148.72.65.10 - IPInfo

Basic Info

City: Scottsdale

Region: Arizona

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: GoDaddy.com, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	May 23 18:46:24 tuxlinux sshd[15448]: Invalid user fox from 148.72.65.10 port 53484 May 23 18:46:24 tuxlinux sshd[15448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 May 23 18:46:24 tuxlinux sshd[15448]: Invalid user fox from 148.72.65.10 port 53484 May 23 18:46:24 tuxlinux sshd[15448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 May 23 18:46:24 tuxlinux sshd[15448]: Invalid user fox from 148.72.65.10 port 53484 May 23 18:46:24 tuxlinux sshd[15448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 May 23 18:46:26 tuxlinux sshd[15448]: Failed password for invalid user fox from 148.72.65.10 port 53484 ssh2 ...	2020-05-24 00:59:14
attack	Invalid user test from 148.72.65.10 port 39050	2020-05-13 12:45:40
attack	20 attempts against mh-ssh on install-test	2020-05-04 01:07:57
attackspambots	Apr 27 14:24:04 vpn01 sshd[5541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Apr 27 14:24:06 vpn01 sshd[5541]: Failed password for invalid user ftpadm from 148.72.65.10 port 55996 ssh2 ...	2020-04-27 21:30:11
attackspam	2020-04-25T09:02:06.9573241495-001 sshd[37690]: Invalid user garrysmod from 148.72.65.10 port 49704 2020-04-25T09:02:08.4776491495-001 sshd[37690]: Failed password for invalid user garrysmod from 148.72.65.10 port 49704 ssh2 2020-04-25T09:04:15.6932541495-001 sshd[37782]: Invalid user ubuntu from 148.72.65.10 port 57164 2020-04-25T09:04:15.6964641495-001 sshd[37782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net 2020-04-25T09:04:15.6932541495-001 sshd[37782]: Invalid user ubuntu from 148.72.65.10 port 57164 2020-04-25T09:04:18.2530971495-001 sshd[37782]: Failed password for invalid user ubuntu from 148.72.65.10 port 57164 ssh2 ...	2020-04-25 21:59:37
attack	Apr 25 00:49:05 mail sshd[11122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Apr 25 00:49:07 mail sshd[11122]: Failed password for invalid user adouglas from 148.72.65.10 port 39966 ssh2 Apr 25 00:53:21 mail sshd[11865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10	2020-04-25 07:05:51
attackspam	Apr 20 21:46:27 server sshd[20802]: Failed password for root from 148.72.65.10 port 55968 ssh2 Apr 20 21:53:26 server sshd[22363]: Failed password for invalid user vz from 148.72.65.10 port 44800 ssh2 Apr 20 21:58:52 server sshd[23832]: Failed password for invalid user ubuntu from 148.72.65.10 port 36856 ssh2	2020-04-21 05:06:01
attackbotsspam	Apr 4 22:44:55 vps sshd[1953]: Failed password for root from 148.72.65.10 port 58776 ssh2 Apr 4 22:48:10 vps sshd[2103]: Failed password for root from 148.72.65.10 port 41880 ssh2 ...	2020-04-05 05:11:22
attack	Mar 31 16:53:21 haigwepa sshd[10354]: Failed password for root from 148.72.65.10 port 38744 ssh2 ...	2020-03-31 22:58:24
attack	Mar 21 22:24:33 server1 sshd\[20832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Mar 21 22:24:34 server1 sshd\[20832\]: Failed password for invalid user azael from 148.72.65.10 port 39400 ssh2 Mar 21 22:29:09 server1 sshd\[22254\]: Invalid user storm from 148.72.65.10 Mar 21 22:29:09 server1 sshd\[22254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Mar 21 22:29:10 server1 sshd\[22254\]: Failed password for invalid user storm from 148.72.65.10 port 57720 ssh2 ...	2020-03-22 12:30:37
attackspambots	godaddy likes hackers too. 3rd time reporting this IP in 3 months.	2020-03-19 12:18:18
attackbots	Unauthorized connection attempt detected from IP address 148.72.65.10 to port 2220 [J]	2020-01-15 15:16:40
attackspambots	Jan 2 08:25:12 lnxweb61 sshd[3465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10	2020-01-02 21:10:40
attackbotsspam	SSH Brute Force	2019-12-29 06:12:42
attackspambots	Dec 25 02:49:46 ws12vmsma01 sshd[38314]: Failed password for invalid user dovecot from 148.72.65.10 port 46414 ssh2 Dec 25 02:58:00 ws12vmsma01 sshd[39528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net user=root Dec 25 02:58:02 ws12vmsma01 sshd[39528]: Failed password for root from 148.72.65.10 port 44698 ssh2 ...	2019-12-25 13:18:53
attack	Dec 24 08:02:47 XXXXXX sshd[21677]: Invalid user home from 148.72.65.10 port 56280	2019-12-24 22:07:29
attack	Dec 18 07:24:20 vpn01 sshd[7721]: Failed password for daemon from 148.72.65.10 port 34474 ssh2 Dec 18 07:29:54 vpn01 sshd[7998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 ...	2019-12-18 15:34:13
attackspambots	Dec 15 09:09:48 server sshd\[25310\]: Invalid user news from 148.72.65.10 Dec 15 09:09:48 server sshd\[25310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net Dec 15 09:09:49 server sshd\[25310\]: Failed password for invalid user news from 148.72.65.10 port 48642 ssh2 Dec 15 09:27:46 server sshd\[30965\]: Invalid user brychcy from 148.72.65.10 Dec 15 09:27:46 server sshd\[30965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net ...	2019-12-15 17:34:56
attackbotsspam	Dec 1 17:24:29 plusreed sshd[1305]: Invalid user treble from 148.72.65.10 ...	2019-12-02 06:34:48
attack	Nov 30 08:12:53 sd-53420 sshd\[13784\]: Invalid user r from 148.72.65.10 Nov 30 08:12:53 sd-53420 sshd\[13784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 30 08:12:55 sd-53420 sshd\[13784\]: Failed password for invalid user r from 148.72.65.10 port 34400 ssh2 Nov 30 08:16:02 sd-53420 sshd\[14361\]: User mysql from 148.72.65.10 not allowed because none of user's groups are listed in AllowGroups Nov 30 08:16:02 sd-53420 sshd\[14361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=mysql ...	2019-11-30 15:30:00
attackspam	Nov 24 14:36:51 ws19vmsma01 sshd[241075]: Failed password for lp from 148.72.65.10 port 34942 ssh2 Nov 24 14:56:37 ws19vmsma01 sshd[51471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 ...	2019-11-25 02:11:46
attackspam	Nov 24 10:14:33 sauna sshd[203866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 24 10:14:36 sauna sshd[203866]: Failed password for invalid user shim from 148.72.65.10 port 50510 ssh2 ...	2019-11-24 16:15:17
attackbotsspam	Nov 22 08:25:47 TORMINT sshd\[5036\]: Invalid user poiuytrewq from 148.72.65.10 Nov 22 08:25:47 TORMINT sshd\[5036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 22 08:25:48 TORMINT sshd\[5036\]: Failed password for invalid user poiuytrewq from 148.72.65.10 port 45588 ssh2 ...	2019-11-22 21:29:01
attackspam	Nov 21 00:13:02 lnxmail61 sshd[26139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 21 00:13:02 lnxmail61 sshd[26139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10	2019-11-21 07:16:10
attackbotsspam	$f2bV_matches	2019-11-13 04:21:13
attackbots	Nov 10 20:23:54 hanapaa sshd\[6854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net user=root Nov 10 20:23:56 hanapaa sshd\[6854\]: Failed password for root from 148.72.65.10 port 44452 ssh2 Nov 10 20:27:42 hanapaa sshd\[7136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net user=root Nov 10 20:27:44 hanapaa sshd\[7136\]: Failed password for root from 148.72.65.10 port 53908 ssh2 Nov 10 20:31:38 hanapaa sshd\[7444\]: Invalid user gensel from 148.72.65.10	2019-11-11 14:45:25
attackbots	$f2bV_matches	2019-11-02 13:12:53
attackspam	Oct 29 08:19:51 hosting sshd[19810]: Invalid user ATI from 148.72.65.10 port 43748 ...	2019-10-29 14:57:22
attackspambots	Oct 26 21:36:31 localhost sshd\[98943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=root Oct 26 21:36:33 localhost sshd\[98943\]: Failed password for root from 148.72.65.10 port 43402 ssh2 Oct 26 21:40:14 localhost sshd\[99108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=root Oct 26 21:40:17 localhost sshd\[99108\]: Failed password for root from 148.72.65.10 port 53972 ssh2 Oct 26 21:44:03 localhost sshd\[99205\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=root ...	2019-10-27 05:45:07
attackbots	Invalid user ftpu from 148.72.65.10 port 58658	2019-10-26 16:50:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.72.65.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22360
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.72.65.10.			IN	A

;; AUTHORITY SECTION:
.			3084	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041001 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 11 07:44:40 +08 2019
;; MSG SIZE  rcvd: 116

Host info

10.65.72.148.in-addr.arpa domain name pointer ip-148-72-65-10.ip.secureserver.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
10.65.72.148.in-addr.arpa	name = ip-148-72-65-10.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.253.19.170	attack	(smtpauth) Failed SMTP AUTH login from 113.253.19.170 (HK/Hong Kong/170-19-253-113-on-nets.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-07-21 03:41:07 plain authenticator failed for (127.0.0.1) [113.253.19.170]: 535 Incorrect authentication data (set_id=marker@hackerz.in.th) 2020-07-21 03:41:08 login authenticator failed for (127.0.0.1) [113.253.19.170]: 535 Incorrect authentication data (set_id=marker@hackerz.in.th)	2020-07-21 08:07:01
62.112.11.81	attack	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-20T20:13:11Z and 2020-07-20T20:41:16Z	2020-07-21 08:06:17
192.186.3.200	attackspambots	07/20/2020-16:41:05.010072 192.186.3.200 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-21 08:16:27
151.80.237.96	attack	20 attempts against mh-misbehave-ban on tree	2020-07-21 07:56:50
138.197.171.149	attackbotsspam	Invalid user postgres from 138.197.171.149 port 47798	2020-07-21 07:50:11
140.143.137.170	attackbots	Jul 20 22:41:33 ncomp sshd[10570]: Invalid user training from 140.143.137.170 Jul 20 22:41:33 ncomp sshd[10570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.137.170 Jul 20 22:41:33 ncomp sshd[10570]: Invalid user training from 140.143.137.170 Jul 20 22:41:35 ncomp sshd[10570]: Failed password for invalid user training from 140.143.137.170 port 56020 ssh2	2020-07-21 07:47:14
185.143.72.16	attack	Jul 21 02:03:51 relay postfix/smtpd\[27464\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 02:03:58 relay postfix/smtpd\[1468\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 02:05:29 relay postfix/smtpd\[2907\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 02:05:39 relay postfix/smtpd\[1469\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 21 02:07:06 relay postfix/smtpd\[2797\]: warning: unknown\[185.143.72.16\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-21 08:16:53
59.34.233.229	attackspambots	...	2020-07-21 07:56:00
138.0.104.10	attackspambots	Invalid user pm from 138.0.104.10 port 36240	2020-07-21 07:47:27
111.230.157.219	attackbotsspam	Jul 21 01:32:02 vpn01 sshd[16631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.157.219 Jul 21 01:32:04 vpn01 sshd[16631]: Failed password for invalid user administrador from 111.230.157.219 port 56932 ssh2 ...	2020-07-21 08:13:07
112.85.42.195	attackspam	Jul 21 00:06:23 onepixel sshd[1978172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Jul 21 00:06:25 onepixel sshd[1978172]: Failed password for root from 112.85.42.195 port 38326 ssh2 Jul 21 00:06:23 onepixel sshd[1978172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Jul 21 00:06:25 onepixel sshd[1978172]: Failed password for root from 112.85.42.195 port 38326 ssh2 Jul 21 00:06:27 onepixel sshd[1978172]: Failed password for root from 112.85.42.195 port 38326 ssh2	2020-07-21 08:11:10
103.238.71.107	attack	20/7/20@16:41:14: FAIL: Alarm-Intrusion address from=103.238.71.107 ...	2020-07-21 08:08:38
156.96.117.183	attackspambots	[2020-07-20 19:05:01] NOTICE[1277][C-000017ae] chan_sip.c: Call from '' (156.96.117.183:56179) to extension '0046423112952' rejected because extension not found in context 'public'. [2020-07-20 19:05:01] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-20T19:05:01.525-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0046423112952",SessionID="0x7f175416a8f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.117.183/56179",ACLName="no_extension_match" [2020-07-20 19:05:16] NOTICE[1277][C-000017b0] chan_sip.c: Call from '' (156.96.117.183:53834) to extension '01146423112952' rejected because extension not found in context 'public'. [2020-07-20 19:05:16] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-20T19:05:16.802-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146423112952",SessionID="0x7f175441b988",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156 ...	2020-07-21 07:52:49
119.29.234.23	attackbotsspam	Jul 20 22:32:01 sip sshd[29550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.234.23 Jul 20 22:32:03 sip sshd[29550]: Failed password for invalid user cafe from 119.29.234.23 port 46672 ssh2 Jul 20 22:41:05 sip sshd[516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.234.23	2020-07-21 08:14:48
51.75.144.58	attack	$f2bV_matches	2020-07-21 08:20:46

Recently Reported IPs

183.82.114.1	187.131.177.175	140.143.30.191	116.90.80.50
67.205.180.109	183.78.207.78	45.227.254.58	109.99.144.163
90.151.91.67	42.119.205.86	139.199.82.171	131.72.200.228
201.141.193.168	185.189.113.42	185.144.78.170	77.157.9.101
134.249.48.131	14.48.145.28	162.243.150.58	118.70.13.208