132.148.148.21

Basic Info

City: Scottsdale

Region: Arizona

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[munged]::443 132.148.148.21 - - [29/Feb/2020:15:25:34 +0100] "POST /[munged]: HTTP/1.1" 200 9131 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [29/Feb/2020:15:25:37 +0100] "POST /[munged]: HTTP/1.1" 200 9131 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [29/Feb/2020:15:25:45 +0100] "POST /[munged]: HTTP/1.1" 200 9131 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [29/Feb/2020:15:25:48 +0100] "POST /[munged]: HTTP/1.1" 200 9131 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [29/Feb/2020:15:25:50 +0100] "POST /[munged]: HTTP/1.1" 200 9131 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [29/Feb/2020:15:25:58 +0100] "POST /[munged]: HTTP/1.1" 200 9131 "-" "Mozilla/5.0 (X11	2020-03-01 03:39:44
attackspam	[munged]::443 132.148.148.21 - - [14/Feb/2020:15:11:52 +0100] "POST /[munged]: HTTP/1.1" 200 6852 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [14/Feb/2020:15:11:54 +0100] "POST /[munged]: HTTP/1.1" 200 6711 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [14/Feb/2020:15:11:54 +0100] "POST /[munged]: HTTP/1.1" 200 6711 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-14 23:14:31
attackbots	Website hacking attempt: Wordpress admin access [wp-login.php]	2020-02-02 06:48:15
attackbotsspam	Automatic report - XMLRPC Attack	2019-12-08 17:41:12
attackspam	Automatic report - XMLRPC Attack	2019-11-28 23:56:58
attack	WordPress login Brute force / Web App Attack on client site.	2019-11-23 00:37:24
attack	xmlrpc attack	2019-11-19 15:15:42
attackbotsspam	WordPress wp-login brute force :: 132.148.148.21 0.068 BYPASS [15/Nov/2019:06:50:17 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2134 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-15 16:04:56
attackbotsspam	132.148.148.21 - - [13/Nov/2019:10:19:44 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.148.21 - - [13/Nov/2019:10:19:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.148.21 - - [13/Nov/2019:10:19:45 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.148.21 - - [13/Nov/2019:10:19:46 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.148.21 - - [13/Nov/2019:10:19:47 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 132.148.148.21 - - [13/Nov/2019:10:19:48 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-13 20:18:42
attackspam	Attempt to run wp-login.php	2019-10-30 01:04:16
attackspambots	132.148.148.21 - - \[23/Oct/2019:03:48:57 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 132.148.148.21 - - \[23/Oct/2019:03:48:58 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-10-23 18:02:34
attackspambots	[munged]::443 132.148.148.21 - - [21/Oct/2019:10:09:52 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [21/Oct/2019:10:09:55 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [21/Oct/2019:10:09:58 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [21/Oct/2019:10:10:01 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [21/Oct/2019:10:10:06 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 132.148.148.21 - - [21/Oct/2019:10:10:11 +0200] "POST /[munged]: HTTP/1.1" 200 9077 "-" "Mozilla/5.0 (X11	2019-10-21 19:26:29
attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-10-14 02:18:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 132.148.148.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55381
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;132.148.148.21.			IN	A

;; AUTHORITY SECTION:
.			499	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101300 1800 900 604800 86400

;; Query time: 583 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 14 02:18:08 CST 2019
;; MSG SIZE  rcvd: 118

Host info

21.148.148.132.in-addr.arpa domain name pointer ip-132-148-148-21.ip.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.148.148.132.in-addr.arpa	name = ip-132-148-148-21.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
140.143.228.18	attackspambots	20 attempts against mh-ssh on cloud	2020-10-02 03:16:03
194.87.139.223	attackbotsspam	2020-10-01T18:10:25.375023centos sshd[13221]: Failed password for invalid user filmlight from 194.87.139.223 port 42134 ssh2 2020-10-01T18:17:44.459767centos sshd[13637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.87.139.223 user=root 2020-10-01T18:17:46.279038centos sshd[13637]: Failed password for root from 194.87.139.223 port 44078 ssh2 ...	2020-10-02 03:23:21
154.8.151.81	attackbots	Oct 1 19:38:52 host sshd[22591]: Invalid user test123 from 154.8.151.81 port 53100 ...	2020-10-02 03:08:03
197.248.206.126	attackbots	IP 197.248.206.126 attacked honeypot on port: 23 at 9/30/2020 1:33:38 PM	2020-10-02 02:59:19
45.129.33.143	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-02 03:19:32
201.48.40.153	attack	Oct 1 16:07:08 raspberrypi sshd[23988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.40.153 Oct 1 16:07:09 raspberrypi sshd[23988]: Failed password for invalid user git from 201.48.40.153 port 44047 ssh2 ...	2020-10-02 03:23:04
94.72.104.249	attackspambots	20 attempts against mh-misbehave-ban on air	2020-10-02 03:22:46
5.105.92.13	attackbots	Icarus honeypot on github	2020-10-02 02:55:11
49.88.112.70	attackbotsspam	Oct 2 00:19:26 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 Oct 2 00:19:21 mx sshd[1097344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.70 user=root Oct 2 00:19:24 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 Oct 2 00:19:26 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 Oct 2 00:19:29 mx sshd[1097344]: Failed password for root from 49.88.112.70 port 44133 ssh2 ...	2020-10-02 03:02:06
174.242.143.92	attack	2038	2020-10-02 03:03:28
46.101.84.165	attackbots	CMS (WordPress or Joomla) login attempt.	2020-10-02 03:07:35
70.95.75.25	attackspambots	fail2ban - Attack against Apache (too many 404s)	2020-10-02 02:53:45
104.131.60.112	attackspam	Oct 1 21:08:50 * sshd[9157]: Failed password for root from 104.131.60.112 port 47668 ssh2	2020-10-02 03:14:35
60.196.69.234	attackspambots	DATE:2020-10-01 19:58:38,IP:60.196.69.234,MATCHES:10,PORT:ssh	2020-10-02 03:28:29
182.23.3.226	attackbots	Oct 1 20:12:33 h1745522 sshd[11314]: Invalid user xu from 182.23.3.226 port 58706 Oct 1 20:12:33 h1745522 sshd[11314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.3.226 Oct 1 20:12:33 h1745522 sshd[11314]: Invalid user xu from 182.23.3.226 port 58706 Oct 1 20:12:35 h1745522 sshd[11314]: Failed password for invalid user xu from 182.23.3.226 port 58706 ssh2 Oct 1 20:17:15 h1745522 sshd[11487]: Invalid user sergio from 182.23.3.226 port 37728 Oct 1 20:17:15 h1745522 sshd[11487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.3.226 Oct 1 20:17:15 h1745522 sshd[11487]: Invalid user sergio from 182.23.3.226 port 37728 Oct 1 20:17:17 h1745522 sshd[11487]: Failed password for invalid user sergio from 182.23.3.226 port 37728 ssh2 Oct 1 20:21:48 h1745522 sshd[11667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.3.226 user=root Oct 1 20:21 ...	2020-10-02 03:12:12

Recently Reported IPs

207.160.206.45	34.221.110.149	190.224.219.107	75.131.7.17
66.21.75.60	150.177.223.124	179.97.4.146	125.220.64.9
182.171.168.83	112.133.7.170	143.89.215.204	50.108.188.92
194.173.168.73	196.137.211.153	212.237.53.169	160.90.97.50
78.45.130.108	128.199.243.138	223.220.209.95	174.99.100.72