5.134.48.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Azerbaijan

Internet Service Provider: SuperOnlayn Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 5.134.48.72 on Port 445(SMB)	2020-09-01 01:58:07

Comments on same subnet:

IP	Type	Details	Datetime
5.134.48.17	attackbotsspam	2020-08-04T08:57:22.333802vps751288.ovh.net sshd\[14900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.134.48.17 user=root 2020-08-04T08:57:24.625771vps751288.ovh.net sshd\[14900\]: Failed password for root from 5.134.48.17 port 52766 ssh2 2020-08-04T09:01:58.080797vps751288.ovh.net sshd\[14945\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.134.48.17 user=root 2020-08-04T09:02:00.263070vps751288.ovh.net sshd\[14945\]: Failed password for root from 5.134.48.17 port 35586 ssh2 2020-08-04T09:06:27.479171vps751288.ovh.net sshd\[14978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.134.48.17 user=root	2020-08-04 15:21:26
5.134.48.17	attack	2020-07-20T12:26:17.266011vps2034 sshd[307]: Invalid user git from 5.134.48.17 port 54366 2020-07-20T12:26:17.269950vps2034 sshd[307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.134.48.17 2020-07-20T12:26:17.266011vps2034 sshd[307]: Invalid user git from 5.134.48.17 port 54366 2020-07-20T12:26:19.139596vps2034 sshd[307]: Failed password for invalid user git from 5.134.48.17 port 54366 ssh2 2020-07-20T12:30:19.252255vps2034 sshd[10513]: Invalid user felix from 5.134.48.17 port 57762 ...	2020-07-21 02:59:37
5.134.48.17	attackbotsspam	$f2bV_matches	2020-07-10 16:57:41
5.134.48.131	attackspambots	Port Scan: TCP/4486	2019-09-03 00:07:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.134.48.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46478
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.134.48.72.			IN	A

;; AUTHORITY SECTION:
.			325	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020083101 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 01:58:04 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 72.48.134.5.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.48.134.5.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.48.155.149	attack	Mar 7 15:08:49 sd-53420 sshd\[18814\]: Invalid user deploy from 181.48.155.149 Mar 7 15:08:49 sd-53420 sshd\[18814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.155.149 Mar 7 15:08:51 sd-53420 sshd\[18814\]: Failed password for invalid user deploy from 181.48.155.149 port 43344 ssh2 Mar 7 15:13:41 sd-53420 sshd\[19347\]: Invalid user q3server from 181.48.155.149 Mar 7 15:13:41 sd-53420 sshd\[19347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.155.149 ...	2020-03-07 22:21:50
159.89.90.92	attackbotsspam	Mar 7 13:44:26 XXX sshd[25679]: Invalid user fake from 159.89.90.92 Mar 7 13:44:26 XXX sshd[25679]: Received disconnect from 159.89.90.92: 11: Bye Bye [preauth] Mar 7 13:44:27 XXX sshd[25681]: Invalid user admin from 159.89.90.92 Mar 7 13:44:27 XXX sshd[25681]: Received disconnect from 159.89.90.92: 11: Bye Bye [preauth] Mar 7 13:44:28 XXX sshd[25683]: User r.r from 159.89.90.92 not allowed because none of user's groups are listed in AllowGroups Mar 7 13:44:28 XXX sshd[25683]: Received disconnect from 159.89.90.92: 11: Bye Bye [preauth] Mar 7 13:44:29 XXX sshd[25685]: Invalid user ubnt from 159.89.90.92 Mar 7 13:44:29 XXX sshd[25685]: Received disconnect from 159.89.90.92: 11: Bye Bye [preauth] Mar 7 13:44:30 XXX sshd[25688]: Invalid user guest from 159.89.90.92 Mar 7 13:44:30 XXX sshd[25688]: Received disconnect from 159.89.90.92: 11: Bye Bye [preauth] Mar 7 13:44:31 XXX sshd[25691]: Invalid user support from 159.89.90.92 Mar 7 13:44:31 XXX sshd[25691]: Rec........ -------------------------------	2020-03-07 22:08:06
109.100.43.230	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-07 22:09:55
95.110.227.64	attackspam	Mar 7 14:28:05 vpn01 sshd[25658]: Failed password for root from 95.110.227.64 port 39396 ssh2 ...	2020-03-07 22:09:15
14.207.113.229	attackbotsspam	[SatMar0714:34:13.3508522020][:error][pid23137:tid47374152689408][client14.207.113.229:50005][client14.207.113.229]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected$DisableifyouwanttoallowMSIE6$"][severity"WARNING"][hostname"patriziatodiosogna.ch"][uri"/"][unique_id"XmOi1bEzoE76i-@upIxXLQAAAZE"][SatMar0714:34:17.9451602020][:error][pid23137:tid47374123271936][client14.207.113.229:33608][client14.207.113.229]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\	2020-03-07 22:36:42
95.55.103.135	attackspam	[SatMar0714:34:21.1871252020][:error][pid23072:tid47374116968192][client95.55.103.135:60889][client95.55.103.135]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected$DisableifyouwanttoallowMSIE6$"][severity"WARNING"][hostname"patriziatodiosogna.ch"][uri"/"][unique_id"XmOi3SFZQu0upYTvzaHywgAAAUA"][SatMar0714:34:25.2773552020][:error][pid23072:tid47374156891904][client95.55.103.135:54509][client95.55.103.135]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Dis	2020-03-07 22:25:52
54.38.242.206	attackbots	Mar 7 14:18:58 game-panel sshd[26212]: Failed password for lp from 54.38.242.206 port 59378 ssh2 Mar 7 14:23:02 game-panel sshd[26358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.242.206 Mar 7 14:23:04 game-panel sshd[26358]: Failed password for invalid user neutron from 54.38.242.206 port 47910 ssh2	2020-03-07 22:25:33
192.119.9.26	attack	suspicious action Sat, 07 Mar 2020 10:34:14 -0300	2020-03-07 22:39:04
79.172.121.225	attackspam	Honeypot attack, port: 445, PTR: 79-172-121-225.dyn.broadband.iskratelecom.ru.	2020-03-07 22:46:49
5.104.47.158	attackspambots	1583588059 - 03/07/2020 14:34:19 Host: 5.104.47.158/5.104.47.158 Port: 445 TCP Blocked	2020-03-07 22:35:03
185.36.81.78	attackbotsspam	2020-03-07T14:27:34.284814www postfix/smtpd[29605]: warning: unknown[185.36.81.78]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-03-07T14:34:45.236450www postfix/smtpd[29667]: warning: unknown[185.36.81.78]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-03-07T15:13:56.268888www postfix/smtpd[32140]: warning: unknown[185.36.81.78]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-07 22:15:58
89.40.246.32	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-07 22:31:27
222.186.180.142	attackspambots	Mar 7 14:17:10 vpn01 sshd[25567]: Failed password for root from 222.186.180.142 port 30539 ssh2 ...	2020-03-07 21:58:11
81.225.115.29	attackspam	Honeypot attack, port: 5555, PTR: 81-225-115-29-no2370.tbcn.telia.com.	2020-03-07 22:38:36
218.92.0.212	attackbots	Mar 7 13:57:10 localhost sshd[50616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root Mar 7 13:57:12 localhost sshd[50616]: Failed password for root from 218.92.0.212 port 47497 ssh2 Mar 7 13:57:15 localhost sshd[50616]: Failed password for root from 218.92.0.212 port 47497 ssh2 Mar 7 13:57:10 localhost sshd[50616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root Mar 7 13:57:12 localhost sshd[50616]: Failed password for root from 218.92.0.212 port 47497 ssh2 Mar 7 13:57:15 localhost sshd[50616]: Failed password for root from 218.92.0.212 port 47497 ssh2 Mar 7 13:57:10 localhost sshd[50616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root Mar 7 13:57:12 localhost sshd[50616]: Failed password for root from 218.92.0.212 port 47497 ssh2 Mar 7 13:57:15 localhost sshd[50616]: Failed password fo ...	2020-03-07 22:29:30

Recently Reported IPs

45.233.198.92	95.25.252.103	186.77.56.215	81.12.7.62
197.50.137.150	114.35.158.171	172.78.230.18	193.122.17.205
78.36.200.186	93.92.200.180	185.91.252.133	95.168.167.145
97.107.141.72	123.30.234.115	41.33.53.162	3.14.7.109
172.104.14.201	118.166.46.192	176.109.14.79	103.109.178.22