132.148.104.142

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - XMLRPC Attack	2020-07-13 03:30:43

Comments on same subnet:

IP	Type	Details	Datetime
132.148.104.36	attackspam	[N10.H1.VM1] Port Scanner Detected Blocked by UFW	2020-08-15 19:53:30
132.148.104.132	attackspambots	C1,WP GET /manga/web/wp-includes/wlwmanifest.xml	2020-07-24 12:37:32
132.148.104.135	attack	Automatic report - XMLRPC Attack	2020-07-08 17:30:47
132.148.104.129	attack	Automatic report - XMLRPC Attack	2020-07-01 07:58:05
132.148.104.29	attack	Automatic report - XMLRPC Attack	2020-06-29 14:08:25
132.148.104.7	attackspam	Automatic report - XMLRPC Attack	2020-06-22 17:21:12
132.148.104.135	attack	132.148.104.135 - - [12/Jun/2020:12:18:33 -0600] "GET /newsite/wp-includes/wlwmanifest.xml HTTP/1.1" 404 10057 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" ...	2020-06-13 05:30:53
132.148.104.4	attackspambots	Wordpress_xmlrpc_attack	2020-05-25 22:40:46
132.148.104.144	attackspam	2020-05-16T12:07:59.000Z "GET /store/wp-includes/wlwmanifest.xml HTTP/1.1" "-" "-" 2020-05-16T12:07:59.000Z "GET /store/wp-includes/wlwmanifest.xml HTTP/1.1" "-" "-"	2020-05-17 04:01:16
132.148.104.150	attackspam	Automatic report - XMLRPC Attack	2020-04-28 20:23:37
132.148.104.160	attackspam	Automatic report - XMLRPC Attack	2020-02-23 01:20:24
132.148.104.16	attackbots	xmlrpc attack	2020-01-23 15:50:49
132.148.104.152	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-16 20:41:38
132.148.104.32	attack	Automatic report - XMLRPC Attack	2020-01-14 13:02:30
132.148.104.16	attackspambots	Automatic report - XMLRPC Attack	2019-12-30 13:10:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.104.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51375
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.104.142.		IN	A

;; AUTHORITY SECTION:
.			400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071201 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 13 03:30:40 CST 2020
;; MSG SIZE  rcvd: 119

Host info

142.104.148.132.in-addr.arpa domain name pointer p3nlhg2090.shr.prod.phx3.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.104.148.132.in-addr.arpa	name = p3nlhg2090.shr.prod.phx3.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.162.60.159	attackbots	(sshd) Failed SSH login from 121.162.60.159 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 14 20:05:16 grace sshd[31423]: Invalid user user2 from 121.162.60.159 port 39752 Jul 14 20:05:19 grace sshd[31423]: Failed password for invalid user user2 from 121.162.60.159 port 39752 ssh2 Jul 14 20:22:55 grace sshd[1151]: Invalid user xl from 121.162.60.159 port 54030 Jul 14 20:22:57 grace sshd[1151]: Failed password for invalid user xl from 121.162.60.159 port 54030 ssh2 Jul 14 20:26:04 grace sshd[1631]: Invalid user haga from 121.162.60.159 port 47088	2020-07-15 06:19:52
118.160.77.8	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-15 06:37:56
183.62.35.226	attackspam	Port scan on 1 port(s): 1433	2020-07-15 06:39:01
190.43.85.235	attack	Jul 14 20:25:47 mellenthin postfix/smtpd[19048]: NOQUEUE: reject: RCPT from unknown[190.43.85.235]: 554 5.7.1 Service unavailable; Client host [190.43.85.235] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/190.43.85.235 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[190.43.85.235]>	2020-07-15 06:45:09
83.51.42.174	attackspam	2020-07-14T19:50:44.251148shield sshd\[22626\]: Invalid user smb from 83.51.42.174 port 45234 2020-07-14T19:50:44.260971shield sshd\[22626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.red-83-51-42.dynamicip.rima-tde.net 2020-07-14T19:50:46.243850shield sshd\[22626\]: Failed password for invalid user smb from 83.51.42.174 port 45234 ssh2 2020-07-14T19:56:44.835262shield sshd\[24154\]: Invalid user sinha from 83.51.42.174 port 43670 2020-07-14T19:56:44.843533shield sshd\[24154\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.red-83-51-42.dynamicip.rima-tde.net	2020-07-15 06:47:43
181.62.248.12	attack	466. On Jul 14 2020 experienced a Brute Force SSH login attempt -> 12 unique times by 181.62.248.12.	2020-07-15 06:22:18
46.71.225.21	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-15 06:32:49
129.211.92.41	attack	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-07-15 06:27:00
202.188.219.29	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-07-15 06:19:22
103.104.162.43	attackbotsspam	1594751163 - 07/14/2020 20:26:03 Host: 103.104.162.43/103.104.162.43 Port: 445 TCP Blocked	2020-07-15 06:25:19
212.224.228.54	attackspam	Fail2Ban Ban Triggered SMTP Abuse Attempt	2020-07-15 06:42:43
217.164.229.153	attackspam	Honeypot attack, port: 445, PTR: bba102007.alshamil.net.ae.	2020-07-15 06:44:40
192.35.169.48	attackspam	Brute force attack stopped by firewall	2020-07-15 06:50:04
45.254.34.72	attackbots	Email rejected due to spam filtering	2020-07-15 06:48:11
206.189.147.137	attackspambots	624. On Jul 14 2020 experienced a Brute Force SSH login attempt -> 142 unique times by 206.189.147.137.	2020-07-15 06:18:04

Recently Reported IPs

117.29.240.145	49.149.99.199	165.227.41.68	151.234.136.116
86.82.0.41	93.174.93.166	27.254.105.194	104.229.103.86
13.76.246.176	120.36.250.204	113.110.42.213	91.222.221.26
49.213.170.141	177.105.63.253	195.54.160.21	181.228.12.185
190.207.68.253	189.207.107.105	123.133.78.236	66.128.35.253