104.244.74.98 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Luxembourg

Internet Service Provider: BuyVM

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Jan 8 03:33:45 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:0d:8f:41:08:00 SRC=104.244.74.98 DST=109.74.200.221 LEN=37 TOS=0x08 PREC=0x20 TTL=56 ID=0 DF PROTO=UDP SPT=49034 DPT=123 LEN=17 ...	2020-03-04 02:07:28
attackspambots	Oct 17 00:55:07 ws12vmsma01 sshd[56825]: Failed password for root from 104.244.74.98 port 39650 ssh2 Oct 17 00:55:09 ws12vmsma01 sshd[56835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.98 user=root Oct 17 00:55:11 ws12vmsma01 sshd[56835]: Failed password for root from 104.244.74.98 port 44678 ssh2 ...	2019-10-17 13:44:01

Type

Details

Datetime

attackbotsspam

Jan  8 03:33:45 mercury kernel: [UFW ALLOW] IN=eth0 OUT= MAC=f2:3c:91:bc:4d:f8:84:78:ac:0d:8f:41:08:00 SRC=104.244.74.98 DST=109.74.200.221 LEN=37 TOS=0x08 PREC=0x20 TTL=56 ID=0 DF PROTO=UDP SPT=49034 DPT=123 LEN=17 
...

2020-03-04 02:07:28

attackspambots

Oct 17 00:55:07 ws12vmsma01 sshd[56825]: Failed password for root from 104.244.74.98 port 39650 ssh2
Oct 17 00:55:09 ws12vmsma01 sshd[56835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.98  user=root
Oct 17 00:55:11 ws12vmsma01 sshd[56835]: Failed password for root from 104.244.74.98 port 44678 ssh2
...

2019-10-17 13:44:01

Comments on same subnet:

IP	Type	Details	Datetime
104.244.74.223	attackspam	Sep 26 22:41:53 OPSO sshd\[7410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.223 user=root Sep 26 22:41:55 OPSO sshd\[7410\]: Failed password for root from 104.244.74.223 port 39220 ssh2 Sep 26 22:41:55 OPSO sshd\[7412\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.223 user=admin Sep 26 22:41:57 OPSO sshd\[7412\]: Failed password for admin from 104.244.74.223 port 41022 ssh2 Sep 26 22:41:58 OPSO sshd\[7416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.223 user=root	2020-09-27 04:58:33
104.244.74.223	attackbots	TCP (SYN) 104.244.74.223:36692 -> port 22, len 48	2020-09-26 12:52:54
104.244.74.28	attackbotsspam	Sep 20 03:44:25 propaganda sshd[23022]: Connection from 104.244.74.28 port 55042 on 10.0.0.161 port 22 rdomain "" Sep 20 03:44:26 propaganda sshd[23022]: Invalid user admin from 104.244.74.28 port 55042	2020-09-21 02:06:38
104.244.74.28	attack	2020-09-20T07:27:05+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-09-20 18:07:24
104.244.74.223	attackspambots	Invalid user admin from 104.244.74.223 port 46624	2020-09-20 00:56:56
104.244.74.223	attackspam	2020-09-19T08:12:51.934191dmca.cloudsearch.cf sshd[7343]: Invalid user admin from 104.244.74.223 port 47402 2020-09-19T08:12:51.939421dmca.cloudsearch.cf sshd[7343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.223 2020-09-19T08:12:51.934191dmca.cloudsearch.cf sshd[7343]: Invalid user admin from 104.244.74.223 port 47402 2020-09-19T08:12:54.215542dmca.cloudsearch.cf sshd[7343]: Failed password for invalid user admin from 104.244.74.223 port 47402 ssh2 2020-09-19T08:12:54.447796dmca.cloudsearch.cf sshd[7345]: Invalid user admin from 104.244.74.223 port 48650 2020-09-19T08:12:54.452658dmca.cloudsearch.cf sshd[7345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.223 2020-09-19T08:12:54.447796dmca.cloudsearch.cf sshd[7345]: Invalid user admin from 104.244.74.223 port 48650 2020-09-19T08:12:56.472965dmca.cloudsearch.cf sshd[7345]: Failed password for invalid user admin from 104.244.74. ...	2020-09-19 16:44:45
104.244.74.169	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-16 23:56:12
104.244.74.169	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-16T07:33:31Z and 2020-09-16T07:33:34Z	2020-09-16 16:13:07
104.244.74.169	attackbotsspam	Sep 16 01:50:12 mail sshd[32693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.169 Sep 16 01:50:14 mail sshd[32693]: Failed password for invalid user admin from 104.244.74.169 port 58212 ssh2 ...	2020-09-16 08:13:26
104.244.74.169	attackspambots	Sep 13 19:00:51 serwer sshd\[26735\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.169 user=root Sep 13 19:00:53 serwer sshd\[26735\]: Failed password for root from 104.244.74.169 port 48976 ssh2 Sep 13 19:00:56 serwer sshd\[26735\]: Failed password for root from 104.244.74.169 port 48976 ssh2 ...	2020-09-14 02:13:32
104.244.74.169	attackbotsspam	(sshd) Failed SSH login from 104.244.74.169 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 13 08:14:27 amsweb01 sshd[11989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.74.169 user=root Sep 13 08:14:28 amsweb01 sshd[11989]: Failed password for root from 104.244.74.169 port 38474 ssh2 Sep 13 08:14:31 amsweb01 sshd[11989]: Failed password for root from 104.244.74.169 port 38474 ssh2 Sep 13 08:14:33 amsweb01 sshd[11989]: Failed password for root from 104.244.74.169 port 38474 ssh2 Sep 13 08:14:35 amsweb01 sshd[11989]: Failed password for root from 104.244.74.169 port 38474 ssh2	2020-09-13 18:10:39
104.244.74.169	attackbotsspam	SSH Brute Force	2020-09-11 21:46:38
104.244.74.169	attack	2020-09-11T05:52:23.133475server.espacesoutien.com sshd[3375]: Failed password for root from 104.244.74.169 port 55944 ssh2 2020-09-11T05:52:25.662921server.espacesoutien.com sshd[3375]: Failed password for root from 104.244.74.169 port 55944 ssh2 2020-09-11T05:52:27.816712server.espacesoutien.com sshd[3375]: Failed password for root from 104.244.74.169 port 55944 ssh2 2020-09-11T05:52:30.466976server.espacesoutien.com sshd[3375]: Failed password for root from 104.244.74.169 port 55944 ssh2 ...	2020-09-11 13:54:31
104.244.74.169	attackbotsspam	Dear user, The IP address [104.244.74.169] experienced 2 failed attempts when attempting to log into SSH running on AstroParrotsNAS within 5 minutes, and was blocked at Wed Sep 9 15:40:51 2020. From AstroParrotsNAS	2020-09-11 06:06:26
104.244.74.57	attack	(sshd) Failed SSH login from 104.244.74.57 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 9 00:10:33 server4 sshd[17193]: Failed password for root from 104.244.74.57 port 59308 ssh2 Sep 9 00:10:36 server4 sshd[17193]: Failed password for root from 104.244.74.57 port 59308 ssh2 Sep 9 00:10:38 server4 sshd[17193]: Failed password for root from 104.244.74.57 port 59308 ssh2 Sep 9 00:10:41 server4 sshd[17193]: Failed password for root from 104.244.74.57 port 59308 ssh2 Sep 9 00:10:44 server4 sshd[17193]: Failed password for root from 104.244.74.57 port 59308 ssh2	2020-09-09 19:43:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.244.74.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27141
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.244.74.98.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101700 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 17 13:43:57 CST 2019
;; MSG SIZE  rcvd: 117

Host info

98.74.244.104.in-addr.arpa domain name pointer roost1.buyvm.kashfi.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
98.74.244.104.in-addr.arpa	name = roost1.buyvm.kashfi.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
43.252.228.165	attack	Dec 15 04:21:09 Tower sshd[15731]: Connection from 43.252.228.165 port 39122 on 192.168.10.220 port 22 Dec 15 04:21:10 Tower sshd[15731]: Failed password for root from 43.252.228.165 port 39122 ssh2 Dec 15 04:21:11 Tower sshd[15731]: Received disconnect from 43.252.228.165 port 39122:11: Bye Bye [preauth] Dec 15 04:21:11 Tower sshd[15731]: Disconnected from authenticating user root 43.252.228.165 port 39122 [preauth]	2019-12-15 18:08:36
222.186.175.147	attackbots	Dec 15 11:26:17 piServer sshd[11429]: Failed password for root from 222.186.175.147 port 10870 ssh2 Dec 15 11:26:21 piServer sshd[11429]: Failed password for root from 222.186.175.147 port 10870 ssh2 Dec 15 11:26:27 piServer sshd[11429]: Failed password for root from 222.186.175.147 port 10870 ssh2 Dec 15 11:26:31 piServer sshd[11429]: Failed password for root from 222.186.175.147 port 10870 ssh2 ...	2019-12-15 18:33:16
49.88.112.116	attackspam	Dec 15 11:31:07 * sshd[4557]: Failed password for root from 49.88.112.116 port 24087 ssh2	2019-12-15 18:37:13
139.59.89.195	attackspambots	2019-12-15T08:27:52.730318vps751288.ovh.net sshd\[9042\]: Invalid user kihara from 139.59.89.195 port 53100 2019-12-15T08:27:52.738035vps751288.ovh.net sshd\[9042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.89.195 2019-12-15T08:27:54.446269vps751288.ovh.net sshd\[9042\]: Failed password for invalid user kihara from 139.59.89.195 port 53100 ssh2 2019-12-15T08:34:13.635466vps751288.ovh.net sshd\[9098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.89.195 user=root 2019-12-15T08:34:15.318466vps751288.ovh.net sshd\[9098\]: Failed password for root from 139.59.89.195 port 33028 ssh2	2019-12-15 18:08:11
193.32.161.71	attackbotsspam	Fail2Ban Ban Triggered	2019-12-15 18:13:34
137.74.199.180	attack	SSH Brute-Force reported by Fail2Ban	2019-12-15 18:08:53
189.8.68.56	attackbots	2019-12-15T10:21:38.167987shield sshd\[19230\]: Invalid user cavill from 189.8.68.56 port 49382 2019-12-15T10:21:38.172509shield sshd\[19230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.68.56 2019-12-15T10:21:40.521851shield sshd\[19230\]: Failed password for invalid user cavill from 189.8.68.56 port 49382 ssh2 2019-12-15T10:28:42.072308shield sshd\[21028\]: Invalid user netware from 189.8.68.56 port 56950 2019-12-15T10:28:42.075740shield sshd\[21028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.68.56	2019-12-15 18:40:52
118.239.14.132	attackspam	Scanning	2019-12-15 18:11:00
103.76.22.115	attack	Dec 15 10:38:04 vpn01 sshd[14575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.22.115 Dec 15 10:38:06 vpn01 sshd[14575]: Failed password for invalid user qwer$#@! from 103.76.22.115 port 44392 ssh2 ...	2019-12-15 18:17:35
203.172.66.216	attack	Dec 15 13:27:07 webhost01 sshd[22451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.172.66.216 Dec 15 13:27:09 webhost01 sshd[22451]: Failed password for invalid user test from 203.172.66.216 port 42842 ssh2 ...	2019-12-15 18:09:42
222.186.190.92	attackbotsspam	Dec 15 11:37:20 vpn01 sshd[15432]: Failed password for root from 222.186.190.92 port 17620 ssh2 Dec 15 11:37:23 vpn01 sshd[15432]: Failed password for root from 222.186.190.92 port 17620 ssh2 ...	2019-12-15 18:38:45
165.227.77.120	attackspambots	Dec 14 23:55:46 hpm sshd\[10058\]: Invalid user admin from 165.227.77.120 Dec 14 23:55:46 hpm sshd\[10058\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.77.120 Dec 14 23:55:48 hpm sshd\[10058\]: Failed password for invalid user admin from 165.227.77.120 port 44072 ssh2 Dec 15 00:00:32 hpm sshd\[10545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.77.120 user=lp Dec 15 00:00:34 hpm sshd\[10545\]: Failed password for lp from 165.227.77.120 port 47812 ssh2	2019-12-15 18:07:58
77.247.109.64	attack	77.247.109.64 was recorded 7 times by 1 hosts attempting to connect to the following ports: 5062,5061,5160,5060,5063,5064,5161. Incident counter (4h, 24h, all-time): 7, 248, 394	2019-12-15 18:44:58
109.244.96.201	attackbotsspam	Dec 15 10:28:30 ns382633 sshd\[15323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.96.201 user=root Dec 15 10:28:32 ns382633 sshd\[15323\]: Failed password for root from 109.244.96.201 port 34272 ssh2 Dec 15 10:59:41 ns382633 sshd\[20437\]: Invalid user kathy from 109.244.96.201 port 49792 Dec 15 10:59:41 ns382633 sshd\[20437\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.96.201 Dec 15 10:59:43 ns382633 sshd\[20437\]: Failed password for invalid user kathy from 109.244.96.201 port 49792 ssh2	2019-12-15 18:18:23
213.110.63.141	attackbotsspam	[portscan] Port scan	2019-12-15 18:07:05

Recently Reported IPs

104.238.137.254	179.179.39.158	71.33.25.129	64.64.242.251
222.92.139.158	150.16.93.228	82.26.179.206	77.4.47.24
227.134.123.207	173.46.50.51	10.31.70.94	182.84.79.9
126.156.146.216	195.184.157.204	190.197.76.51	26.79.88.187
1.36.213.46	68.215.71.70	130.138.176.52	100.171.146.21