City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 148.72.40.44 | attackspam | $f2bV_matches |
2020-02-18 18:19:07 |
| 148.72.40.44 | attack | [munged]::443 148.72.40.44 - - [10/Oct/2019:23:10:21 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 148.72.40.44 - - [10/Oct/2019:23:10:30 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 148.72.40.44 - - [10/Oct/2019:23:10:43 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 148.72.40.44 - - [10/Oct/2019:23:10:57 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 148.72.40.44 - - [10/Oct/2019:23:11:10 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 148.72.40.44 - - [10/Oct/2019:23:11:22 +0200] "POST /[munged]: HTTP/1.1" 200 9078 "-" "Mozilla/5.0 (X11; Ubuntu; Li |
2019-10-11 07:59:55 |
| 148.72.40.44 | attackspam | 148.72.40.44 - - [10/Oct/2019:15:28:20 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.40.44 - - [10/Oct/2019:15:28:23 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.40.44 - - [10/Oct/2019:15:28:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.40.44 - - [10/Oct/2019:15:28:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.40.44 - - [10/Oct/2019:15:28:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.72.40.44 - - [10/Oct/2019:15:28:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-10-10 22:27:18 |
| 148.72.40.44 | attack | WordPress wp-login brute force :: 148.72.40.44 0.052 BYPASS [09/Oct/2019:07:05:05 1100] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-10-09 05:11:27 |
| 148.72.40.96 | attack | WordPress login Brute force / Web App Attack on client site. |
2019-09-19 20:19:59 |
| 148.72.40.185 | attack | [06/Sep/2019:15:58:48 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-09-07 08:38:14 |
| 148.72.40.185 | attack | C1,WP GET /koenigskinder/wp-login.php |
2019-09-04 16:59:20 |
| 148.72.40.185 | attackbotsspam | www.goldgier.de 148.72.40.185 \[25/Aug/2019:19:28:46 +0200\] "POST /wp-login.php HTTP/1.1" 200 8726 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 148.72.40.185 \[25/Aug/2019:19:28:50 +0200\] "POST /wp-login.php HTTP/1.1" 200 8726 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-08-26 01:38:19 |
| 148.72.40.185 | attack | Automatic report - Banned IP Access |
2019-07-31 07:33:52 |
| 148.72.40.221 | attack | Apr 18 13:30:19 server sshd\[151017\]: Invalid user oracle from 148.72.40.221 Apr 18 13:30:19 server sshd\[151017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.40.221 Apr 18 13:30:21 server sshd\[151017\]: Failed password for invalid user oracle from 148.72.40.221 port 45938 ssh2 ... |
2019-07-12 03:22:35 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.72.40.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63463
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;148.72.40.124. IN A
;; AUTHORITY SECTION:
. 242 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:45:35 CST 2022
;; MSG SIZE rcvd: 106
124.40.72.148.in-addr.arpa domain name pointer ip-148-72-40-124.ip.secureserver.net.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
124.40.72.148.in-addr.arpa name = ip-148-72-40-124.ip.secureserver.net.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 131.108.216.73 | attack | failed_logins |
2019-07-13 09:48:07 |
| 124.115.16.251 | attack | Unauthorized connection attempt from IP address 124.115.16.251 on Port 445(SMB) |
2019-07-13 10:03:20 |
| 82.114.241.138 | attack | WordPress brute force |
2019-07-13 10:09:56 |
| 159.65.175.37 | attack | 2019-07-13T00:55:04.748307abusebot.cloudsearch.cf sshd\[20478\]: Invalid user franklin from 159.65.175.37 port 30886 |
2019-07-13 09:47:16 |
| 85.120.166.136 | attack | fail2ban honeypot |
2019-07-13 10:07:57 |
| 51.68.46.70 | attackbotsspam | plussize.fitness 51.68.46.70 \[13/Jul/2019:02:21:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5630 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" plussize.fitness 51.68.46.70 \[13/Jul/2019:02:21:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5623 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" plussize.fitness 51.68.46.70 \[13/Jul/2019:02:21:00 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4095 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-07-13 10:17:19 |
| 131.0.121.167 | attackbots | failed_logins |
2019-07-13 09:53:47 |
| 103.38.194.139 | attack | Invalid user av from 103.38.194.139 |
2019-07-13 09:54:34 |
| 14.184.209.144 | attack | Unauthorized connection attempt from IP address 14.184.209.144 on Port 445(SMB) |
2019-07-13 09:48:28 |
| 131.100.76.44 | attack | Unauthorized connection attempt from IP address 131.100.76.44 on Port 587(SMTP-MSA) |
2019-07-13 09:57:09 |
| 134.175.59.235 | attack | Jul 13 01:45:19 mail sshd\[19090\]: Invalid user toad from 134.175.59.235 port 43306 Jul 13 01:45:19 mail sshd\[19090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235 Jul 13 01:45:21 mail sshd\[19090\]: Failed password for invalid user toad from 134.175.59.235 port 43306 ssh2 Jul 13 01:50:15 mail sshd\[19209\]: Invalid user miller from 134.175.59.235 port 40175 Jul 13 01:50:15 mail sshd\[19209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235 ... |
2019-07-13 09:55:58 |
| 149.129.242.80 | attackbotsspam | Jul 12 01:25:40 *** sshd[27692]: Failed password for invalid user stone from 149.129.242.80 port 47022 ssh2 Jul 12 01:31:34 *** sshd[27744]: Failed password for invalid user om from 149.129.242.80 port 49166 ssh2 Jul 12 01:37:08 *** sshd[27807]: Failed password for invalid user rabbitmq from 149.129.242.80 port 51286 ssh2 Jul 12 01:42:48 *** sshd[27969]: Failed password for invalid user ext from 149.129.242.80 port 53146 ssh2 Jul 12 01:48:36 *** sshd[28061]: Failed password for invalid user guest3 from 149.129.242.80 port 55282 ssh2 Jul 12 01:54:13 *** sshd[28115]: Failed password for invalid user user from 149.129.242.80 port 57428 ssh2 Jul 12 01:59:52 *** sshd[28176]: Failed password for invalid user applmgr from 149.129.242.80 port 59262 ssh2 Jul 12 02:05:46 *** sshd[28355]: Failed password for invalid user web from 149.129.242.80 port 33186 ssh2 Jul 12 02:11:24 *** sshd[28466]: Failed password for invalid user mary from 149.129.242.80 port 35342 ssh2 Jul 12 02:17:02 *** sshd[28526]: Failed password for in |
2019-07-13 09:50:16 |
| 131.161.53.110 | attack | Unauthorized connection attempt from IP address 131.161.53.110 on Port 445(SMB) |
2019-07-13 10:04:49 |
| 95.110.207.17 | attack | miraniessen.de 95.110.207.17 \[13/Jul/2019:02:11:15 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 95.110.207.17 \[13/Jul/2019:02:11:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 95.110.207.17 \[13/Jul/2019:02:11:16 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4043 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-07-13 10:22:53 |
| 61.223.140.57 | attack | FTP/21 MH Probe, BF, Hack - |
2019-07-13 10:23:45 |