132.148.104.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
132.148.104.36	attackspam	[N10.H1.VM1] Port Scanner Detected Blocked by UFW	2020-08-15 19:53:30
132.148.104.132	attackspambots	C1,WP GET /manga/web/wp-includes/wlwmanifest.xml	2020-07-24 12:37:32
132.148.104.142	attackspam	Automatic report - XMLRPC Attack	2020-07-13 03:30:43
132.148.104.135	attack	Automatic report - XMLRPC Attack	2020-07-08 17:30:47
132.148.104.129	attack	Automatic report - XMLRPC Attack	2020-07-01 07:58:05
132.148.104.29	attack	Automatic report - XMLRPC Attack	2020-06-29 14:08:25
132.148.104.7	attackspam	Automatic report - XMLRPC Attack	2020-06-22 17:21:12
132.148.104.135	attack	132.148.104.135 - - [12/Jun/2020:12:18:33 -0600] "GET /newsite/wp-includes/wlwmanifest.xml HTTP/1.1" 404 10057 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" ...	2020-06-13 05:30:53
132.148.104.4	attackspambots	Wordpress_xmlrpc_attack	2020-05-25 22:40:46
132.148.104.144	attackspam	2020-05-16T12:07:59.000Z "GET /store/wp-includes/wlwmanifest.xml HTTP/1.1" "-" "-" 2020-05-16T12:07:59.000Z "GET /store/wp-includes/wlwmanifest.xml HTTP/1.1" "-" "-"	2020-05-17 04:01:16
132.148.104.150	attackspam	Automatic report - XMLRPC Attack	2020-04-28 20:23:37
132.148.104.160	attackspam	Automatic report - XMLRPC Attack	2020-02-23 01:20:24
132.148.104.16	attackbots	xmlrpc attack	2020-01-23 15:50:49
132.148.104.152	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-16 20:41:38
132.148.104.32	attack	Automatic report - XMLRPC Attack	2020-01-14 13:02:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.104.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55765
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.104.5.			IN	A

;; AUTHORITY SECTION:
.			127	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071702 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 18 12:07:32 CST 2020
;; MSG SIZE  rcvd: 117

Host info

5.104.148.132.in-addr.arpa domain name pointer p3nlhg2122.shr.prod.phx3.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
5.104.148.132.in-addr.arpa	name = p3nlhg2122.shr.prod.phx3.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.153.73.242	attackspam	286. On Jun 16 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 148.153.73.242.	2020-06-17 07:05:36
109.89.146.206	attackbotsspam	Invalid user libuuid from 109.89.146.206 port 47388	2020-06-17 06:49:30
52.230.16.116	attackbots	WordPress brute force	2020-06-17 07:27:21
177.144.133.82	attackbots	2020-06-16T20:47:42.776247abusebot-7.cloudsearch.cf sshd[9367]: Invalid user rhino from 177.144.133.82 port 20191 2020-06-16T20:47:42.782710abusebot-7.cloudsearch.cf sshd[9367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.144.133.82 2020-06-16T20:47:42.776247abusebot-7.cloudsearch.cf sshd[9367]: Invalid user rhino from 177.144.133.82 port 20191 2020-06-16T20:47:44.945399abusebot-7.cloudsearch.cf sshd[9367]: Failed password for invalid user rhino from 177.144.133.82 port 20191 ssh2 2020-06-16T20:51:12.820977abusebot-7.cloudsearch.cf sshd[9584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.144.133.82 user=root 2020-06-16T20:51:15.481838abusebot-7.cloudsearch.cf sshd[9584]: Failed password for root from 177.144.133.82 port 28323 ssh2 2020-06-16T20:54:35.928271abusebot-7.cloudsearch.cf sshd[9793]: Invalid user som from 177.144.133.82 port 49166 ...	2020-06-17 07:09:19
86.188.246.2	attackspambots	1118. On Jun 16 2020 experienced a Brute Force SSH login attempt -> 2 unique times by 86.188.246.2.	2020-06-17 07:22:13
85.209.0.100	attackbotsspam	TCP (SYN) 85.209.0.100:15684 -> port 22, len 60	2020-06-17 07:00:18
62.171.171.9	attackspambots	62.171.171.9 - - [17/Jun/2020:00:37:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10855 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 62.171.171.9 - - [17/Jun/2020:01:01:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 7064 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-17 07:22:28
195.54.161.26	attack	Jun 17 00:56:22 debian-2gb-nbg1-2 kernel: \[14606883.805004\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.161.26 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=52581 PROTO=TCP SPT=53736 DPT=11958 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-17 07:04:38
185.173.35.17	attack	srv02 Mass scanning activity detected Target: 52311 ..	2020-06-17 07:18:28
190.122.220.217	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-17 06:52:58
81.4.96.82	attack	WordPress brute force	2020-06-17 07:15:58
181.189.133.34	attackbots	Honeypot attack, port: 445, PTR: 181.189.133.34.tigo.net.gt.	2020-06-17 06:55:14
185.211.246.112	attackspambots	185.211.246.112 has been banned for [spam] ...	2020-06-17 07:23:38
95.179.154.38	attackbotsspam	Jun 16 16:33:09 r.ca sshd[21772]: Failed password for invalid user john1 from 95.179.154.38 port 59430 ssh2	2020-06-17 06:52:43
177.184.216.30	attackbots	Brute force attempt	2020-06-17 06:48:44

Recently Reported IPs

219.100.37.54	176.162.21.55	45.77.69.137	188.165.42.223
185.74.5.156	130.213.147.59	160.168.255.7	13.76.170.62
213.136.83.212	124.120.154.180	20.190.62.64	52.147.201.71
119.42.91.231	68.76.21.148	54.254.182.94	46.249.64.92
188.92.213.254	211.65.107.179	88.80.148.172	103.249.238.211