74.213.112.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Puerto Rico

Internet Service Provider: Puerto Rico Cable Acquisition Company Inc.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	DATE:2019-09-28 22:51:24, IP:74.213.112.52, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-09-29 06:42:15

Comments on same subnet:

IP	Type	Details	Datetime
74.213.112.113	attackbots	Apr 16 23:39:27 debian-2gb-nbg1-2 kernel: \[9332146.755022\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=74.213.112.113 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=47 ID=41720 PROTO=TCP SPT=49780 DPT=23 WINDOW=58964 RES=0x00 SYN URGP=0	2020-04-17 06:04:48

Type

Details

Datetime

74.213.112.113

attackbots

Apr 16 23:39:27 debian-2gb-nbg1-2 kernel: \[9332146.755022\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=74.213.112.113 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=47 ID=41720 PROTO=TCP SPT=49780 DPT=23 WINDOW=58964 RES=0x00 SYN URGP=0

2020-04-17 06:04:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 74.213.112.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32468
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;74.213.112.52.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092801 1800 900 604800 86400

;; Query time: 344 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 29 06:42:09 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 52.112.213.74.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 52.112.213.74.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.233.200.37	attackbots	SSH Brute-Force. Ports scanning.	2020-06-20 01:02:37
223.171.32.55	attackspambots	Jun 19 15:20:35 XXX sshd[59877]: Invalid user postgres from 223.171.32.55 port 18172	2020-06-20 01:32:34
165.227.66.224	attack	Jun 19 17:23:51 ns382633 sshd\[16830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.66.224 user=root Jun 19 17:23:53 ns382633 sshd\[16830\]: Failed password for root from 165.227.66.224 port 58652 ssh2 Jun 19 17:31:30 ns382633 sshd\[18417\]: Invalid user kran from 165.227.66.224 port 37422 Jun 19 17:31:30 ns382633 sshd\[18417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.66.224 Jun 19 17:31:31 ns382633 sshd\[18417\]: Failed password for invalid user kran from 165.227.66.224 port 37422 ssh2	2020-06-20 01:23:07
148.235.57.183	attackspambots	Unauthorized SSH login attempts	2020-06-20 01:05:36
77.242.150.116	attackbotsspam	Attn: Your Monthly UPS Survey Statement Has Arrived #77784318 If you cannot see the images below,CLICK HERE	2020-06-20 01:01:08
54.39.151.210	attackspam	3389BruteforceStormFW21	2020-06-20 00:59:12
108.27.243.120	attack	Unauthorized connection attempt detected from IP address 108.27.243.120 to port 23	2020-06-20 01:29:26
106.13.172.226	attack	Jun 19 18:34:13 roki sshd[4760]: Invalid user msi from 106.13.172.226 Jun 19 18:34:13 roki sshd[4760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.172.226 Jun 19 18:34:15 roki sshd[4760]: Failed password for invalid user msi from 106.13.172.226 port 60420 ssh2 Jun 19 18:55:51 roki sshd[6375]: Invalid user kerapetse from 106.13.172.226 Jun 19 18:55:51 roki sshd[6375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.172.226 ...	2020-06-20 00:55:57
212.129.18.55	attack	06/19/2020-08:14:36.537645 212.129.18.55 Protocol: 17 ET SCAN Sipvicious Scan	2020-06-20 00:58:29
218.92.0.248	attackspam	Jun 19 20:01:09 ift sshd\[53129\]: Failed password for root from 218.92.0.248 port 21759 ssh2Jun 19 20:01:12 ift sshd\[53129\]: Failed password for root from 218.92.0.248 port 21759 ssh2Jun 19 20:01:36 ift sshd\[53174\]: Failed password for root from 218.92.0.248 port 40225 ssh2Jun 19 20:01:50 ift sshd\[53174\]: Failed password for root from 218.92.0.248 port 40225 ssh2Jun 19 20:02:05 ift sshd\[53180\]: Failed password for root from 218.92.0.248 port 50598 ssh2 ...	2020-06-20 01:02:53
5.190.187.209	attack	failed_logins	2020-06-20 00:57:49
182.151.15.175	attackbots	Jun 19 16:39:04 vmi345603 sshd[5112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.15.175 Jun 19 16:39:05 vmi345603 sshd[5112]: Failed password for invalid user lucas from 182.151.15.175 port 42681 ssh2 ...	2020-06-20 01:20:02
183.82.121.34	attackbots	Jun 19 16:32:15 XXXXXX sshd[25441]: Invalid user administracion from 183.82.121.34 port 38372	2020-06-20 01:13:00
185.189.121.194	attack	Port probing on unauthorized port 445	2020-06-20 01:22:12
162.243.144.127	attackspam	Port scan: Attack repeated for 24 hours	2020-06-20 00:53:25

Recently Reported IPs

94.69.12.79	41.165.24.203	222.143.0.19	78.167.159.201
16.146.123.111	109.148.162.128	74.126.186.41	175.236.27.188
114.228.66.105	45.135.36.233	136.56.181.101	193.249.91.243
51.12.119.50	57.26.190.143	2.255.208.109	95.6.230.69
24.178.20.73	51.47.201.247	122.236.245.205	35.196.74.245