This IP address has been reported a total of
237
times from
173 distinct
sources.
74.208.131.20 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
Repeated SSH brute force and user enumeration attempts against a secured web server. Multiple failed ...
show moreRepeated SSH brute force and user enumeration attempts against a secured web server. Multiple failed authentication attempts from this IP across an extended period.
show less
74.208.131.20 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 se ...
show more74.208.131.20 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 1 14:23:27 15887 sshd[26600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.17.137 user=root
Jun 1 14:17:54 15887 sshd[23300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.221.17.137 user=root
Jun 1 14:17:56 15887 sshd[23300]: Failed password for root from 154.221.17.137 port 54918 ssh2
Jun 1 14:23:03 15887 sshd[26475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.208.131.20 user=root
Jun 1 14:23:06 15887 sshd[26475]: Failed password for root from 74.208.131.20 port 56270 ssh2
IP Addresses Blocked:
154.221.17.137 (HK/Hong Kong/-)
show less
Jun 1 20:44:16 [host] sshd[9395]: Invalid user max from 74.208.131.20 port 46996
Jun 1 20:44:16 [h ...
show moreJun 1 20:44:16 [host] sshd[9395]: Invalid user max from 74.208.131.20 port 46996
Jun 1 20:44:16 [host] sshd[9395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=
Jun 1 20:44:19 [host] sshd[9395]: Failed password for invalid user max from 74.208.131.20 port 4699
Jun 1 20:44:19 [host] sshd[9395]: Disconnected from invalid user max 74.208.131.20 port 46996 [prea
Jun 1 20:45:45 [host] sshd[9559]: Invalid user jumpserver from 74.208.131.20 port 45402
show less
2026-06-01T19:08:08.471210+01:00 uptime.mrtalon.eu sshd[2277962]: Invalid user stp from 74.208.131.2 ...
show more2026-06-01T19:08:08.471210+01:00 uptime.mrtalon.eu sshd[2277962]: Invalid user stp from 74.208.131.20 port 45856
2026-06-01T19:09:34.756336+01:00 uptime.mrtalon.eu sshd[2293696]: Invalid user devuser from 74.208.131.20 port 57708
2026-06-01T19:12:07.576569+01:00 uptime.mrtalon.eu sshd[2322435]: Invalid user django from 74.208.131.20 port 37630
2026-06-01T19:16:02.644478+01:00 uptime.mrtalon.eu sshd[2365617]: Invalid user cam from 74.208.131.20 port 59442
2026-06-01T19:17:17.933348+01:00 uptime.mrtalon.eu sshd[2380415]: Invalid user term1 from 74.208.131.20 port 58196
...
show less
Brute-Force
SSH
Showing 1 to
15
of 237 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ