64.8.71.112 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Level 3 Communications Inc.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Received: from 10.213.252.189 (EHLO smtp.knology.net) (64.8.71.112) by mta4399.mail.gq1.yahoo.com with SMTPS; Sun, 07 Jul 2019 05:10:55 +0000 Return-Path:	2019-07-08 05:43:58

Comments on same subnet:

IP	Type	Details	Datetime
64.8.71.111	attack	SSH login attempts.	2020-03-29 20:14:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.8.71.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50682
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;64.8.71.112.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 08 05:43:53 CST 2019
;; MSG SIZE  rcvd: 115

Host info

112.71.8.64.in-addr.arpa domain name pointer smtp.knology.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
112.71.8.64.in-addr.arpa	name = smtp.knology.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.158.184.163	attack	Telnet Honeypot -> Telnet Bruteforce / Login	2020-08-03 06:20:57
222.186.15.115	attackspam	SSH Brute-force	2020-08-03 06:12:53
117.50.63.120	attackspambots	Bruteforce attempt detected on user root, banned.	2020-08-03 06:33:31
191.239.251.207	attack	(smtpauth) Failed SMTP AUTH login from 191.239.251.207 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-08-02 17:21:59 dovecot_login authenticator failed for (ADMIN) [191.239.251.207]:54028: 535 Incorrect authentication data (set_id=lucas@alkosa.com.br) 2020-08-02 17:30:01 dovecot_login authenticator failed for (ADMIN) [191.239.251.207]:50292: 535 Incorrect authentication data (set_id=arquivo@cassiano.com.br) 2020-08-02 17:31:18 dovecot_login authenticator failed for (ADMIN) [191.239.251.207]:52232: 535 Incorrect authentication data (set_id=arquivo@diocesefw.com.br) 2020-08-02 17:56:01 dovecot_login authenticator failed for (ADMIN) [191.239.251.207]:61823: 535 Incorrect authentication data (set_id=evangelista@cassiano.com.br) 2020-08-02 18:00:36 dovecot_login authenticator failed for (ADMIN) [191.239.251.207]:54003: 535 Incorrect authentication data (set_id=creceber@cotrirosa.com.br)	2020-08-03 06:35:38
93.114.86.226	attack	93.114.86.226 - - [02/Aug/2020:22:30:56 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.114.86.226 - - [02/Aug/2020:22:30:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 93.114.86.226 - - [02/Aug/2020:22:30:57 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 06:30:02
175.17.170.36	attackspam	Brute-Force,SSH	2020-08-03 06:21:21
46.101.161.219	attackbots	Brute-Force,SSH	2020-08-03 06:29:29
51.68.19.126	attackspambots	51.68.19.126 - - [02/Aug/2020:23:53:30 +0200] "GET /wp-login.php HTTP/1.1" 200 5990 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.68.19.126 - - [02/Aug/2020:23:53:32 +0200] "POST /wp-login.php HTTP/1.1" 200 6220 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.68.19.126 - - [02/Aug/2020:23:53:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-03 06:20:41
45.55.143.115	attackspam	Aug 2 21:19:20 alfc-lms-prod01 sshd\[19971\]: Invalid user admin from 45.55.143.115 Aug 2 21:19:24 alfc-lms-prod01 sshd\[19975\]: Invalid user admin from 45.55.143.115 Aug 2 21:19:28 alfc-lms-prod01 sshd\[19977\]: Invalid user admin from 45.55.143.115 ...	2020-08-03 06:11:51
49.235.139.216	attack	Aug 2 23:44:43 PorscheCustomer sshd[3474]: Failed password for root from 49.235.139.216 port 32942 ssh2 Aug 2 23:47:03 PorscheCustomer sshd[3583]: Failed password for root from 49.235.139.216 port 60008 ssh2 ...	2020-08-03 06:15:55
149.202.4.243	attackspambots	Aug 2 23:25:44 nextcloud sshd\[15770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.4.243 user=root Aug 2 23:25:46 nextcloud sshd\[15770\]: Failed password for root from 149.202.4.243 port 57892 ssh2 Aug 2 23:28:48 nextcloud sshd\[18914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.4.243 user=root	2020-08-03 06:13:21
112.85.42.229	attack	Aug 2 21:43:50 plex-server sshd[780035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Aug 2 21:43:52 plex-server sshd[780035]: Failed password for root from 112.85.42.229 port 33903 ssh2 Aug 2 21:43:50 plex-server sshd[780035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Aug 2 21:43:52 plex-server sshd[780035]: Failed password for root from 112.85.42.229 port 33903 ssh2 Aug 2 21:43:55 plex-server sshd[780035]: Failed password for root from 112.85.42.229 port 33903 ssh2 ...	2020-08-03 06:06:13
177.14.64.51	attackbots	Icarus honeypot on github	2020-08-03 06:16:30
178.128.89.86	attackbots	Aug 2 23:44:32 ns382633 sshd\[16930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.89.86 user=root Aug 2 23:44:34 ns382633 sshd\[16930\]: Failed password for root from 178.128.89.86 port 40892 ssh2 Aug 2 23:54:46 ns382633 sshd\[18915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.89.86 user=root Aug 2 23:54:48 ns382633 sshd\[18915\]: Failed password for root from 178.128.89.86 port 58364 ssh2 Aug 2 23:59:25 ns382633 sshd\[19827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.89.86 user=root	2020-08-03 06:17:51
185.2.140.155	attackspambots	[ssh] SSH attack	2020-08-03 06:22:38

Recently Reported IPs

123.206.227.102	27.69.5.90	201.105.201.242	87.108.135.92
95.129.25.103	60.168.60.152	185.195.25.21	75.149.221.170
202.1.87.35	2.132.236.231	78.101.22.244	189.51.104.154
177.92.245.91	95.163.255.108	69.94.159.254	27.153.80.184
185.156.177.142	188.215.72.57	201.186.41.142	45.7.230.226