132.148.164.113

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	WordPress brute force	2020-06-28 06:25:09

Comments on same subnet:

IP	Type	Details	Datetime
132.148.164.97	attack	2020-03-16T20:17:46.219175-07:00 suse-nuc sshd[9943]: Invalid user export from 132.148.164.97 port 44107 ...	2020-03-17 14:00:49
132.148.164.97	attack	$f2bV_matches	2020-03-13 12:44:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.164.113
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41362
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.164.113.		IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062701 1800 900 604800 86400

;; Query time: 198 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 28 06:25:06 CST 2020
;; MSG SIZE  rcvd: 119

Host info

113.164.148.132.in-addr.arpa domain name pointer ip-132-148-164-113.ip.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
113.164.148.132.in-addr.arpa	name = ip-132-148-164-113.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.97.177.73	attack	209.97.177.73 - - [09/Aug/2020:14:14:08 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.177.73 - - [09/Aug/2020:14:14:08 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 209.97.177.73 - - [09/Aug/2020:14:14:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 21:41:53
195.144.21.56	attackspam	Sent packet to closed port: 81	2020-08-09 22:10:55
52.254.50.46	attack	Unauthorized connection attempt detected from IP address 52.254.50.46 to port 80 [T]	2020-08-09 21:40:02
67.209.185.218	attack	Bruteforce detected by fail2ban	2020-08-09 21:34:20
223.241.119.137	attackbotsspam	MAIL: User Login Brute Force Attempt	2020-08-09 21:46:10
113.22.243.80	attack	1596975228 - 08/09/2020 14:13:48 Host: 113.22.243.80/113.22.243.80 Port: 445 TCP Blocked	2020-08-09 21:59:26
185.222.6.147	attack	Aug 9 14:14:13 kh-dev-server sshd[7141]: Failed password for root from 185.222.6.147 port 60918 ssh2 ...	2020-08-09 21:39:42
91.191.209.193	attackbots	2020-08-09 15:20:11 dovecot_login authenticator failed for $User$ \[91.191.209.193\]: 535 Incorrect authentication data $set_id=789456123@hosting1.no-server.de$ 2020-08-09 15:20:19 dovecot_login authenticator failed for $User$ \[91.191.209.193\]: 535 Incorrect authentication data $set_id=789456123@hosting1.no-server.de$ 2020-08-09 15:20:23 dovecot_login authenticator failed for $User$ \[91.191.209.193\]: 535 Incorrect authentication data $set_id=789456123@hosting1.no-server.de$ 2020-08-09 15:20:25 dovecot_login authenticator failed for $User$ \[91.191.209.193\]: 535 Incorrect authentication data $set_id=789456123@hosting1.no-server.de$ 2020-08-09 15:20:51 dovecot_login authenticator failed for $User$ \[91.191.209.193\]: 535 Incorrect authentication data $set_id=october@hosting1.no-server.de$ ...	2020-08-09 21:29:12
211.199.173.244	attack	1596975258 - 08/09/2020 14:14:18 Host: 211.199.173.244/211.199.173.244 Port: 23 TCP Blocked	2020-08-09 21:35:06
134.175.245.162	attack	Port Scan ...	2020-08-09 21:48:47
222.186.175.182	attackspam	$f2bV_matches	2020-08-09 21:38:17
127.0.0.1	attackspam	This is a Test for the status Page	2020-08-09 21:43:27
97.74.236.154	attack	Aug 9 03:06:14 php1 sshd\[3949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97.74.236.154 user=root Aug 9 03:06:16 php1 sshd\[3949\]: Failed password for root from 97.74.236.154 port 50086 ssh2 Aug 9 03:08:19 php1 sshd\[4118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97.74.236.154 user=root Aug 9 03:08:21 php1 sshd\[4118\]: Failed password for root from 97.74.236.154 port 57154 ssh2 Aug 9 03:10:32 php1 sshd\[4398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97.74.236.154 user=root	2020-08-09 22:12:33
142.93.18.7	attack	www.fahrschule-mihm.de 142.93.18.7 [09/Aug/2020:14:14:23 +0200] "POST /wp-login.php HTTP/1.1" 200 5994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.fahrschule-mihm.de 142.93.18.7 [09/Aug/2020:14:14:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4072 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 21:30:56
222.186.180.17	attackbotsspam	Aug 9 15:57:36 cosmoit sshd[26941]: Failed password for root from 222.186.180.17 port 9720 ssh2	2020-08-09 22:04:54

Recently Reported IPs

80.117.135.60	192.244.254.106	183.143.199.160	1.249.242.242
187.208.212.248	88.157.178.1	88.112.14.247	104.154.47.255
99.180.79.237	2.72.227.73	191.161.238.34	54.147.147.1
106.51.79.242	64.90.236.45	201.233.233.104	185.78.117.63
105.99.5.145	97.167.75.180	221.60.40.15	206.173.56.219