AbuseIPDB » 73.41.120.252

73.41.120.252 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 60%: ?

60%

ISP	Comcast Cable Communications LLC
Usage Type	Fixed Line ISP
Hostname(s)	c-73-41-120-252.hsd1.ca.comcast.net
Domain Name	comcast.net
Country	United States of America
City	Merced, California

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 73.41.120.252

Whois 73.41.120.252

IP Abuse Reports for 73.41.120.252:

This IP address has been reported a total of 76 times from 23 distinct sources. 73.41.120.252 was first reported on December 20th 2020, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
hosterpack.com	15 Mar 2021	(imapd) Failed IMAP login from 73.41.120.252 (US/United States/c-73-41-120-252.hsd1.ca.comcast.net): ... show more(imapd) Failed IMAP login from 73.41.120.252 (US/United States/c-73-41-120-252.hsd1.ca.comcast.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Mar 16 07:08:03 ir1 dovecot[9799]: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=<[email protected]>, method=PLAIN, rip=73.41.120.252, lip=158.58.191.107, TLS: Connection closed, session=<UrO9F5+9a6JJKXj8> show less	Port Scan
micoots	15 Mar 2021	Cluster member 192.168.0.30 (-) said, DENY 73.41.120.252, Reason:[(imapd) Failed IMAP login from 73. ... show moreCluster member 192.168.0.30 (-) said, DENY 73.41.120.252, Reason:[(imapd) Failed IMAP login from 73.41.120.252 (US/United States/c-73-41-120-252.hsd1.ca.comcast.net): 1 in the last 3600 secs] show less	Brute-Force
samelarmain.com	15 Mar 2021	Mar 15 13:11:53 WHD8 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 5 secs\): user=\ ... show moreMar 15 13:11:53 WHD8 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 5 secs\): user=\<[email protected]\>, method=PLAIN, rip=73.41.120.252, lip=10.64.89.208, session=\<YltvJ5K9JdxJKXj8\> ... show less	Hacking Brute-Force
samelarmain.com	15 Mar 2021	Mar 15 07:05:31 WHD8 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\ ... show moreMar 15 07:05:31 WHD8 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\<[email protected]\>, method=PLAIN, rip=73.41.120.252, lip=10.64.89.208, session=\<x6EzCY29uKlJKXj8\> ... show less	Hacking Brute-Force
samelarmain.com	14 Mar 2021	Mar 15 04:05:27 WHD8 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\ ... show moreMar 15 04:05:27 WHD8 dovecot: imap-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\<[email protected]\>, method=PLAIN, rip=73.41.120.252, lip=10.64.89.208, TLS, session=\<zZswhYq9U+1JKXj8\> ... show less	Hacking Brute-Force
czdali	14 Mar 2021	wp-login.php	Brute-Force Web App Attack
billaids	11 Mar 2021	73.41.120.252 - - [11/Mar/2021:10:37:11 +0100] "POST /wp-login.php HTTP/1.1" 200 9686 "http://atrium ... show more73.41.120.252 - - [11/Mar/2021:10:37:11 +0100] "POST /wp-login.php HTTP/1.1" 200 9686 "http://atrium-fitness-hannover.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" show less	Bad Web Bot Exploited Host Web App Attack
SCHAPPY	11 Mar 2021	Wordpress attack	Web App Attack
shodanNE	10 Mar 2021	73.41.120.252 is unauthorized and has been banned by fail2ban	Brute-Force Web App Attack
pestctrl	09 Mar 2021	IMAP Brute Force	Brute-Force
Anonymous	09 Mar 2021	imap-login: Disconnected (auth failed, 1 attempts in 6	Hacking Brute-Force
micoots	08 Mar 2021	Cluster member 192.168.0.30 (-) said, DENY 73.41.120.252, Reason:[(imapd) Failed IMAP login from 73. ... show moreCluster member 192.168.0.30 (-) said, DENY 73.41.120.252, Reason:[(imapd) Failed IMAP login from 73.41.120.252 (US/United States/c-73-41-120-252.hsd1.ca.comcast.net): 1 in the last 3600 secs] show less	Brute-Force
cerberusinformatica	07 Mar 2021	73.41.120.252 - - [08/Mar/2021:05:00:55 +0100] "POST /wp-login.php HTTP/1.1" 200 6322 "http://amalfi ... show more73.41.120.252 - - [08/Mar/2021:05:00:55 +0100] "POST /wp-login.php HTTP/1.1" 200 6322 "http://amalfitabula.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" 73.41.120.252 - - [08/Mar/2021:05:00:57 +0100] "POST /wp-login.php HTTP/1.1" 200 6322 "http://amalfitabula.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" 73.41.120.252 - - [08/Mar/2021:05:00:58 +0100] "POST /wp-login.php HTTP/1.1" 200 6322 "http://amalfitabula.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" ... show less	Web App Attack
hosterpack.com	05 Mar 2021	(imapd) Failed IMAP login from 73.41.120.252 (US/United States/c-73-41-120-252.hsd1.ca.comcast.net): ... show more(imapd) Failed IMAP login from 73.41.120.252 (US/United States/c-73-41-120-252.hsd1.ca.comcast.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Mar 6 05:57:13 ir1 dovecot[9799]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=<[email protected]>, method=PLAIN, rip=73.41.120.252, lip=158.58.191.107, session=<4+zm79S81cxJKXj8> show less	Port Scan
micoots	05 Mar 2021	Cluster member 192.168.0.30 (-) said, DENY 73.41.120.252, Reason:[(imapd) Failed IMAP login from 73. ... show moreCluster member 192.168.0.30 (-) said, DENY 73.41.120.252, Reason:[(imapd) Failed IMAP login from 73.41.120.252 (US/United States/c-73-41-120-252.hsd1.ca.comcast.net): 1 in the last 3600 secs] show less	Brute-Force

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩