148.66.21.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Simcentric Solutions Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-04-26 21:41:04

Type

Details

Datetime

attack

This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx  
For more information, or to report interesting/incorrect findings, contact us - bot@tines.io

2020-04-26 21:41:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.21.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11256
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.66.21.58.			IN	A

;; AUTHORITY SECTION:
.			542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042600 1800 900 604800 86400

;; Query time: 127 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 26 21:40:55 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 58.21.66.148.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 58.21.66.148.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.30.218	attack	Brute-force attempt banned	2020-04-21 13:14:15
14.162.177.197	attackbots	Apr 20 23:55:39 mail sshd\[65170\]: Invalid user guest from 14.162.177.197 ...	2020-04-21 13:52:08
142.93.109.231	attackbotsspam	Apr 21 07:25:30 meumeu sshd[7158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.109.231 Apr 21 07:25:32 meumeu sshd[7158]: Failed password for invalid user dw from 142.93.109.231 port 42760 ssh2 Apr 21 07:29:35 meumeu sshd[7863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.109.231 ...	2020-04-21 13:33:13
49.232.64.41	attack	Bruteforce detected by fail2ban	2020-04-21 13:38:44
27.128.233.104	attackbotsspam	$f2bV_matches	2020-04-21 13:49:31
117.50.105.55	attack	ssh intrusion attempt	2020-04-21 13:49:46
117.50.65.85	attack	Invalid user admin from 117.50.65.85 port 59328	2020-04-21 13:31:39
95.167.225.81	attackbotsspam	(sshd) Failed SSH login from 95.167.225.81 (RU/Russia/-): 5 in the last 3600 secs	2020-04-21 13:24:23
113.105.80.34	attackspambots	Invalid user ld from 113.105.80.34 port 56698	2020-04-21 13:33:43
222.186.42.155	attackspambots	Unauthorized connection attempt detected from IP address 222.186.42.155 to port 22 [T]	2020-04-21 13:20:39
202.131.152.2	attackbotsspam	2020-04-21T03:47:04.688886abusebot-7.cloudsearch.cf sshd[25174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 user=root 2020-04-21T03:47:06.554243abusebot-7.cloudsearch.cf sshd[25174]: Failed password for root from 202.131.152.2 port 50517 ssh2 2020-04-21T03:51:27.418202abusebot-7.cloudsearch.cf sshd[25527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 user=root 2020-04-21T03:51:30.055201abusebot-7.cloudsearch.cf sshd[25527]: Failed password for root from 202.131.152.2 port 58941 ssh2 2020-04-21T03:55:47.389642abusebot-7.cloudsearch.cf sshd[25748]: Invalid user admin from 202.131.152.2 port 39143 2020-04-21T03:55:47.399020abusebot-7.cloudsearch.cf sshd[25748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 2020-04-21T03:55:47.389642abusebot-7.cloudsearch.cf sshd[25748]: Invalid user admin from 202.131.152.2 port 39143 ...	2020-04-21 13:41:03
45.142.195.3	attackbotsspam	Apr 21 07:03:05 relay postfix/smtpd\[11885\]: warning: unknown\[45.142.195.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 07:03:33 relay postfix/smtpd\[1648\]: warning: unknown\[45.142.195.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 07:03:42 relay postfix/smtpd\[11885\]: warning: unknown\[45.142.195.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 07:04:11 relay postfix/smtpd\[1648\]: warning: unknown\[45.142.195.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 07:04:20 relay postfix/smtpd\[11885\]: warning: unknown\[45.142.195.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-21 13:11:29
185.85.191.196	attackbotsspam	see-Joomla Admin : try to force the door...	2020-04-21 13:18:51
139.199.59.31	attack	Apr 21 06:28:47 [host] sshd[7708]: pam_unix(sshd:a Apr 21 06:28:48 [host] sshd[7708]: Failed password Apr 21 06:32:58 [host] sshd[7832]: pam_unix(sshd:a	2020-04-21 13:35:16
168.128.86.35	attackbots	Invalid user postgres from 168.128.86.35 port 57716	2020-04-21 13:15:18

Recently Reported IPs

103.133.107.65	103.99.0.208	94.41.208.52	48.70.199.28
73.194.26.218	224.104.83.104	91.134.159.96	86.227.201.225
153.227.113.252	0.134.199.209	187.212.93.157	236.28.107.201
49.191.182.120	26.129.39.134	135.201.7.197	221.241.38.42
52.60.205.170	33.110.114.241	26.31.153.190	132.151.38.12