74.211.48.94 - IPInfo

Basic Info

City: Colorado Springs

Region: Colorado

Country: United States

Internet Service Provider: TDS Telecom

Hostname: unknown

Organization: TDS TELECOM

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 1 00:49:41 aat-srv002 sshd[32025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94 Aug 1 00:49:42 aat-srv002 sshd[32025]: Failed password for invalid user pi from 74.211.48.94 port 52062 ssh2 Aug 1 00:49:57 aat-srv002 sshd[32048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94 Aug 1 00:49:58 aat-srv002 sshd[32048]: Failed password for invalid user pi from 74.211.48.94 port 32952 ssh2 ...	2019-08-01 21:14:35
attackbots	Too many connections or unauthorized access detected from Yankee banned ip	2019-08-01 00:06:02

Type

Details

Datetime

attackbots

Aug  1 00:49:41 aat-srv002 sshd[32025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94
Aug  1 00:49:42 aat-srv002 sshd[32025]: Failed password for invalid user pi from 74.211.48.94 port 52062 ssh2
Aug  1 00:49:57 aat-srv002 sshd[32048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.211.48.94
Aug  1 00:49:58 aat-srv002 sshd[32048]: Failed password for invalid user pi from 74.211.48.94 port 32952 ssh2
...

2019-08-01 21:14:35

attackbots

Too many connections or unauthorized access detected from Yankee banned ip

2019-08-01 00:06:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.211.48.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4004
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;74.211.48.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 00:05:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

94.48.211.74.in-addr.arpa domain name pointer h74-211-48-94.clspco.broadband.dynamic.tds.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
94.48.211.74.in-addr.arpa	name = h74-211-48-94.clspco.broadband.dynamic.tds.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.43.167.234	attack	$f2bV_matches	2020-04-22 16:50:50
157.245.219.63	attackbots	Invalid user admin from 157.245.219.63 port 48752	2020-04-22 16:31:10
206.189.235.233	attack	SSH brutforce	2020-04-22 16:34:29
103.116.203.154	normal	Send port my ip	2020-04-22 16:49:15
163.172.145.149	attack	(sshd) Failed SSH login from 163.172.145.149 (FR/France/149-145-172-163.rev.cloud.scaleway.com): 5 in the last 3600 secs	2020-04-22 16:18:27
132.232.66.238	attack	Apr 21 20:23:17 nbi-636 sshd[23711]: User r.r from 132.232.66.238 not allowed because not listed in AllowUsers Apr 21 20:23:17 nbi-636 sshd[23711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.66.238 user=r.r Apr 21 20:23:20 nbi-636 sshd[23711]: Failed password for invalid user r.r from 132.232.66.238 port 38158 ssh2 Apr 21 20:23:21 nbi-636 sshd[23711]: Received disconnect from 132.232.66.238 port 38158:11: Bye Bye [preauth] Apr 21 20:23:21 nbi-636 sshd[23711]: Disconnected from invalid user r.r 132.232.66.238 port 38158 [preauth] Apr 21 20:31:26 nbi-636 sshd[26745]: Invalid user ii from 132.232.66.238 port 56756 Apr 21 20:31:26 nbi-636 sshd[26745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.66.238 Apr 21 20:31:28 nbi-636 sshd[26745]: Failed password for invalid user ii from 132.232.66.238 port 56756 ssh2 Apr 21 20:31:28 nbi-636 sshd[26745]: Received disconnect from........ -------------------------------	2020-04-22 16:45:49
45.55.243.124	attackbotsspam	<6 unauthorized SSH connections	2020-04-22 16:56:57
202.158.123.94	attackbots	20 attempts against mh-ssh on cloud	2020-04-22 16:41:23
60.182.167.107	attack	Invalid user m from 60.182.167.107 port 57248	2020-04-22 16:43:27
183.88.234.230	attackbotsspam	Autoban 183.88.234.230 ABORTED AUTH	2020-04-22 16:33:00
106.12.93.25	attack	Apr 22 07:03:51 rotator sshd\[5562\]: Invalid user sa from 106.12.93.25Apr 22 07:03:53 rotator sshd\[5562\]: Failed password for invalid user sa from 106.12.93.25 port 57330 ssh2Apr 22 07:06:43 rotator sshd\[6353\]: Failed password for root from 106.12.93.25 port 35286 ssh2Apr 22 07:09:14 rotator sshd\[6397\]: Invalid user y from 106.12.93.25Apr 22 07:09:16 rotator sshd\[6397\]: Failed password for invalid user y from 106.12.93.25 port 41452 ssh2Apr 22 07:12:05 rotator sshd\[7184\]: Invalid user teste from 106.12.93.25 ...	2020-04-22 16:21:51
113.176.81.198	attackbots	port	2020-04-22 16:28:42
221.8.149.126	attackspam	Apr 22 09:56:41 prod4 vsftpd\[2371\]: \[anonymous\] FAIL LOGIN: Client "221.8.149.126" Apr 22 09:56:44 prod4 vsftpd\[2379\]: \[www\] FAIL LOGIN: Client "221.8.149.126" Apr 22 09:56:49 prod4 vsftpd\[2396\]: \[www\] FAIL LOGIN: Client "221.8.149.126" Apr 22 09:56:52 prod4 vsftpd\[2418\]: \[www\] FAIL LOGIN: Client "221.8.149.126" Apr 22 09:56:58 prod4 vsftpd\[2476\]: \[www\] FAIL LOGIN: Client "221.8.149.126" ...	2020-04-22 16:44:40
180.76.145.78	attack	Invalid user sh from 180.76.145.78 port 60322	2020-04-22 16:27:38
129.226.129.90	attackbots	Unauthorized connection attempt detected from IP address 129.226.129.90 to port 1054	2020-04-22 16:53:01

Recently Reported IPs

80.143.70.54	110.240.88.220	58.117.206.255	204.234.58.149
120.29.85.197	73.242.165.148	78.252.203.158	150.146.151.218
201.252.127.205	104.244.72.12	182.73.199.58	195.211.1.108
41.34.7.202	49.128.165.71	46.64.188.202	90.156.80.85
174.35.7.48	138.149.7.155	69.27.174.234	160.203.12.198