Go
IP informations Cybercrime IP Feeds Raw whois
64.91.249.207
is a
Hacker
100 %
United States
Report Abuse
78attacks reported
52Port Scan
9Hacking
8Port ScanHackingExploited Host
3Fraud VoIPHackingBrute-Force
3HackingBrute-Force
2uncategorized
1Port ScanHacking
3reputation reported
3uncategorized
1abuse reported
1Email Spam
1organizations reported
1uncategorized
from 17 distinct reporters
and 3 distinct sources : blocklist.net.ua, FireHOL, AbuseIPDB
64.91.249.207 was first signaled at 2019-03-29 18:23 and last record was at 2020-08-04 13:52.
IP

64.91.249.207

Organization
Liquid Web, L.L.C
all IP owned by Liquid Web, L.L.C
Localisation
United States
Michigan, Lansing
NetRange : First & Last IP
64.91.224.0 - 64.91.255.255
Network CIDR
64.91.224.0/19

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2020-08-04 13:52 attacks Port Scan AbuseIPDB ET CINS Active Threat Intelligence Poor Reputation IP group 65 - port: 8393 proto: tcp cat: Misc Attackbytes: 60
2020-08-04 12:51 attacks Port Scan AbuseIPDB trying to access non-authorized port
2020-08-04 09:40 attacks Port Scan AbuseIPDB 8393/tcp 8274/tcp 15070/tcp... [2020-06-05/08-04]152pkt,58pt.(tcp)
2020-08-04 06:00 attacks Port Scan AbuseIPDB Port Scan
2020-08-04 01:57 attacks Hacking AbuseIPDB Unauthorized connection attempt detected from IP address 64.91.249.207 to port 8393
2020-08-04 01:33 attacks Hacking AbuseIPDB Unauthorized connection attempt detected from IP address 64.91.249.207 to port 8393
2020-08-03 22:46 attacks Fraud VoIPHackingBrute-Force AbuseIPDB SIP/5060 Probe, BF, Hack -
2020-08-03 21:07 attacks Port Scan AbuseIPDB Port scan denied
2020-08-03 20:18 attacks Hacking AbuseIPDB Unauthorized connection attempt detected from IP address 64.91.249.207 to port 8393
2020-08-03 17:30 attacks Port Scan AbuseIPDB firewall-block, port(s): 8393/tcp
2020-08-03 16:05 attacks Port Scan AbuseIPDB Aug 4 03:05:22 debian-2gb-nbg1-2 kernel: \[18761590.938862\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=64.91.249.20
2020-08-03 12:12 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2020-08-03 09:32 attacks Port Scan AbuseIPDB Aug 3 20:32:49 debian-2gb-nbg1-2 kernel: \[18738039.464566\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=64.91.249.20
2020-08-03 01:02 attacks Hacking AbuseIPDB Unauthorized connection attempt detected from IP address 64.91.249.207 to port 8274
2020-08-02 20:50 attacks Port Scan AbuseIPDB Port scan denied
2020-08-02 20:25 attacks Port Scan AbuseIPDB SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found
2020-08-02 18:59 attacks Port Scan AbuseIPDB " "
2020-08-02 09:33 attacks Port Scan AbuseIPDB 15070/tcp 30879/tcp 12073/tcp... [2020-06-02/08-02]152pkt,58pt.(tcp)
2020-08-02 07:41 attacks Port Scan AbuseIPDB Port scan denied
2020-08-02 07:33 attacks Port Scan AbuseIPDB Port scan denied
2020-08-02 06:59 attacks Port Scan AbuseIPDB trying to access non-authorized port
2020-08-02 05:57 attacks Port Scan AbuseIPDB Port Scan
2020-08-01 22:50 attacks HackingBrute-Force AbuseIPDB Fail2Ban Ban Triggered
2020-08-01 22:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 15070/tcp
2020-08-01 13:24 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2020-07-31 16:40 attacks Port Scan AbuseIPDB firewall-block, port(s): 30879/tcp
2020-07-31 16:26 attacks Port Scan AbuseIPDB SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found
2020-07-31 15:28 attacks Port Scan AbuseIPDB Port Scan
2020-07-31 13:38 attacks Port Scan AbuseIPDB Aug 1 00:38:51 debian-2gb-nbg1-2 kernel: \[18493615.417308\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=64.91.249.20
2020-07-31 10:21 attacks Port Scan AbuseIPDB 07/31/2020-15:21:30.168681 64.91.249.207 Protocol: 6 ET SCAN NMAP -sS window 1024
2020-07-31 08:35 attacks Port Scan AbuseIPDB 12073/tcp 19477/tcp 29698/tcp... [2020-05-31/07-31]152pkt,58pt.(tcp)
2020-07-31 06:52 attacks Port Scan AbuseIPDB " "
2020-07-31 05:21 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2020-07-31 00:07 attacks Fraud VoIPHackingBrute-Force AbuseIPDB SIP/5060 Probe, BF, Hack -
2020-07-30 23:50 attacks Port Scan AbuseIPDB firewall-block, port(s): 12073/tcp
2020-07-30 20:38 attacks Port Scan AbuseIPDB Port scan denied
2020-07-30 04:22 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2020-07-29 22:09 attacks Port Scan AbuseIPDB " "
2020-07-29 17:40 attacks Port Scan AbuseIPDB 07/29/2020-22:40:44.385300 64.91.249.207 Protocol: 6 ET SCAN NMAP -sS window 1024
2020-07-29 09:17 attacks Port Scan AbuseIPDB 07/29/2020-14:17:49.455726 64.91.249.207 Protocol: 6 ET SCAN NMAP -sS window 1024
2020-07-29 07:39 attacks Port Scan AbuseIPDB 29698/tcp 7544/tcp 7340/tcp... [2020-05-29/07-29]154pkt,58pt.(tcp)
2020-07-29 01:03 attacks Port Scan AbuseIPDB Jul 29 12:03:06 debian-2gb-nbg1-2 kernel: \[18275482.150342\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=64.91.249.2
2020-07-28 20:34 attacks Port Scan AbuseIPDB Port scan denied
2020-07-28 16:58 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2020-07-27 23:51 attacks Port Scan AbuseIPDB " "
2020-07-27 23:28 attacks Hacking AbuseIPDB Unauthorized connection attempt detected from IP address 64.91.249.207 to port 7544
2020-07-27 23:27 attacks HackingBrute-Force AbuseIPDB Fail2Ban Ban Triggered
2020-07-27 23:01 attacks Port Scan AbuseIPDB Jul 28 10:01:27 debian-2gb-nbg1-2 kernel: \[18181788.886154\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=64.91.249.2
2020-07-27 19:39 attacks Port Scan AbuseIPDB Unauthorized connection attempt detected from IP address 64.91.249.207 to port 7544 [T]
2020-07-27 19:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 7544/tcp
2020-04-12 06:25 attacks Port Scan AbuseIPDB 04/12/2020-11:25:37.157017 64.91.249.207 Protocol: 6 ET SCAN NMAP -sS window 1024
2020-04-12 06:46 attacks Port Scan AbuseIPDB Attempted connection to port 14677.
2020-04-12 10:02 attacks Port Scan AbuseIPDB Apr 12 21:02:57 debian-2gb-nbg1-2 kernel: \[8977174.753398\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=64.91.249.20
2020-04-12 10:50 attacks Port Scan AbuseIPDB firewall-block, port(s): 14677/tcp
2020-04-12 11:38 attacks Port Scan AbuseIPDB 14677/tcp [2020-04-12]1pkt
2020-07-24 03:44 attacks Port Scan AbuseIPDB ET CINS Active Threat Intelligence Poor Reputation IP group 62 - port: 15850 proto: tcp cat: Misc Attackbytes: 60
2020-07-24 05:09 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2020-07-24 07:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 15850/tcp
2020-07-24 16:19 attacks Port ScanHacking AbuseIPDB Portscan or hack attempt detected by psad/fwsnort
2020-07-25 05:38 attacks Port Scan AbuseIPDB 24045/tcp 15850/tcp 26593/tcp... [2020-05-25/07-25]153pkt,58pt.(tcp)
2020-07-31 15:53 reputation alienvault_reputation  
2020-07-31 15:57 abuse Email Spam blocklist_net_ua blocklist.net.ua  
2020-07-31 16:02 attacks firehol_level4 FireHOL  
2020-07-31 16:11 reputation iblocklist_ciarmy_malicious  
2020-08-01 14:57 reputation ciarmy  
2020-08-01 14:59 attacks firehol_level3 FireHOL  
2019-03-29 18:23 organizations datacenters  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

NetRange: 64.91.224.0 - 64.91.255.255
CIDR: 64.91.224.0/19
NetName: LIQUIDWEB
NetHandle: NET-64-91-224-0-1
Parent: NET64 (NET-64-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS32244
Organization: Liquid Web, L.L.C (LQWB)
RegDate: 2001-07-20
Updated: 2012-02-24
Ref: https://rdap.arin.net/registry/ip/ 64.91.224.0

OrgName: Liquid Web, L.L.C
OrgId: LQWB
Address: 4210 Creyts Rd.
City: Lansing
StateProv: MI
PostalCode: 48917
Country: US
RegDate: 2001-07-20
Updated: 2020-04-29
Ref: https://rdap.arin.net/registry/entity/LQWB

ReferralServer: rwhois://rwhois.liquidweb.com:4321

OrgTechHandle: IPADM47-ARIN
OrgTechName: IP Administrator
OrgTechPhone: +1-800-580-4985
OrgTechEmail: ipadmin@liquidweb.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPADM47-ARIN

OrgAbuseHandle: ABUSE551-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-800-580-4985
OrgAbuseEmail: abuse@liquidweb.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE551-ARIN

RAbuseHandle: IPADM47-ARIN
RAbuseName: IP Administrator
RAbusePhone: +1-800-580-4985
RAbuseEmail: ipadmin@liquidweb.com
RAbuseRef: https://rdap.arin.net/registry/entity/IPADM47-ARIN

RTechHandle: IPADM47-ARIN
RTechName: IP Administrator
RTechPhone: +1-800-580-4985
RTechEmail: ipadmin@liquidweb.com
RTechRef: https://rdap.arin.net/registry/entity/IPADM47-ARIN

Renvoi trouvé vers rwhois.liquidweb.com:4321.

network:Class-Name:network
network:ID:NETBLK-SOURCEDNS. 64.91.224.0/19
network:Auth-Area: 64.91.224.0/19
network:Network-Name:SOURCEDNS- 64.91.224.0
network:IP-Network: 64.91.224.0/19
network:IP-Network-Block: 64.91.224.0 - 64.91.255.255
network:Organization;I:SOURCEDNS
network:Org-Name:SourceDNS
network:Street-Address:4210 Creyts Rd.
network:City:Lansing
network:State:MI
network:Postal-Code:48917
network:Country-Code:US
network:Tech-Contact;I:admin@sourcedns.com
network:Created:20040212
network:Updated:20060327
network:Updated-By:admin@sourcedns.com
network:Abuse:abuse@sourcedns.com
most specific ip range is highlighted
Updated : 2020-08-28