74.208.5.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: 1&1 Internet Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SSH login attempts.	2020-03-29 20:20:19
attackbotsspam	SSH login attempts.	2020-02-17 18:13:09

Comments on same subnet:

IP	Type	Details	Datetime
74.208.59.142	attackspam	/wordpress/wp-includes/wlwmanifest.xml	2020-08-20 00:31:51
74.208.5.4	attackspam	SSH login attempts.	2020-07-10 04:03:19
74.208.5.21	attack	SSH login attempts.	2020-05-28 18:36:08
74.208.5.22	attack	SSH login attempts.	2020-03-29 18:58:22
74.208.5.21	attackbots	SSH login attempts.	2020-03-27 23:41:38
74.208.59.62	attackspambots	MYH,DEF GET /test/wp-admin/	2020-03-26 12:03:36
74.208.59.58	attackbots	MYH,DEF GET /test/wp-admin/	2020-03-17 04:40:08
74.208.57.138	attackspam	MYH,DEF GET /wordpress/wp-admin/	2020-03-16 23:58:44
74.208.56.209	attack	MYH,DEF GET /test/wp-admin/	2020-03-12 17:02:37
74.208.57.19	attackspambots	MLV GET /test/wp-admin/	2020-03-08 15:11:07
74.208.59.62	attackbots	GET /wordpress/wp-admin/ 404	2020-02-26 10:46:47
74.208.56.209	attack	GET /wordpress	2020-02-20 05:03:00
74.208.5.21	attackbots	SSH login attempts.	2020-02-17 16:58:17
74.208.56.209	attackspambots	MYH,DEF GET /wordpress/wp-admin/	2019-09-17 07:49:46
74.208.58.12	attackbots	miraniessen.de 74.208.58.12 \[14/Aug/2019:15:04:32 +0200\] "POST /wp-login.php HTTP/1.1" 200 5955 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 74.208.58.12 \[14/Aug/2019:15:04:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5968 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-15 06:13:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.208.5.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36448
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;74.208.5.3.			IN	A

;; AUTHORITY SECTION:
.			285	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021700 1800 900 604800 86400

;; Query time: 733 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 18:13:07 CST 2020
;; MSG SIZE  rcvd: 114

Host info

3.5.208.74.in-addr.arpa domain name pointer mx00.perfora.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.5.208.74.in-addr.arpa	name = mx00.perfora.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.129.100.88	attackbots	Unauthorized connection attempt from IP address 213.129.100.88 on Port 445(SMB)	2020-06-05 04:00:56
170.210.214.50	attack	Brute-force attempt banned	2020-06-05 04:04:56
91.187.118.183	attackspambots	Unauthorized connection attempt from IP address 91.187.118.183 on Port 445(SMB)	2020-06-05 03:30:58
121.231.8.81	attackbotsspam	1433/tcp 1433/tcp 1433/tcp... [2020-06-04]6pkt,1pt.(tcp)	2020-06-05 03:35:36
192.99.34.142	attackbotsspam	2020/05/31 12:42:11 \[error\] 23874\#23874: \16995 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.99.34.142, server: , request: "GET /wp-login.php HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm/php-fdf1d4a0-1ee6-4ddf-8a4a-bf7184d3fc60.sock:", host: "mail.rakkor.uk" 2020/05/31 12:42:11 \[error\] 23874\#23874: \16995 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.99.34.142, server: , request: "GET /wp-login.php HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm/php-fdf1d4a0-1ee6-4ddf-8a4a-bf7184d3fc60.sock:", host: "mail.rakkor.uk" 2020/05/31 12:42:11 \[error\] 23874\#23874: \*16995 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.99.34.142, server: , request: "GET /wp-login.php HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm/php-fdf1d4a0-1ee6-4ddf-8a4a-bf7184d3fc60.sock:", host: "mail.rakkor.uk"	2020-06-05 04:04:15
181.48.120.219	attack	Brute-force attempt banned	2020-06-05 04:09:14
39.115.113.146	attackspam	SSH/22 MH Probe, BF, Hack -	2020-06-05 03:46:20
45.138.100.90	attackbotsspam	Chat Spam	2020-06-05 04:06:07
1.171.128.3	attack	Unauthorized connection attempt from IP address 1.171.128.3 on Port 445(SMB)	2020-06-05 03:42:38
78.128.113.101	attack	Jun 4 20:11:34 web01.agentur-b-2.de postfix/smtps/smtpd[277852]: warning: unknown[78.128.113.101]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 20:11:34 web01.agentur-b-2.de postfix/smtps/smtpd[277852]: lost connection after AUTH from unknown[78.128.113.101] Jun 4 20:11:44 web01.agentur-b-2.de postfix/smtps/smtpd[277852]: lost connection after AUTH from unknown[78.128.113.101] Jun 4 20:11:51 web01.agentur-b-2.de postfix/smtps/smtpd[277876]: warning: unknown[78.128.113.101]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 4 20:11:52 web01.agentur-b-2.de postfix/smtps/smtpd[277876]: lost connection after AUTH from unknown[78.128.113.101]	2020-06-05 03:32:04
195.154.189.23	attackbots	Port Scan detected! ...	2020-06-05 03:36:35
14.29.219.2	attackspam	Brute-force attempt banned	2020-06-05 03:58:34
14.21.36.84	attack	Jun 4 07:08:16 server1 sshd\[6134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.36.84 user=root Jun 4 07:08:18 server1 sshd\[6134\]: Failed password for root from 14.21.36.84 port 33930 ssh2 Jun 4 07:12:10 server1 sshd\[7625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.36.84 user=root Jun 4 07:12:12 server1 sshd\[7625\]: Failed password for root from 14.21.36.84 port 55028 ssh2 Jun 4 07:16:08 server1 sshd\[8770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.21.36.84 user=root ...	2020-06-05 03:58:49
178.62.180.244	attack	178.62.180.244 - - [04/Jun/2020:19:13:05 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.180.244 - - [04/Jun/2020:19:13:05 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.180.244 - - [04/Jun/2020:19:13:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.180.244 - - [04/Jun/2020:19:13:06 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.180.244 - - [04/Jun/2020:19:13:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.180.244 - - [04/Jun/2020:19:13:07 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-06-05 03:38:47
109.188.90.100	attackbots	SMB Server BruteForce Attack	2020-06-05 03:55:25

Recently Reported IPs

196.218.154.120	104.47.36.33	104.47.40.33	52.164.206.56
196.246.210.124	75.144.43.250	196.218.150.140	94.191.60.62
62.36.20.20	216.57.160.10	104.47.33.33	104.47.124.33
83.171.104.57	216.200.145.235	196.218.147.35	104.47.125.33
64.78.26.141	49.86.183.198	194.42.89.101	14.241.66.55