JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 148.72.213.43

148.72.213.43 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	GoDaddy.com, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26496
Hostname(s)	43.213.72.148.host.secureserver.net
Domain Name	godaddy.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 148.72.213.43

Whois 148.72.213.43

IP Abuse Reports for 148.72.213.43:

This IP address has been reported a total of 35 times from 31 distinct sources. 148.72.213.43 was first reported on June 4th 2026, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 2000cn.com.au	2026-06-05 01:20:19 (4 minutes ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-05 00:49:58 (35 minutes ago)	(mod_security) mod_security (id:210492) triggered by 148.72.213.43 (43.213.72.148.host.secureserver. ... show more (mod_security) mod_security (id:210492) triggered by 148.72.213.43 (43.213.72.148.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 20:49:53.438401 2026] [security2:error] [pid 17259:tid 17283] [client 148.72.213.43:56250] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.21"] [uri "/.git/HEAD"] [unique_id "aiIdMVBWyEZ4P-6kVFPGzAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-05 00:01:03 (1 hour ago)	.env scanning [BY]	Web App Attack
🇺🇸 RAP	2026-06-04 22:42:43 (2 hours ago)	2026-06-04 22:42:43 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇫🇷 SpaceHost-Server	2026-06-04 22:26:57 (2 hours ago)		Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-04 22:17:46 (3 hours ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-04 21:51:41 (3 hours ago)	tls scan	Port Scan
🇩🇪 mueller-nils.com	2026-06-04 21:24:09 (4 hours ago)	Jun 4 23:23:18 [host] kernel: [3716985.423006] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=148.72.213.43 DST ... show more Jun 4 23:23:18 [host] kernel: [3716985.423006] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=148.72.213.43 DST=[munged] LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=32614 DF PROTO=TCP SPT=38840 DPT=2087 WINDOW=29200 RES=0x00 SYN URGP=0 Jun 4 23:23:18 [host] kernel: [37 show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-04 21:14:41 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 148.72.213.43 (43.213.72.148.host.secureserver. ... show more (mod_security) mod_security (id:210492) triggered by 148.72.213.43 (43.213.72.148.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 17:14:35.890659 2026] [security2:error] [pid 11599:tid 11599] [client 148.72.213.43:35552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.65"] [uri "/.git/HEAD"] [unique_id "aiHqu_41IHsac6jz2bq9dgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 21:05:02 (4 hours ago)	Bot / scanning and/or hacking attempts: GET /wp-config.php HTTP/1.1, GET /.git/config HTTP/1.1, GET ... show more Bot / scanning and/or hacking attempts: GET /wp-config.php HTTP/1.1, GET /.git/config HTTP/1.1, GET /.env HTTP/1.1, GET /phpinfo.php HTTP/1.1, GET /wp-config.php.bak HTTP/1.1, GET /.env.backup HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /.env.production HTTP/1.1, GET /server-status HTTP/1.1, GET /.env.save HTTP/1.1, GET /.git/HEAD HTTP/1.1, GET /.env.local HTTP/1.1, GET /config/database.yml HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 rellim.com	2026-06-04 19:10:32 (6 hours ago)	Jun 4 12:10:31 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08 ... show more Jun 4 12:10:31 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=148.72.213.43 DST=204.17.205.254 LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=9055 DF PROTO=TCP SPT=46770 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Jun 4 12:10:31 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=148.72.213.43 DST=204.17.205.254 LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=24600 DF PROTO=TCP SPT=46732 DPT=8080 WINDOW=29200 RES=0x00 SYN URGP=0 Jun 4 12:10:31 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=148.72.213.43 DST=204.17.205.254 LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=36899 DF PROTO=TCP SPT=49386 DPT=2087 WINDOW=29200 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-06-04 18:41:14 (6 hours ago)	Fail2Ban triggered	Web App Attack
🇭🇺 HoneyPotEu	2026-06-04 18:24:08 (7 hours ago)	148.72.213.43 - - 193.188.192.138 [04/Jun/2026:14:23:51 -0400] "GET /.git/HEAD HTTP/1.1" 404 118 "-" ... show more 148.72.213.43 - - 193.188.192.138 [04/Jun/2026:14:23:51 -0400] "GET /.git/HEAD HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 0.000 - - 148.72.213.43 - - 193.188.192.138 [04/Jun/2026:14:23:52 -0400] "GET /.git/config HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 0.000 - - ... show less	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-04 18:08:43 (7 hours ago)	Too many 404 requests [BY]	Web App Attack
🇩🇪 psauxit	2026-06-04 17:55:26 (7 hours ago)	Fail2Ban - UFW port probing on unauthorized port	Port Scan

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 170.187.165.242

🇭🇰 165.154.41.6

🇬🇧 89.37.172.150

🇮🇳 38.137.11.14

🇺🇸 38.48.114.27

🇬🇧 31.14.254.123

🇨🇳 27.215.82.219

🇺🇸 3.86.112.214

🇺🇸 195.242.178.94

🇫🇷 193.31.58.251

🇧🇷 191.241.187.53

🇩🇪 162.62.58.193

🇳🇱 160.119.76.108

🇩🇪 159.69.86.170

🇺🇸 137.184.85.24

🇻🇳 113.190.240.12

🇨🇱 104.239.44.78

🇮🇩 103.83.0.66

🇭🇰 101.79.165.43

🇺🇸 100.27.216.66