74.120.14.19 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Default Route LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 74.120.14.19:43141 -> port 1433, len 44	2020-10-04 06:06:04
attackspambots	TCP (SYN) 74.120.14.19:2739 -> port 25, len 44	2020-10-03 13:52:01
attackbots	TCP (SYN) 74.120.14.19:25972 -> port 443, len 44	2020-09-07 01:11:31
attackbots	ET DROP Dshield Block Listed Source group 1 - port: 6379 proto: tcp cat: Misc Attackbytes: 60	2020-09-06 16:33:04
attack	port	2020-09-06 08:33:11
attackspambots	Scanning	2020-09-01 19:31:13

Comments on same subnet:

IP	Type	Details	Datetime
74.120.14.29	attackbots	TCP (SYN) 74.120.14.29:49585 -> port 995, len 44	2020-10-14 06:47:10
74.120.14.18	attack	TCP (SYN) 74.120.14.18:63537 -> port 8080, len 44	2020-10-14 05:41:37
74.120.14.16	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 66 - port: 8089 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:22:14
74.120.14.71	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 67 - port: 7070 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:06:23
74.120.14.27	attackspambots	Port scan: Attack repeated for 24 hours	2020-10-14 03:44:00
74.120.14.74	attack	TCP (SYN) 74.120.14.74:36705 -> port 5495, len 44	2020-10-13 22:38:32
74.120.14.16	attack	TCP (SYN) 74.120.14.16:37330 -> port 25, len 44	2020-10-13 20:41:28
74.120.14.67	attackbots	9833/tcp 9718/tcp 18029/tcp... [2020-09-14/10-13]192pkt,176pt.(tcp)	2020-10-13 20:41:03
74.120.14.27	attackspam	TCP (SYN) 74.120.14.27:33289 -> port 2222, len 44	2020-10-13 19:03:33
74.120.14.74	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 65	2020-10-13 13:59:10
74.120.14.16	attack	spam	2020-10-13 12:13:05
74.120.14.67	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 65 - port: 8382 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:12:48
74.120.14.75	attackspam	TCP (SYN) 74.120.14.75:2675 -> port 3010, len 44	2020-10-13 12:12:15
74.120.14.74	attackbots	TCP (SYN) 74.120.14.74:24302 -> port 9845, len 44	2020-10-13 06:43:19
74.120.14.16	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 64 - port: 1194 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 05:02:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.120.14.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14271
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;74.120.14.19.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090100 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 19:31:08 CST 2020
;; MSG SIZE  rcvd: 116

Host info

19.14.120.74.in-addr.arpa domain name pointer scanner-02.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
19.14.120.74.in-addr.arpa	name = scanner-02.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
168.0.155.15	attackspambots	Oct 13 22:25:15 eventyay sshd[24747]: Failed password for root from 168.0.155.15 port 54510 ssh2 Oct 13 22:29:06 eventyay sshd[24854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.0.155.15 Oct 13 22:29:08 eventyay sshd[24854]: Failed password for invalid user connor from 168.0.155.15 port 58812 ssh2 ...	2020-10-14 04:53:43
61.144.20.176	attackspambots	Oct 13 05:55:03 fabrik01 sshd\[14949\]: Invalid user postgres from 61.144.20.176Oct 13 05:55:05 fabrik01 sshd\[14949\]: Failed password for invalid user postgres from 61.144.20.176 port 47648 ssh2Oct 13 05:59:10 fabrik01 sshd\[15075\]: Invalid user smith from 61.144.20.176Oct 13 05:59:12 fabrik01 sshd\[15075\]: Failed password for invalid user smith from 61.144.20.176 port 48124 ssh2Oct 13 06:03:30 fabrik01 sshd\[15219\]: Invalid user sou from 61.144.20.176Oct 13 06:03:32 fabrik01 sshd\[15219\]: Failed password for invalid user sou from 61.144.20.176 port 48606 ssh2 ...	2020-10-14 04:53:00
176.122.158.234	attackbots	Oct 13 13:30:09 localhost sshd\[26851\]: Invalid user ftpsiteuser from 176.122.158.234 port 52482 Oct 13 13:30:09 localhost sshd\[26851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.122.158.234 Oct 13 13:30:11 localhost sshd\[26851\]: Failed password for invalid user ftpsiteuser from 176.122.158.234 port 52482 ssh2 ...	2020-10-14 04:50:15
86.124.131.5	attackbotsspam	Automatic report - Port Scan Attack	2020-10-14 04:37:05
138.197.222.97	attack	2020-10-12T16:00:26.682148morrigan.ad5gb.com sshd[719623]: Failed password for invalid user wangyi from 138.197.222.97 port 54454 ssh2	2020-10-14 04:45:32
124.244.15.151	attack	(sshd) Failed SSH login from 124.244.15.151 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 16:42:57 server2 sshd[11915]: Invalid user admin from 124.244.15.151 Oct 12 16:42:59 server2 sshd[11915]: Failed password for invalid user admin from 124.244.15.151 port 39223 ssh2 Oct 12 16:43:01 server2 sshd[11935]: Invalid user admin from 124.244.15.151 Oct 12 16:43:03 server2 sshd[11935]: Failed password for invalid user admin from 124.244.15.151 port 39329 ssh2 Oct 12 16:43:04 server2 sshd[12221]: Invalid user admin from 124.244.15.151	2020-10-14 04:34:01
194.26.25.108	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 3352 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 04:56:39
177.152.124.24	attackbots	Oct 13 22:19:31 [host] sshd[18292]: Invalid user d Oct 13 22:19:31 [host] sshd[18292]: pam_unix(sshd: Oct 13 22:19:33 [host] sshd[18292]: Failed passwor	2020-10-14 04:49:45
173.255.249.78	attackspambots	Unauthorized connection attempt detected from IP address 173.255.249.78 to port 1962	2020-10-14 04:37:47
89.187.177.121	attackbotsspam	SSH login attempts with user root.	2020-10-14 04:32:53
194.87.139.188	attackbots	164.68.126.225 194.87.139.188 [13/Oct/2020:19:20:38 +0200] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 301 532 "-" "-" 164.68.126.225 194.87.139.188 [13/Oct/2020:19:20:38 +0200] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 301 532 "-" "-" 164.68.126.225 194.87.139.188 [13/Oct/2020:19:20:38 +0200] "GET //pma/scripts/setup.php HTTP/1.1" 301 518 "-" "-"	2020-10-14 04:39:49
76.102.78.161	attackbots	SSH brute force	2020-10-14 04:46:26
109.232.109.58	attack	2020-10-14T01:23:15.707780hostname sshd[99875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.232.109.58 user=root 2020-10-14T01:23:17.652399hostname sshd[99875]: Failed password for root from 109.232.109.58 port 45068 ssh2 ...	2020-10-14 04:42:02
112.85.42.183	attackbotsspam	$f2bV_matches	2020-10-14 04:55:32
93.174.95.106	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 85 - port: 81 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:00:41

Recently Reported IPs

1.2.147.214	201.210.197.191	189.100.174.225	181.36.225.163
211.27.227.30	167.248.133.23	58.50.109.40	109.199.51.54
68.238.241.143	63.79.149.86	85.29.129.189	93.185.244.73
40.68.119.88	122.148.150.170	113.160.223.209	14.166.34.216
209.14.105.102	221.179.87.134	183.80.50.36	150.117.97.186