148.72.208.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.72.208.210	attackspambots	2020-10-09T14:19:26.844881abusebot.cloudsearch.cf sshd[15919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-208-210.ip.secureserver.net user=root 2020-10-09T14:19:28.622964abusebot.cloudsearch.cf sshd[15919]: Failed password for root from 148.72.208.210 port 54488 ssh2 2020-10-09T14:24:20.238409abusebot.cloudsearch.cf sshd[16048]: Invalid user zimeip from 148.72.208.210 port 58480 2020-10-09T14:24:20.244255abusebot.cloudsearch.cf sshd[16048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-208-210.ip.secureserver.net 2020-10-09T14:24:20.238409abusebot.cloudsearch.cf sshd[16048]: Invalid user zimeip from 148.72.208.210 port 58480 2020-10-09T14:24:22.384393abusebot.cloudsearch.cf sshd[16048]: Failed password for invalid user zimeip from 148.72.208.210 port 58480 ssh2 2020-10-09T14:28:54.393225abusebot.cloudsearch.cf sshd[16243]: pam_unix(sshd:auth): authentication failure; logname= uid ...	2020-10-10 04:22:08
148.72.208.210	attackspambots	DATE:2020-10-09 11:49:32, IP:148.72.208.210, PORT:ssh SSH brute force auth (docker-dc)	2020-10-09 20:19:47
148.72.208.210	attackspambots	bruteforce detected	2020-10-09 12:06:49
148.72.208.210	attackbots	SSH login attempts.	2020-09-08 20:05:15
148.72.208.210	attackbotsspam	Sep 8 06:02:21 vpn01 sshd[16461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 Sep 8 06:02:23 vpn01 sshd[16461]: Failed password for invalid user biz from 148.72.208.210 port 49432 ssh2 ...	2020-09-08 12:02:46
148.72.208.210	attack	Sep 7 19:10:19 vlre-nyc-1 sshd\[17376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 user=root Sep 7 19:10:21 vlre-nyc-1 sshd\[17376\]: Failed password for root from 148.72.208.210 port 47018 ssh2 Sep 7 19:14:35 vlre-nyc-1 sshd\[17449\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 user=root Sep 7 19:14:37 vlre-nyc-1 sshd\[17449\]: Failed password for root from 148.72.208.210 port 53088 ssh2 Sep 7 19:18:40 vlre-nyc-1 sshd\[17527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 user=root ...	2020-09-08 04:38:57
148.72.208.210	attackspam	2020-08-27T19:46:40.204150server.mjenks.net sshd[711383]: Invalid user jacob from 148.72.208.210 port 40126 2020-08-27T19:46:40.206548server.mjenks.net sshd[711383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 2020-08-27T19:46:40.204150server.mjenks.net sshd[711383]: Invalid user jacob from 148.72.208.210 port 40126 2020-08-27T19:46:42.557953server.mjenks.net sshd[711383]: Failed password for invalid user jacob from 148.72.208.210 port 40126 ssh2 2020-08-27T19:51:03.129940server.mjenks.net sshd[711938]: Invalid user admin from 148.72.208.210 port 46502 ...	2020-08-28 08:54:37
148.72.208.210	attackbots	Aug 9 12:05:42 localhost sshd[78556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-208-210.ip.secureserver.net user=root Aug 9 12:05:44 localhost sshd[78556]: Failed password for root from 148.72.208.210 port 57138 ssh2 Aug 9 12:10:22 localhost sshd[78993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-208-210.ip.secureserver.net user=root Aug 9 12:10:24 localhost sshd[78993]: Failed password for root from 148.72.208.210 port 39936 ssh2 Aug 9 12:15:29 localhost sshd[79535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-208-210.ip.secureserver.net user=root Aug 9 12:15:31 localhost sshd[79535]: Failed password for root from 148.72.208.210 port 50966 ssh2 ...	2020-08-09 20:27:30
148.72.208.210	attackbots	Jul 28 06:59:30 scw-focused-cartwright sshd[975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.208.210 Jul 28 06:59:32 scw-focused-cartwright sshd[975]: Failed password for invalid user hadoop from 148.72.208.210 port 37218 ssh2	2020-07-28 15:38:59
148.72.208.35	attack	148.72.208.35 - - \[09/Feb/2020:09:42:57 +0100\] "POST /wp-login.php HTTP/1.0" 200 7563 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 148.72.208.35 - - \[09/Feb/2020:09:42:59 +0100\] "POST /wp-login.php HTTP/1.0" 200 7385 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 148.72.208.35 - - \[09/Feb/2020:09:43:01 +0100\] "POST /wp-login.php HTTP/1.0" 200 7383 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-02-09 17:44:29
148.72.208.74	attackbots	...	2020-02-01 22:45:04
148.72.208.35	attackspam	Automatic report - Banned IP Access	2020-01-18 21:39:21
148.72.208.35	attackspambots	fail2ban honeypot	2020-01-10 06:18:31
148.72.208.35	attackbots	xmlrpc attack	2019-12-27 20:47:29
148.72.208.35	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-12-22 06:04:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.72.208.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54603
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.72.208.55.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:45:03 CST 2022
;; MSG SIZE  rcvd: 106

Host info

55.208.72.148.in-addr.arpa domain name pointer ip-148-72-208-55.ip.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.208.72.148.in-addr.arpa	name = ip-148-72-208-55.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.40.240	attack	Invalid user arie from 139.59.40.240 port 46856	2020-08-23 03:11:32
103.199.18.109	attackspam	spam (f2b h2)	2020-08-23 03:20:17
49.235.86.177	attackspambots	Aug 22 19:43:38 sxvn sshd[479937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.86.177	2020-08-23 03:13:56
49.235.90.244	attack	Invalid user webapp from 49.235.90.244 port 58580	2020-08-23 03:06:03
91.126.98.41	attack	Aug 23 02:15:51 webhost01 sshd[18316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.126.98.41 Aug 23 02:15:53 webhost01 sshd[18316]: Failed password for invalid user mikael from 91.126.98.41 port 40504 ssh2 ...	2020-08-23 03:34:17
218.89.222.16	attack	2020-08-22T14:26:49.954180morrigan.ad5gb.com sshd[2857546]: Invalid user bdos from 218.89.222.16 port 48983 2020-08-22T14:26:51.973046morrigan.ad5gb.com sshd[2857546]: Failed password for invalid user bdos from 218.89.222.16 port 48983 ssh2	2020-08-23 03:32:09
218.241.134.34	attackspambots	Invalid user viktor from 218.241.134.34 port 20170	2020-08-23 03:40:41
82.208.188.179	attackspam	Aug 22 21:11:09 abendstille sshd\[3666\]: Invalid user dev from 82.208.188.179 Aug 22 21:11:09 abendstille sshd\[3666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.208.188.179 Aug 22 21:11:10 abendstille sshd\[3668\]: Invalid user dev from 82.208.188.179 Aug 22 21:11:10 abendstille sshd\[3668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.208.188.179 Aug 22 21:11:11 abendstille sshd\[3666\]: Failed password for invalid user dev from 82.208.188.179 port 50870 ssh2 ...	2020-08-23 03:41:30
115.159.153.180	attackspam	Aug 22 20:24:40 dev0-dcde-rnet sshd[28135]: Failed password for root from 115.159.153.180 port 51452 ssh2 Aug 22 20:26:03 dev0-dcde-rnet sshd[28149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.153.180 Aug 22 20:26:06 dev0-dcde-rnet sshd[28149]: Failed password for invalid user marconi from 115.159.153.180 port 58642 ssh2	2020-08-23 03:27:42
203.195.204.106	attackbotsspam	Aug 22 13:09:14 gospond sshd[8617]: Invalid user alba from 203.195.204.106 port 50702 ...	2020-08-23 03:10:07
118.25.195.78	attackbots	Aug 22 16:28:00 scw-6657dc sshd[14295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.195.78 Aug 22 16:28:00 scw-6657dc sshd[14295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.195.78 Aug 22 16:28:02 scw-6657dc sshd[14295]: Failed password for invalid user deploy from 118.25.195.78 port 37194 ssh2 ...	2020-08-23 03:16:26
187.214.3.5	attackspam	Aug 22 21:19:23 meumeu sshd[94319]: Invalid user wubin from 187.214.3.5 port 38664 Aug 22 21:19:23 meumeu sshd[94319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.214.3.5 Aug 22 21:19:23 meumeu sshd[94319]: Invalid user wubin from 187.214.3.5 port 38664 Aug 22 21:19:24 meumeu sshd[94319]: Failed password for invalid user wubin from 187.214.3.5 port 38664 ssh2 Aug 22 21:22:37 meumeu sshd[94392]: Invalid user testuser from 187.214.3.5 port 57258 Aug 22 21:22:37 meumeu sshd[94392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.214.3.5 Aug 22 21:22:37 meumeu sshd[94392]: Invalid user testuser from 187.214.3.5 port 57258 Aug 22 21:22:40 meumeu sshd[94392]: Failed password for invalid user testuser from 187.214.3.5 port 57258 ssh2 Aug 22 21:25:52 meumeu sshd[94489]: Invalid user prueba from 187.214.3.5 port 47628 ...	2020-08-23 03:33:13
103.104.182.198	attackbotsspam	Icarus honeypot on github	2020-08-23 03:41:01
219.248.16.67	attack	until 2020-08-22T11:23:29+01:00, observations: 2, bad account names: 0	2020-08-23 03:25:44
187.141.128.42	attack	2020-08-22T13:10:55.410485linuxbox-skyline sshd[57556]: Invalid user maven from 187.141.128.42 port 51402 ...	2020-08-23 03:15:23

Recently Reported IPs

148.72.207.4	148.72.209.81	148.72.209.33	148.72.209.229
148.72.210.178	148.72.210.184	148.72.211.116	148.72.211.155
148.72.211.143	148.72.210.169	148.72.211.168	148.72.211.17
148.72.211.211	148.72.211.67	148.72.211.230	148.72.213.86
148.72.213.96	148.72.214.11	148.72.214.176	148.72.211.244