104.148.41.124

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.148.41.23	attackbotsspam	Automatic report - CMS Brute-Force Attack	2020-04-27 21:14:37
104.148.41.11	attack	Automatic report - CMS Brute-Force Attack	2020-04-27 21:13:56
104.148.41.102	attackbots	jannisjulius.de 104.148.41.102 [25/Apr/2020:08:39:54 +0200] "POST /wp-login.php HTTP/1.1" 200 11917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0" jannisjulius.de 104.148.41.102 [25/Apr/2020:08:39:55 +0200] "POST /wp-login.php HTTP/1.1" 200 12304 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0"	2020-04-25 19:56:34
104.148.41.63	attackbotsspam	Return-Path: Delivered-To: hide@mx1.tees.ne.jp Received: (qmail 31403 invoked by uid 0); 15 Apr 2020 12:57:53 +0900 Received: from unknown (HELO rcvgw11.tees.ne.jp) (202.216.138.25) by mdl.tees.ne.jp with SMTP; 15 Apr 2020 12:57:53 +0900 Received: from smtp.work (unknown [104.148.41.63]) by rcvgw11.tees.ne.jp (Postfix) with ESMTP id 7DBD520C36 for ; Wed, 15 Apr 2020 12:57:53 +0900 (JST) Subject: [Norton AntiSpam]コロナウイルス撲滅セール From: info@q04.402smtp.work To: hide@mx1.tees.ne.jp Message-ID: 20200415125643 Content-Type: text/plain; charset="SHIFT_JIS" Content-Transfer-Encoding: 7bit MIME-Version: 1.0 X-Brightmail-Tracker: AAAABjVkWnA1ZDecGo+sLDRHjzs0R6FLNEkVcA==	2020-04-16 03:18:46
104.148.41.11	attackbots	[Wed Jan 08 21:12:46.700267 2020] [access_compat:error] [pid 12566] [client 104.148.41.11:44720] AH01797: client denied by server configuration: /var/www/html/josh/wp-login.php ...	2020-03-04 01:01:00
104.148.41.168	attack	[Thu Jan 09 01:57:44.771502 2020] [access_compat:error] [pid 24095] [client 104.148.41.168:40576] AH01797: client denied by server configuration: /var/www/html/luke/wp-login.php ...	2020-03-04 00:50:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.148.41.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60637
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.148.41.124.			IN	A

;; AUTHORITY SECTION:
.			244	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 26 00:44:33 CST 2022
;; MSG SIZE  rcvd: 107

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 104.148.41.124.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.183.215	attackspambots	Invalid user gerrit2 from 106.13.183.215 port 43830	2020-07-25 02:27:49
194.26.29.83	attackspam	Jul 24 20:15:14 debian-2gb-nbg1-2 kernel: \[17873033.265599\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.83 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=21240 PROTO=TCP SPT=42122 DPT=3481 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-25 02:28:31
59.92.62.174	attackspambots	1595598327 - 07/24/2020 15:45:27 Host: 59.92.62.174/59.92.62.174 Port: 445 TCP Blocked	2020-07-25 02:35:27
91.237.73.91	attackbotsspam	Jul 24 10:29:31 mail.srvfarm.net postfix/smtps/smtpd[2179031]: warning: unknown[91.237.73.91]: SASL PLAIN authentication failed: Jul 24 10:29:31 mail.srvfarm.net postfix/smtps/smtpd[2179031]: lost connection after AUTH from unknown[91.237.73.91] Jul 24 10:29:45 mail.srvfarm.net postfix/smtps/smtpd[2184197]: warning: unknown[91.237.73.91]: SASL PLAIN authentication failed: Jul 24 10:29:45 mail.srvfarm.net postfix/smtps/smtpd[2184197]: lost connection after AUTH from unknown[91.237.73.91] Jul 24 10:29:50 mail.srvfarm.net postfix/smtps/smtpd[2184256]: warning: unknown[91.237.73.91]: SASL PLAIN authentication failed:	2020-07-25 03:00:07
58.215.186.183	attackspam	SSH Brute-Force. Ports scanning.	2020-07-25 03:04:57
128.1.138.219	attack	Jul 24 11:37:13 mail.srvfarm.net postfix/smtpd[2207704]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:37:36 mail.srvfarm.net postfix/smtpd[2210862]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:37:53 mail.srvfarm.net postfix/smtpd[2205461]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:38:06 mail.srvfarm.net postfix/smtpd[2210830]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219] Jul 24 11:38:24 mail.srvfarm.net postfix/smtpd[2210828]: lost connection after RCPT from hwhk138-219.mailset.cn[128.1.138.219]	2020-07-25 02:51:08
95.222.236.144	attackspam	Jul 24 14:09:07 mail.srvfarm.net dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=95.222.236.144, lip=185.118.197.126, TLS: Connection closed, session=<5jPj1i6rGo1f3uyQ> Jul 24 14:09:33 mail.srvfarm.net dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=95.222.236.144, lip=185.118.197.126, TLS: Connection closed, session= Jul 24 14:10:13 mail.srvfarm.net dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=95.222.236.144, lip=185.118.197.126, TLS: Connection closed, session=<3JzO2i6ryqhf3uyQ> Jul 24 14:12:01 mail.srvfarm.net dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=95.222.236.144, lip=185.118.197.126, TLS: Connection closed, session= Jul 24 14:12:22 mail.srvfarm.net dovecot: pop3-logi	2020-07-25 02:59:48
14.169.141.209	attack	xmlrpc attack	2020-07-25 02:55:55
181.174.144.243	attackbotsspam	Jul 24 10:36:20 mail.srvfarm.net postfix/smtps/smtpd[2184246]: warning: unknown[181.174.144.243]: SASL PLAIN authentication failed: Jul 24 10:36:21 mail.srvfarm.net postfix/smtps/smtpd[2184246]: lost connection after AUTH from unknown[181.174.144.243] Jul 24 10:41:24 mail.srvfarm.net postfix/smtps/smtpd[2187423]: warning: unknown[181.174.144.243]: SASL PLAIN authentication failed: Jul 24 10:41:25 mail.srvfarm.net postfix/smtps/smtpd[2187423]: lost connection after AUTH from unknown[181.174.144.243] Jul 24 10:42:02 mail.srvfarm.net postfix/smtpd[2183272]: warning: unknown[181.174.144.243]: SASL PLAIN authentication failed:	2020-07-25 02:57:07
41.222.211.52	attackspambots	Unauthorized connection attempt from IP address 41.222.211.52 on Port 445(SMB)	2020-07-25 03:01:18
81.31.234.172	attackbotsspam	Jul 24 10:53:34 mail.srvfarm.net postfix/smtps/smtpd[2188802]: warning: unknown[81.31.234.172]: SASL PLAIN authentication failed: Jul 24 10:53:34 mail.srvfarm.net postfix/smtps/smtpd[2188802]: lost connection after AUTH from unknown[81.31.234.172] Jul 24 10:54:48 mail.srvfarm.net postfix/smtps/smtpd[2188765]: warning: unknown[81.31.234.172]: SASL PLAIN authentication failed: Jul 24 10:54:49 mail.srvfarm.net postfix/smtps/smtpd[2188765]: lost connection after AUTH from unknown[81.31.234.172] Jul 24 10:57:26 mail.srvfarm.net postfix/smtpd[2185003]: warning: unknown[81.31.234.172]: SASL PLAIN authentication failed:	2020-07-25 02:52:39
68.183.178.162	attackspam	2020-07-25T00:50:28.625408billing sshd[3993]: Invalid user fw from 68.183.178.162 port 50034 2020-07-25T00:50:30.771457billing sshd[3993]: Failed password for invalid user fw from 68.183.178.162 port 50034 ssh2 2020-07-25T00:54:46.984077billing sshd[12786]: Invalid user test from 68.183.178.162 port 35038 ...	2020-07-25 03:06:50
220.135.165.14	attackbots	Attempted connection to port 23.	2020-07-25 02:34:09
128.106.164.254	attackbotsspam	1595600642 - 07/24/2020 16:24:02 Host: 128.106.164.254/128.106.164.254 Port: 445 TCP Blocked	2020-07-25 02:32:34
191.53.236.123	attackspambots	Jul 24 10:57:05 mail.srvfarm.net postfix/smtps/smtpd[2184213]: warning: unknown[191.53.236.123]: SASL PLAIN authentication failed: Jul 24 10:57:06 mail.srvfarm.net postfix/smtps/smtpd[2184213]: lost connection after AUTH from unknown[191.53.236.123] Jul 24 10:57:33 mail.srvfarm.net postfix/smtpd[2189961]: warning: unknown[191.53.236.123]: SASL PLAIN authentication failed: Jul 24 10:57:34 mail.srvfarm.net postfix/smtpd[2189961]: lost connection after AUTH from unknown[191.53.236.123] Jul 24 11:04:12 mail.srvfarm.net postfix/smtpd[2185298]: warning: unknown[191.53.236.123]: SASL PLAIN authentication failed:	2020-07-25 02:42:18

Recently Reported IPs

104.148.41.123	104.148.46.107	104.148.41.109	104.148.41.126
103.206.118.96	104.148.46.116	104.148.46.12	240.41.242.104
104.148.46.126	104.148.46.131	104.148.46.130	104.148.46.123
104.148.46.136	104.148.46.124	104.148.46.139	104.148.46.114
104.148.46.133	104.148.46.141	103.206.118.98	104.148.46.143