JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 132.148.185.29

132.148.185.29 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 0%: ?

ISP	GoDaddy.com, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS400754
Hostname(s)	29.185.148.132.host.secureserver.net
Domain Name	godaddy.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 132.148.185.29

Whois 132.148.185.29

IP Abuse Reports for 132.148.185.29:

This IP address has been reported a total of 48 times from 28 distinct sources. 132.148.185.29 was first reported on March 26th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-01-17 11:58:42 (5 months ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2025-01-09 20:16:24 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.securese ... show more (mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 15:16:21.087329 2025] [security2:error] [pid 1525188:tid 1525188] [client 132.148.185.29:37598] [client 132.148.185.29] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.ritterlien.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ritterlien.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4AulcQW0WAJRJLLj5YQFgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-09 19:52:29 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.securese ... show more (mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 14:52:22.860957 2025] [security2:error] [pid 1716085:tid 1716085] [client 132.148.185.29:54370] [client 132.148.185.29] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.justicehoward.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.justicehoward.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4Ao9plbAKMyG5OB-7q3CgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-09 19:02:00 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.securese ... show more (mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 14:01:56.551355 2025] [security2:error] [pid 1672661:tid 1672661] [client 132.148.185.29:60214] [client 132.148.185.29] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|casadelsolmexico.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "casadelsolmexico.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4AdJL_FLqmeYEA_TVhIlQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-09 17:07:32 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.securese ... show more (mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 12:07:28.206409 2025] [security2:error] [pid 25313:tid 25313] [client 132.148.185.29:51540] [client 132.148.185.29] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|transcapitalsolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "transcapitalsolutions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4ACUHPBQcV6R0P2mHq67QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-09 15:30:39 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.securese ... show more (mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 10:30:34.705285 2025] [security2:error] [pid 2119480:tid 2119480] [client 132.148.185.29:45052] [client 132.148.185.29] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tedharris.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tedharris.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3_rmtgZwT9eWmECYu_AZwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-09 14:32:14 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.securese ... show more (mod_security) mod_security (id:225170) triggered by 132.148.185.29 (a2plwpweb011.prod.iad2.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 09:32:09.924595 2025] [security2:error] [pid 1823303:tid 1823303] [client 132.148.185.29:36202] [client 132.148.185.29] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|justiart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "justiart.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3_d6dwkk9rRESnnORQBKAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇰 wnbhosting.dk	2024-12-29 10:04:02 (1 year ago)	WP xmlrpc [2024-12-29T11:04:02+01:00]	Hacking Web App Attack
🇩🇪 Ba-Yu	2024-11-18 07:30:03 (1 year ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
🇩🇰 wnbhosting.dk	2024-11-18 04:26:15 (1 year ago)	WP xmlrpc [2024-11-18T05:26:15+01:00]	Hacking Web App Attack
🇺🇸 octageeks.com	2024-10-28 04:07:45 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 myagent.site	2024-10-27 07:23:26 (1 year ago)	Blocked authentication attempt for banned user: admin	Hacking
🇩🇪 Hazzard	2024-10-03 16:01:02 (1 year ago)	(wordpress) Failed wordpress login from 132.148.185.29 (US/United States/Virginia/Ashburn/a2plwpweb0 ... show more (wordpress) Failed wordpress login from 132.148.185.29 (US/United States/Virginia/Ashburn/a2plwpweb011.prod.iad2.secureserver.net/[redacted]): (CF_ENABLE) show less	Brute-Force
🇩🇴 mr.robots	2024-09-30 19:00:37 (1 year ago)	Failed password for invalid user	DDoS Attack Port Scan Hacking SQL Injection Brute-Force Web App Attack
🇦🇺 HJ5Ss4Ju	2024-09-24 05:10:09 (1 year ago)	Blocked by Wordfence (SID 6)	Web App Attack

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 195.63.30.88

🇺🇸 195.63.3.53

🇭🇰 165.154.6.75

🇻🇪 154.45.183.125

🇨🇳 119.29.93.87

🇨🇦 99.251.180.128

🇨🇦 85.217.149.66

🇺🇸 52.240.168.197

🇷🇺 45.91.64.7

🇰🇿 5.76.16.216

🇧🇷 2800:3f0:4001:c04::125

🇹🇳 197.30.201.75

🇨🇦 195.63.16.43

🇺🇸 195.63.14.87

🇨🇱 190.217.171.30

🇨🇳 111.162.149.203

🇮🇩 103.154.231.122

🇫🇷 91.231.89.76

🇫🇷 91.231.89.15

🇫🇷 51.68.226.87