74.211.48.94 - IPInfo

Basic Info

City: Colorado Springs

Region: Colorado

Country: United States

Internet Service Provider: TDS Telecom

Hostname: unknown

Organization: TDS TELECOM

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 1 00:49:41 aat-srv002 sshd[32025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94 Aug 1 00:49:42 aat-srv002 sshd[32025]: Failed password for invalid user pi from 74.211.48.94 port 52062 ssh2 Aug 1 00:49:57 aat-srv002 sshd[32048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94 Aug 1 00:49:58 aat-srv002 sshd[32048]: Failed password for invalid user pi from 74.211.48.94 port 32952 ssh2 ...	2019-08-01 21:14:35
attackbots	Too many connections or unauthorized access detected from Yankee banned ip	2019-08-01 00:06:02

Type

Details

Datetime

attackbots

Aug  1 00:49:41 aat-srv002 sshd[32025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94
Aug  1 00:49:42 aat-srv002 sshd[32025]: Failed password for invalid user pi from 74.211.48.94 port 52062 ssh2
Aug  1 00:49:57 aat-srv002 sshd[32048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94
Aug  1 00:49:58 aat-srv002 sshd[32048]: Failed password for invalid user pi from 74.211.48.94 port 32952 ssh2
...

2019-08-01 21:14:35

attackbots

Too many connections or unauthorized access detected from Yankee banned ip

2019-08-01 00:06:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.211.48.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4004
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;74.211.48.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 00:05:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

94.48.211.74.in-addr.arpa domain name pointer h74-211-48-94.clspco.broadband.dynamic.tds.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
94.48.211.74.in-addr.arpa	name = h74-211-48-94.clspco.broadband.dynamic.tds.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.130.145.121	attack	Aug 11 20:17:15 vps65 sshd\[1709\]: Invalid user ubuntu from 203.130.145.121 port 51645 Aug 11 20:17:15 vps65 sshd\[1709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.145.121 ...	2019-08-12 02:22:14
178.18.30.156	attackbotsspam	Aug 11 16:47:32 www sshd\[59385\]: Invalid user uk from 178.18.30.156Aug 11 16:47:35 www sshd\[59385\]: Failed password for invalid user uk from 178.18.30.156 port 37958 ssh2Aug 11 16:51:49 www sshd\[59403\]: Invalid user guest3 from 178.18.30.156 ...	2019-08-12 02:00:59
159.65.70.218	attack	Aug 11 12:12:03 mail sshd\[26291\]: Failed password for invalid user dusseldorf from 159.65.70.218 port 59428 ssh2 Aug 11 12:28:56 mail sshd\[26440\]: Invalid user marius from 159.65.70.218 port 32986 ...	2019-08-12 02:04:47
77.85.203.4	attack	Automatic report - Port Scan Attack	2019-08-12 01:41:37
1.34.1.148	attack	Honeypot attack, port: 23, PTR: 1-34-1-148.HINET-IP.hinet.net.	2019-08-12 02:25:11
91.121.211.34	attack	Aug 11 20:13:11 SilenceServices sshd[10717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.34 Aug 11 20:13:13 SilenceServices sshd[10717]: Failed password for invalid user word from 91.121.211.34 port 52110 ssh2 Aug 11 20:17:09 SilenceServices sshd[13745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.34	2019-08-12 02:26:34
58.47.177.160	attack	Aug 11 11:56:30 h2177944 sshd\[26002\]: Invalid user xq from 58.47.177.160 port 56039 Aug 11 11:56:30 h2177944 sshd\[26002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.47.177.160 Aug 11 11:56:33 h2177944 sshd\[26002\]: Failed password for invalid user xq from 58.47.177.160 port 56039 ssh2 Aug 11 12:03:05 h2177944 sshd\[26598\]: Invalid user admin from 58.47.177.160 port 50405 Aug 11 12:03:05 h2177944 sshd\[26598\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.47.177.160 ...	2019-08-12 01:45:25
117.50.46.200	attackspambots	Aug 10 16:52:38 penfold sshd[13904]: Invalid user john from 117.50.46.200 port 47726 Aug 10 16:52:38 penfold sshd[13904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.46.200 Aug 10 16:52:39 penfold sshd[13904]: Failed password for invalid user john from 117.50.46.200 port 47726 ssh2 Aug 10 16:52:39 penfold sshd[13904]: Received disconnect from 117.50.46.200 port 47726:11: Bye Bye [preauth] Aug 10 16:52:39 penfold sshd[13904]: Disconnected from 117.50.46.200 port 47726 [preauth] Aug 10 17:10:28 penfold sshd[14824]: Invalid user knox from 117.50.46.200 port 42358 Aug 10 17:10:28 penfold sshd[14824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.46.200 Aug 10 17:10:30 penfold sshd[14824]: Failed password for invalid user knox from 117.50.46.200 port 42358 ssh2 Aug 10 17:10:30 penfold sshd[14824]: Received disconnect from 117.50.46.200 port 42358:11: Bye Bye [preauth] Aug 10........ -------------------------------	2019-08-12 02:08:45
186.92.0.245	attackbots	Honeypot attack, port: 445, PTR: 186-92-0-245.genericrev.cantv.net.	2019-08-12 02:27:01
86.195.78.202	attackspam	Honeypot attack, port: 5555, PTR: aputeaux-653-1-19-202.w86-195.abo.wanadoo.fr.	2019-08-12 02:20:24
199.244.88.67	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-12 02:23:26
180.182.47.132	attackbots	SSH Brute-Force reported by Fail2Ban	2019-08-12 01:59:14
144.217.242.111	attackspam	leo_www	2019-08-12 01:48:41
66.165.213.100	attack	Invalid user pa from 66.165.213.100 port 55476 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.165.213.100 Failed password for invalid user pa from 66.165.213.100 port 55476 ssh2 Invalid user bsmith from 66.165.213.100 port 52540 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.165.213.100	2019-08-12 02:19:47
96.9.72.50	attackspam	Aug 11 09:27:54 nbi-636 sshd[17676]: Did not receive identification string from 96.9.72.50 port 57166 Aug 11 09:27:54 nbi-636 sshd[17677]: Did not receive identification string from 96.9.72.50 port 57155 Aug 11 09:27:54 nbi-636 sshd[17678]: Did not receive identification string from 96.9.72.50 port 51339 Aug 11 09:27:55 nbi-636 sshd[17681]: Did not receive identification string from 96.9.72.50 port 57239 Aug 11 09:27:55 nbi-636 sshd[17683]: Did not receive identification string from 96.9.72.50 port 56891 Aug 11 09:28:10 nbi-636 sshd[17697]: Invalid user system from 96.9.72.50 port 57176 Aug 11 09:28:10 nbi-636 sshd[17698]: Invalid user system from 96.9.72.50 port 63814 Aug 11 09:28:10 nbi-636 sshd[17699]: Invalid user system from 96.9.72.50 port 51297 Aug 11 09:28:12 nbi-636 sshd[17706]: Invalid user system from 96.9.72.50 port 55378 Aug 11 09:28:12 nbi-636 sshd[17707]: Invalid user system from 96.9.72.50 port 55204 Aug 11 09:28:14 nbi-636 sshd[17697]: Failed password f........ -------------------------------	2019-08-12 02:16:20

Recently Reported IPs

80.143.70.54	110.240.88.220	58.117.206.255	204.234.58.149
120.29.85.197	73.242.165.148	78.252.203.158	150.146.151.218
201.252.127.205	104.244.72.12	182.73.199.58	195.211.1.108
41.34.7.202	49.128.165.71	46.64.188.202	90.156.80.85
174.35.7.48	138.149.7.155	69.27.174.234	160.203.12.198