148.72.65.10 - IPInfo

Basic Info

City: Scottsdale

Region: Arizona

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: GoDaddy.com, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	May 23 18:46:24 tuxlinux sshd[15448]: Invalid user fox from 148.72.65.10 port 53484 May 23 18:46:24 tuxlinux sshd[15448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 May 23 18:46:24 tuxlinux sshd[15448]: Invalid user fox from 148.72.65.10 port 53484 May 23 18:46:24 tuxlinux sshd[15448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 May 23 18:46:24 tuxlinux sshd[15448]: Invalid user fox from 148.72.65.10 port 53484 May 23 18:46:24 tuxlinux sshd[15448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 May 23 18:46:26 tuxlinux sshd[15448]: Failed password for invalid user fox from 148.72.65.10 port 53484 ssh2 ...	2020-05-24 00:59:14
attack	Invalid user test from 148.72.65.10 port 39050	2020-05-13 12:45:40
attack	20 attempts against mh-ssh on install-test	2020-05-04 01:07:57
attackspambots	Apr 27 14:24:04 vpn01 sshd[5541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Apr 27 14:24:06 vpn01 sshd[5541]: Failed password for invalid user ftpadm from 148.72.65.10 port 55996 ssh2 ...	2020-04-27 21:30:11
attackspam	2020-04-25T09:02:06.9573241495-001 sshd[37690]: Invalid user garrysmod from 148.72.65.10 port 49704 2020-04-25T09:02:08.4776491495-001 sshd[37690]: Failed password for invalid user garrysmod from 148.72.65.10 port 49704 ssh2 2020-04-25T09:04:15.6932541495-001 sshd[37782]: Invalid user ubuntu from 148.72.65.10 port 57164 2020-04-25T09:04:15.6964641495-001 sshd[37782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net 2020-04-25T09:04:15.6932541495-001 sshd[37782]: Invalid user ubuntu from 148.72.65.10 port 57164 2020-04-25T09:04:18.2530971495-001 sshd[37782]: Failed password for invalid user ubuntu from 148.72.65.10 port 57164 ssh2 ...	2020-04-25 21:59:37
attack	Apr 25 00:49:05 mail sshd[11122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Apr 25 00:49:07 mail sshd[11122]: Failed password for invalid user adouglas from 148.72.65.10 port 39966 ssh2 Apr 25 00:53:21 mail sshd[11865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10	2020-04-25 07:05:51
attackspam	Apr 20 21:46:27 server sshd[20802]: Failed password for root from 148.72.65.10 port 55968 ssh2 Apr 20 21:53:26 server sshd[22363]: Failed password for invalid user vz from 148.72.65.10 port 44800 ssh2 Apr 20 21:58:52 server sshd[23832]: Failed password for invalid user ubuntu from 148.72.65.10 port 36856 ssh2	2020-04-21 05:06:01
attackbotsspam	Apr 4 22:44:55 vps sshd[1953]: Failed password for root from 148.72.65.10 port 58776 ssh2 Apr 4 22:48:10 vps sshd[2103]: Failed password for root from 148.72.65.10 port 41880 ssh2 ...	2020-04-05 05:11:22
attack	Mar 31 16:53:21 haigwepa sshd[10354]: Failed password for root from 148.72.65.10 port 38744 ssh2 ...	2020-03-31 22:58:24
attack	Mar 21 22:24:33 server1 sshd\[20832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Mar 21 22:24:34 server1 sshd\[20832\]: Failed password for invalid user azael from 148.72.65.10 port 39400 ssh2 Mar 21 22:29:09 server1 sshd\[22254\]: Invalid user storm from 148.72.65.10 Mar 21 22:29:09 server1 sshd\[22254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Mar 21 22:29:10 server1 sshd\[22254\]: Failed password for invalid user storm from 148.72.65.10 port 57720 ssh2 ...	2020-03-22 12:30:37
attackspambots	godaddy likes hackers too. 3rd time reporting this IP in 3 months.	2020-03-19 12:18:18
attackbots	Unauthorized connection attempt detected from IP address 148.72.65.10 to port 2220 [J]	2020-01-15 15:16:40
attackspambots	Jan 2 08:25:12 lnxweb61 sshd[3465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10	2020-01-02 21:10:40
attackbotsspam	SSH Brute Force	2019-12-29 06:12:42
attackspambots	Dec 25 02:49:46 ws12vmsma01 sshd[38314]: Failed password for invalid user dovecot from 148.72.65.10 port 46414 ssh2 Dec 25 02:58:00 ws12vmsma01 sshd[39528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net user=root Dec 25 02:58:02 ws12vmsma01 sshd[39528]: Failed password for root from 148.72.65.10 port 44698 ssh2 ...	2019-12-25 13:18:53
attack	Dec 24 08:02:47 XXXXXX sshd[21677]: Invalid user home from 148.72.65.10 port 56280	2019-12-24 22:07:29
attack	Dec 18 07:24:20 vpn01 sshd[7721]: Failed password for daemon from 148.72.65.10 port 34474 ssh2 Dec 18 07:29:54 vpn01 sshd[7998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 ...	2019-12-18 15:34:13
attackspambots	Dec 15 09:09:48 server sshd\[25310\]: Invalid user news from 148.72.65.10 Dec 15 09:09:48 server sshd\[25310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net Dec 15 09:09:49 server sshd\[25310\]: Failed password for invalid user news from 148.72.65.10 port 48642 ssh2 Dec 15 09:27:46 server sshd\[30965\]: Invalid user brychcy from 148.72.65.10 Dec 15 09:27:46 server sshd\[30965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net ...	2019-12-15 17:34:56
attackbotsspam	Dec 1 17:24:29 plusreed sshd[1305]: Invalid user treble from 148.72.65.10 ...	2019-12-02 06:34:48
attack	Nov 30 08:12:53 sd-53420 sshd\[13784\]: Invalid user r from 148.72.65.10 Nov 30 08:12:53 sd-53420 sshd\[13784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 30 08:12:55 sd-53420 sshd\[13784\]: Failed password for invalid user r from 148.72.65.10 port 34400 ssh2 Nov 30 08:16:02 sd-53420 sshd\[14361\]: User mysql from 148.72.65.10 not allowed because none of user's groups are listed in AllowGroups Nov 30 08:16:02 sd-53420 sshd\[14361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=mysql ...	2019-11-30 15:30:00
attackspam	Nov 24 14:36:51 ws19vmsma01 sshd[241075]: Failed password for lp from 148.72.65.10 port 34942 ssh2 Nov 24 14:56:37 ws19vmsma01 sshd[51471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 ...	2019-11-25 02:11:46
attackspam	Nov 24 10:14:33 sauna sshd[203866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 24 10:14:36 sauna sshd[203866]: Failed password for invalid user shim from 148.72.65.10 port 50510 ssh2 ...	2019-11-24 16:15:17
attackbotsspam	Nov 22 08:25:47 TORMINT sshd\[5036\]: Invalid user poiuytrewq from 148.72.65.10 Nov 22 08:25:47 TORMINT sshd\[5036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 22 08:25:48 TORMINT sshd\[5036\]: Failed password for invalid user poiuytrewq from 148.72.65.10 port 45588 ssh2 ...	2019-11-22 21:29:01
attackspam	Nov 21 00:13:02 lnxmail61 sshd[26139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Nov 21 00:13:02 lnxmail61 sshd[26139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10	2019-11-21 07:16:10
attackbotsspam	$f2bV_matches	2019-11-13 04:21:13
attackbots	Nov 10 20:23:54 hanapaa sshd\[6854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net user=root Nov 10 20:23:56 hanapaa sshd\[6854\]: Failed password for root from 148.72.65.10 port 44452 ssh2 Nov 10 20:27:42 hanapaa sshd\[7136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-65-10.ip.secureserver.net user=root Nov 10 20:27:44 hanapaa sshd\[7136\]: Failed password for root from 148.72.65.10 port 53908 ssh2 Nov 10 20:31:38 hanapaa sshd\[7444\]: Invalid user gensel from 148.72.65.10	2019-11-11 14:45:25
attackbots	$f2bV_matches	2019-11-02 13:12:53
attackspam	Oct 29 08:19:51 hosting sshd[19810]: Invalid user ATI from 148.72.65.10 port 43748 ...	2019-10-29 14:57:22
attackspambots	Oct 26 21:36:31 localhost sshd\[98943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=root Oct 26 21:36:33 localhost sshd\[98943\]: Failed password for root from 148.72.65.10 port 43402 ssh2 Oct 26 21:40:14 localhost sshd\[99108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=root Oct 26 21:40:17 localhost sshd\[99108\]: Failed password for root from 148.72.65.10 port 53972 ssh2 Oct 26 21:44:03 localhost sshd\[99205\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 user=root ...	2019-10-27 05:45:07
attackbots	Invalid user ftpu from 148.72.65.10 port 58658	2019-10-26 16:50:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.72.65.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22360
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.72.65.10.			IN	A

;; AUTHORITY SECTION:
.			3084	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041001 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 11 07:44:40 +08 2019
;; MSG SIZE  rcvd: 116

Host info

10.65.72.148.in-addr.arpa domain name pointer ip-148-72-65-10.ip.secureserver.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
10.65.72.148.in-addr.arpa	name = ip-148-72-65-10.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.108.119	attackspam	Unauthorized connection attempt detected from IP address 77.247.108.119 to port 443	2020-03-27 19:06:12
113.11.255.28	attackspam	ssh intrusion attempt	2020-03-27 19:15:29
45.143.221.54	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-27 18:36:32
64.182.119.2	attackbotsspam	SIP/5060 Probe, BF, Hack -	2020-03-27 18:34:00
198.108.66.231	attackspambots	Mar 27 09:14:58 debian-2gb-nbg1-2 kernel: \[7555969.734628\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.66.231 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=31 ID=64424 PROTO=TCP SPT=20790 DPT=9518 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-27 18:42:07
80.82.65.234	attackbotsspam	probes 5 times on the port 5555 60001 8080 9001 resulting in total of 133 scans from 80.82.64.0/20 block.	2020-03-27 18:31:33
185.151.242.186	attackbots	Unauthorized connection attempt detected from IP address 185.151.242.186 to port 1001	2020-03-27 18:14:43
62.231.176.154	attackspam	'IP reached maximum auth failures for a one day block'	2020-03-27 18:34:29
185.176.27.42	attack	03/27/2020-06:26:08.433323 185.176.27.42 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-27 18:46:59
80.82.78.100	attackbotsspam	scans 3 times in preceeding hours on the ports (in chronological order) 6884 40831 41022 resulting in total of 133 scans from 80.82.64.0/20 block.	2020-03-27 19:04:37
89.248.168.202	attackbotsspam	03/27/2020-06:48:05.058457 89.248.168.202 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-27 19:03:57
185.153.198.249	attack	03/27/2020-06:12:58.943746 185.153.198.249 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-27 18:52:36
185.94.111.1	attackspam	scans 2 times in preceeding hours on the ports (in chronological order) 13331 1900	2020-03-27 18:54:32
114.80.178.221	attackspambots	SIP/5060 Probe, BF, Hack -	2020-03-27 18:26:06
176.113.115.209	attack	ET DROP Dshield Block Listed Source group 1 - port: 3393 proto: TCP cat: Misc Attack	2020-03-27 18:17:51

Recently Reported IPs

183.82.114.1	187.131.177.175	140.143.30.191	116.90.80.50
67.205.180.109	183.78.207.78	45.227.254.58	109.99.144.163
90.151.91.67	42.119.205.86	139.199.82.171	131.72.200.228
201.141.193.168	185.189.113.42	185.144.78.170	77.157.9.101
134.249.48.131	14.48.145.28	162.243.150.58	118.70.13.208