.94 Jul 14 23:36:38 mail sshd\[624\]: Failed password for invalid user michael from 174.127.241.94 port 33676 ssh2 ...	2019-07-15 07:37:27
65.18.115.108	attackbots	14.07.2019 23:14:46 - SMTP Spam without Auth on hMailserver Detected by ELinOX-hMail-A2F	2019-07-15 07:29:23
27.196.83.8	attackbotsspam	DATE:2019-07-14 23:15:03, IP:27.196.83.8, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-07-15 07:17:20
159.148.77.204	attackbots	[munged]::443 159.148.77.204 - - [15/Jul/2019:00:59:02 +0200] "POST /[munged]: HTTP/1.1" 200 6667 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 159.148.77.204 - - [15/Jul/2019:00:59:05 +0200] "POST /[munged]: HTTP/1.1" 200 6680 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 159.148.77.204 - - [15/Jul/2019:00:59:05 +0200] "POST /[munged]: HTTP/1.1" 200 6680 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-15 07:06:42

Recently Reported IPs

232.237.55.52	198.30.87.41	122.14.121.249	37.114.142.252
235.35.29.151	27.220.75.206	243.128.180.103	159.203.201.113
107.132.255.255	173.73.39.2	36.38.43.47	187.8.191.44
129.135.161.76	187.177.58.18	144.48.240.249	156.114.213.75
5.11.112.233	0.145.62.18	205.230.219.11	180.88.4.41