132.148.14.22 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
132.148.141.147	attackspambots	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-27 20:33:12
132.148.141.147	attackspam	Website login hacking attempts.	2020-08-26 22:47:17
132.148.141.147	attackbotsspam	132.148.141.147 - - [26/Aug/2020:10:58:04 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [26/Aug/2020:10:58:11 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [26/Aug/2020:10:58:12 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-26 18:10:54
132.148.141.147	attack	132.148.141.147 - - [15/Aug/2020:15:28:12 +0100] "POST /wp-login.php HTTP/1.1" 200 1969 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [15/Aug/2020:15:28:14 +0100] "POST /wp-login.php HTTP/1.1" 200 1977 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [15/Aug/2020:15:28:16 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-16 00:10:53
132.148.141.147	attackspambots	/wp-login.php	2020-08-15 00:25:01
132.148.141.147	attackbotsspam	notenfalter.de 132.148.141.147 [08/Aug/2020:12:34:39 +0200] "POST /wp-login.php HTTP/1.1" 200 6193 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" notenfalter.de 132.148.141.147 [08/Aug/2020:12:34:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-08 19:44:28
132.148.141.147	attackbotsspam	Trolling for resource vulnerabilities	2020-07-25 06:42:05
132.148.141.147	attackbots	Trolling for resource vulnerabilities	2020-07-21 13:33:57
132.148.141.147	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-07-07 15:47:25
132.148.141.147	attackbotsspam	132.148.141.147 - - [04/Jul/2020:19:53:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1998 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [04/Jul/2020:19:53:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [04/Jul/2020:19:54:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2048 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-05 04:03:04
132.148.141.147	attackbots	132.148.141.147 - - [03/Jul/2020:14:02:39 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [03/Jul/2020:14:16:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15231 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-04 00:33:19
132.148.141.147	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-30 01:04:18
132.148.141.147	attackbots	132.148.141.147 - - [27/Jun/2020:12:16:04 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [27/Jun/2020:12:16:05 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [27/Jun/2020:12:16:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-27 20:02:07
132.148.141.147	attack	132.148.141.147 - - [24/Jun/2020:09:26:17 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [24/Jun/2020:09:26:18 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.141.147 - - [24/Jun/2020:09:26:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-24 17:30:27
132.148.141.147	attackbots	Automatic report - XMLRPC Attack	2020-06-16 01:31:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.14.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59743
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;132.148.14.22.			IN	A

;; AUTHORITY SECTION:
.			279	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061200 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 12 13:26:32 CST 2022
;; MSG SIZE  rcvd: 106

Host info

22.14.148.132.in-addr.arpa domain name pointer ip-132-148-14-22.ip.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.14.148.132.in-addr.arpa	name = ip-132-148-14-22.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.92.35.172	attackspam	Feb 22 01:22:38 gutwein sshd[3519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.92.35.172 user=r.r Feb 22 01:22:40 gutwein sshd[3519]: Failed password for r.r from 113.92.35.172 port 46222 ssh2 Feb 22 01:22:40 gutwein sshd[3519]: Received disconnect from 113.92.35.172: 11: Bye Bye [preauth] Feb 22 01:37:09 gutwein sshd[8350]: Failed password for invalid user jacky from 113.92.35.172 port 57650 ssh2 Feb 22 01:37:09 gutwein sshd[8350]: Received disconnect from 113.92.35.172: 11: Bye Bye [preauth] Feb 22 01:41:50 gutwein sshd[9974]: Failed password for invalid user frodo from 113.92.35.172 port 58846 ssh2 Feb 22 01:41:50 gutwein sshd[9974]: Received disconnect from 113.92.35.172: 11: Bye Bye [preauth] Feb 22 01:46:25 gutwein sshd[11506]: Failed password for invalid user anonymous from 113.92.35.172 port 60056 ssh2 Feb 22 01:46:25 gutwein sshd[11506]: Received disconnect from 113.92.35.172: 11: Bye Bye [preauth] ........ ------------------------------------------	2020-02-22 20:31:15
77.247.110.168	attackbots	firewall-block, port(s): 5038/tcp	2020-02-22 20:01:42
136.55.161.35	attack	Invalid user postgres from 136.55.161.35 port 60148	2020-02-22 20:07:53
181.123.177.204	attack	DATE:2020-02-22 13:07:53, IP:181.123.177.204, PORT:ssh SSH brute force auth (docker-dc)	2020-02-22 20:18:26
66.249.79.151	attackspambots	Malicious brute force vulnerability hacking attacks	2020-02-22 20:06:12
51.158.120.115	attackbotsspam	Invalid user www from 51.158.120.115 port 53352	2020-02-22 19:58:10
184.167.32.172	attack	Feb 22 10:31:21 ns382633 sshd\[21123\]: Invalid user mumble from 184.167.32.172 port 42632 Feb 22 10:31:21 ns382633 sshd\[21123\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.167.32.172 Feb 22 10:31:22 ns382633 sshd\[21123\]: Failed password for invalid user mumble from 184.167.32.172 port 42632 ssh2 Feb 22 11:18:21 ns382633 sshd\[28630\]: Invalid user hduser from 184.167.32.172 port 34518 Feb 22 11:18:21 ns382633 sshd\[28630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.167.32.172	2020-02-22 20:23:03
188.87.101.119	attackspam	2020-02-22T11:42:01.771031host3.slimhost.com.ua sshd[1875259]: Invalid user at from 188.87.101.119 port 18083 2020-02-22T11:42:01.776429host3.slimhost.com.ua sshd[1875259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-119-101-87-188.ipcom.comunitel.net 2020-02-22T11:42:01.771031host3.slimhost.com.ua sshd[1875259]: Invalid user at from 188.87.101.119 port 18083 2020-02-22T11:42:03.872185host3.slimhost.com.ua sshd[1875259]: Failed password for invalid user at from 188.87.101.119 port 18083 ssh2 2020-02-22T11:43:19.324280host3.slimhost.com.ua sshd[1876095]: Invalid user wpyan from 188.87.101.119 port 17733 ...	2020-02-22 20:16:15
14.237.103.195	attackbotsspam	1582346635 - 02/22/2020 05:43:55 Host: 14.237.103.195/14.237.103.195 Port: 445 TCP Blocked	2020-02-22 20:07:24
103.139.219.9	attackspambots	Automatic report - Port Scan Attack	2020-02-22 20:04:32
60.254.62.111	attackspam	IN_APNIC-HM_<177>1582346599 [1:2403396:55517] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 49 [Classification: Misc Attack] [Priority: 2] {TCP} 60.254.62.111:43833	2020-02-22 20:21:59
51.255.150.119	attack	Invalid user mssql from 51.255.150.119 port 50176	2020-02-22 20:11:31
190.217.68.204	attackspambots	Unauthorized connection attempt detected from IP address 190.217.68.204 to port 445	2020-02-22 20:24:56
185.176.27.6	attackbotsspam	02/22/2020-12:42:31.334713 185.176.27.6 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-22 19:56:07
51.91.159.46	attackbotsspam	Feb 22 10:11:54 localhost sshd\[9324\]: Invalid user sanchi from 51.91.159.46 Feb 22 10:11:54 localhost sshd\[9324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.159.46 Feb 22 10:11:56 localhost sshd\[9324\]: Failed password for invalid user sanchi from 51.91.159.46 port 49936 ssh2 Feb 22 10:13:50 localhost sshd\[9346\]: Invalid user wy from 51.91.159.46 Feb 22 10:13:50 localhost sshd\[9346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.159.46 ...	2020-02-22 20:11:49

Recently Reported IPs

82.151.113.60	137.226.6.170	137.226.5.121	137.226.24.1
92.220.162.17	137.226.24.3	93.22.131.239	183.109.125.54
137.226.24.115	23.128.248.95	15.235.45.154	182.43.20.69
252.214.67.1	211.112.76.2	94.102.61.10	94.253.36.22
94.158.219.205	94.216.178.208	95.34.158.35	137.226.24.84