74.120.14.26 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Default Route LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 74.120.14.26:7592 -> port 8883, len 44	2020-10-05 06:19:32
attack	UDP 74.120.14.26:13935 -> port 161, len 71	2020-10-04 22:19:31
attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 64 - port: 8888 proto: tcp cat: Misc Attackbytes: 60	2020-10-04 14:05:29

Type

Details

Datetime

attack

 TCP (SYN) 74.120.14.26:7592 -> port 8883, len 44

2020-10-05 06:19:32

attack

 UDP 74.120.14.26:13935 -> port 161, len 71

2020-10-04 22:19:31

attackspam

ET CINS Active Threat Intelligence Poor Reputation IP group 64 - port: 8888 proto: tcp cat: Misc Attackbytes: 60

2020-10-04 14:05:29

Comments on same subnet:

IP	Type	Details	Datetime
74.120.14.29	attackbots	TCP (SYN) 74.120.14.29:49585 -> port 995, len 44	2020-10-14 06:47:10
74.120.14.18	attack	TCP (SYN) 74.120.14.18:63537 -> port 8080, len 44	2020-10-14 05:41:37
74.120.14.16	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 66 - port: 8089 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:22:14
74.120.14.71	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 67 - port: 7070 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:06:23
74.120.14.27	attackspambots	Port scan: Attack repeated for 24 hours	2020-10-14 03:44:00
74.120.14.74	attack	TCP (SYN) 74.120.14.74:36705 -> port 5495, len 44	2020-10-13 22:38:32
74.120.14.16	attack	TCP (SYN) 74.120.14.16:37330 -> port 25, len 44	2020-10-13 20:41:28
74.120.14.67	attackbots	9833/tcp 9718/tcp 18029/tcp... [2020-09-14/10-13]192pkt,176pt.(tcp)	2020-10-13 20:41:03
74.120.14.27	attackspam	TCP (SYN) 74.120.14.27:33289 -> port 2222, len 44	2020-10-13 19:03:33
74.120.14.74	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 65	2020-10-13 13:59:10
74.120.14.16	attack	spam	2020-10-13 12:13:05
74.120.14.67	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 65 - port: 8382 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 12:12:48
74.120.14.75	attackspam	TCP (SYN) 74.120.14.75:2675 -> port 3010, len 44	2020-10-13 12:12:15
74.120.14.74	attackbots	TCP (SYN) 74.120.14.74:24302 -> port 9845, len 44	2020-10-13 06:43:19
74.120.14.16	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 64 - port: 1194 proto: tcp cat: Misc Attackbytes: 60	2020-10-13 05:02:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.120.14.26
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32258
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;74.120.14.26.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100301 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 04 14:05:25 CST 2020
;; MSG SIZE  rcvd: 116

Host info

26.14.120.74.in-addr.arpa domain name pointer scanner-02.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
26.14.120.74.in-addr.arpa	name = scanner-02.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.22.45.237	attackspam	firewall-block, port(s): 4/tcp	2019-09-26 15:05:18
134.175.59.235	attackbots	Sep 25 20:18:53 lcdev sshd\[6439\]: Invalid user dy from 134.175.59.235 Sep 25 20:18:53 lcdev sshd\[6439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235 Sep 25 20:18:55 lcdev sshd\[6439\]: Failed password for invalid user dy from 134.175.59.235 port 39397 ssh2 Sep 25 20:23:44 lcdev sshd\[6801\]: Invalid user akinori from 134.175.59.235 Sep 25 20:23:44 lcdev sshd\[6801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235	2019-09-26 14:27:05
218.92.0.175	attackbotsspam	2019-09-26T07:12:17.724771+01:00 suse sshd[24541]: User root from 218.92.0.175 not allowed because not listed in AllowUsers 2019-09-26T07:12:19.832869+01:00 suse sshd[24541]: error: PAM: Authentication failure for illegal user root from 218.92.0.175 2019-09-26T07:12:17.724771+01:00 suse sshd[24541]: User root from 218.92.0.175 not allowed because not listed in AllowUsers 2019-09-26T07:12:19.832869+01:00 suse sshd[24541]: error: PAM: Authentication failure for illegal user root from 218.92.0.175 2019-09-26T07:12:17.724771+01:00 suse sshd[24541]: User root from 218.92.0.175 not allowed because not listed in AllowUsers 2019-09-26T07:12:19.832869+01:00 suse sshd[24541]: error: PAM: Authentication failure for illegal user root from 218.92.0.175 2019-09-26T07:12:19.835515+01:00 suse sshd[24541]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.175 port 13035 ssh2 ...	2019-09-26 14:29:39
49.88.112.90	attackspambots	Sep 26 08:42:09 v22018076622670303 sshd\[4165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.90 user=root Sep 26 08:42:11 v22018076622670303 sshd\[4165\]: Failed password for root from 49.88.112.90 port 12471 ssh2 Sep 26 08:42:13 v22018076622670303 sshd\[4165\]: Failed password for root from 49.88.112.90 port 12471 ssh2 ...	2019-09-26 14:42:41
2001:41d0:1:e937::1	attackspam	/wp-includes/do.php	2019-09-26 15:06:40
95.179.198.6	attackspambots	WordPress wp-login brute force :: 95.179.198.6 0.128 BYPASS [26/Sep/2019:13:51:30 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-26 15:00:50
107.175.246.138	attackspambots	\[2019-09-26 02:40:29\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '107.175.246.138:56244' - Wrong password \[2019-09-26 02:40:29\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-26T02:40:29.443-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3100099",SessionID="0x7f1e1c011788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/107.175.246.138/56244",Challenge="07120550",ReceivedChallenge="07120550",ReceivedHash="dcff8247a8b91e1afbdeb9328d5267aa" \[2019-09-26 02:44:31\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '107.175.246.138:53854' - Wrong password \[2019-09-26 02:44:31\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-26T02:44:31.184-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="45000072",SessionID="0x7f1e1c011788",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress	2019-09-26 14:56:01
51.254.131.137	attackbotsspam	Sep 26 00:48:57 ws12vmsma01 sshd[29523]: Invalid user mediatomb from 51.254.131.137 Sep 26 00:48:59 ws12vmsma01 sshd[29523]: Failed password for invalid user mediatomb from 51.254.131.137 port 40628 ssh2 Sep 26 00:52:47 ws12vmsma01 sshd[30085]: Invalid user you from 51.254.131.137 ...	2019-09-26 14:32:43
103.69.216.102	attack	Automatic report - Port Scan Attack	2019-09-26 14:59:09
45.12.220.220	attack	B: zzZZzz blocked content access	2019-09-26 14:41:40
140.143.196.66	attackspambots	Sep 26 08:26:54 s64-1 sshd[7063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.196.66 Sep 26 08:26:56 s64-1 sshd[7063]: Failed password for invalid user mlocate from 140.143.196.66 port 35216 ssh2 Sep 26 08:32:54 s64-1 sshd[7106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.196.66 ...	2019-09-26 14:36:05
66.249.70.9	attack	Automatic report - Banned IP Access	2019-09-26 15:02:58
124.133.52.153	attackspambots	2019-09-26T09:44:59.436233tmaserv sshd\[9912\]: Invalid user target from 124.133.52.153 port 59542 2019-09-26T09:44:59.440748tmaserv sshd\[9912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.133.52.153 2019-09-26T09:45:01.705234tmaserv sshd\[9912\]: Failed password for invalid user target from 124.133.52.153 port 59542 ssh2 2019-09-26T09:51:23.614939tmaserv sshd\[10298\]: Invalid user adsl from 124.133.52.153 port 52356 2019-09-26T09:51:23.619621tmaserv sshd\[10298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.133.52.153 2019-09-26T09:51:25.266824tmaserv sshd\[10298\]: Failed password for invalid user adsl from 124.133.52.153 port 52356 ssh2 ...	2019-09-26 14:53:58
59.61.206.221	attackbotsspam	Sep 26 08:01:09 herz-der-gamer sshd[19611]: Invalid user john from 59.61.206.221 port 51175 Sep 26 08:01:09 herz-der-gamer sshd[19611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.61.206.221 Sep 26 08:01:09 herz-der-gamer sshd[19611]: Invalid user john from 59.61.206.221 port 51175 Sep 26 08:01:12 herz-der-gamer sshd[19611]: Failed password for invalid user john from 59.61.206.221 port 51175 ssh2 ...	2019-09-26 15:03:32
60.182.197.114	attack	2019-09-26T04:52:50.175160beta postfix/smtpd[21745]: warning: unknown[60.182.197.114]: SASL LOGIN authentication failed: authentication failure 2019-09-26T04:52:54.216499beta postfix/smtpd[21856]: warning: unknown[60.182.197.114]: SASL LOGIN authentication failed: authentication failure 2019-09-26T04:52:57.808622beta postfix/smtpd[21745]: warning: unknown[60.182.197.114]: SASL LOGIN authentication failed: authentication failure ...	2019-09-26 14:34:40

Recently Reported IPs

156.206.176.204	112.6.40.63	77.8.223.136	115.99.103.182
61.219.126.222	121.201.95.58	110.93.225.179	249.50.133.249
86.111.136.187	138.94.45.95	193.204.229.123	120.120.73.217
155.183.30.101	224.186.182.152	197.215.167.194	190.64.74.250
38.107.107.78	247.35.19.212	157.202.211.245	177.218.9.251