2.58.148.42 - IPInfo

Basic Info

City: Amsterdam

Region: Noord Holland

Country: The Netherlands

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
2.58.148.71	spamattack	PHISHING AND SPAM ATTACK GROUP USES LayerHost, IP SERVER LLC, Root Networks LLC, Serverion BV, XSServer GmbH, Xervers, Colocrossing 104.148.18.18 Bitcoin Select arianna.lavoi@boschbuy.club, Dividends Paid Every 60 Minutes - New underground DeFi crypto, 05 Jul 2021 2.58.148.71 Save on the Cost of Gas - Effuel@shofybox.us, This Simple Device Saves You 25% on Your Car's Fuel Consumption, Wed, 7 Jul inetnum: 2.58.148.0 - 2.58.149.255 org-name: Serverion BV inetnum: 5.252.192.0 - 5.252.195.255 org-name: IP SERVER LLC NetRange: 23.247.0.0 - 23.247.127.255 OrgName: LayerHost NetRange: 31.210.22.0 - 31.210.23.255 org-name: Serverion BV NetRange: 103.73.156.0 - 103.73.156.255 OrgName: LayerHost NetRange: 104.148.0.0 - 104.148.127.255 OrgName: LayerHost NetRange: 104.223.128.0 - 104.223.255.255 OrgName: LayerHost NetRange: 107.179.0.0 - 107.179.127.255 OrgName: LayerHost NetRange: 134.73.0.0 - 134.73.255.255 CustName: Root Networks LLC NetRange: 157.52.128.0 - 157.52.255.255 OrgName: LayerHost NetRange: 185.239.242.0 - 185.239.242.255 org-name: Serverion BV inetnum: 194.59.216.0 - 194.59.217.255 org-name: Serverion BV inetnum: 195.62.32.0 - 195.62.33.255 org-name: XSServer GmbH inetnum: 195.133.12.0 - 195.133.15.255 netname: Xervers inetnum: 195.133.39.0 - 195.133.39.255 org-name: Serverion BV NetRange: 198.12.64.0 - 198.12.127.255 OrgName: ColoCrossing Some similar emails from same group 5.252.194.15 Plansforsheds - EasyShedPlans@ultraboostz.co, Discover The Easiest Way To Build Beautiful Sheds..., 15 Jun 2021 31.210.22.9 Fat belly - info@bloodpressure.buzz, Japanese “Fix” for Belly Fat?, 17 Jun 2021 31.210.22.106 On Hold - OnHold@ecobuds.us, Your FREE Red Laser Targeting System, 21 Jun 2021	2021-07-08 06:00:22

Type

Details

Datetime

2.58.148.71

spamattack

PHISHING AND SPAM ATTACK
GROUP USES LayerHost, IP SERVER LLC, Root Networks LLC, Serverion BV, XSServer GmbH, Xervers, Colocrossing
104.148.18.18	Bitcoin Select arianna.lavoi@boschbuy.club, Dividends Paid Every 60 Minutes - New underground DeFi crypto, 05 Jul 2021
2.58.148.71	Save on the Cost of Gas - Effuel@shofybox.us, This Simple Device Saves You 25% on Your Car's Fuel Consumption, Wed, 7 Jul 
inetnum:        2.58.148.0 - 2.58.149.255	org-name:       Serverion BV
inetnum:        5.252.192.0 - 5.252.195.255	org-name:       IP SERVER LLC
NetRange:       23.247.0.0 - 23.247.127.255	OrgName:        LayerHost
NetRange:       31.210.22.0 - 31.210.23.255	org-name:       Serverion BV
NetRange:       103.73.156.0 - 103.73.156.255	OrgName:        LayerHost
NetRange:       104.148.0.0 - 104.148.127.255	OrgName:        LayerHost
NetRange:       104.223.128.0 - 104.223.255.255 OrgName:        LayerHost
NetRange:       107.179.0.0 - 107.179.127.255	OrgName:        LayerHost
NetRange:       134.73.0.0 - 134.73.255.255	CustName:       Root Networks LLC
NetRange:       157.52.128.0 - 157.52.255.255	OrgName:        LayerHost
NetRange:       185.239.242.0 - 185.239.242.255	org-name:       Serverion BV
inetnum:        194.59.216.0 - 194.59.217.255	org-name:       Serverion BV
inetnum:        195.62.32.0 - 195.62.33.255	org-name:       XSServer GmbH
inetnum:        195.133.12.0 - 195.133.15.255   netname:        Xervers
inetnum:        195.133.39.0 - 195.133.39.255	org-name:       Serverion BV
NetRange:       198.12.64.0 - 198.12.127.255	OrgName:        ColoCrossing
Some similar emails from same group
5.252.194.15  	Plansforsheds - EasyShedPlans@ultraboostz.co, Discover The Easiest Way To Build Beautiful Sheds..., 15 Jun 2021 
31.210.22.9    	Fat belly - info@bloodpressure.buzz,  Japanese “Fix” for Belly Fat?, 17 Jun 2021
31.210.22.106  	On Hold - OnHold@ecobuds.us, Your FREE Red Laser Targeting System, 21 Jun 2021

2021-07-08 06:00:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.58.148.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10824
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;2.58.148.42.			IN	A

;; AUTHORITY SECTION:
.			133	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024040402 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 05 07:22:30 CST 2024
;; MSG SIZE  rcvd: 104

Host info

42.148.58.2.in-addr.arpa domain name pointer irenemarshall.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.148.58.2.in-addr.arpa	name = irenemarshall.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.237.109.52	attack	Oct 15 22:49:11 elektron postfix/smtpd\[26370\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\ Oct 15 22:49:45 elektron postfix/smtpd\[28859\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\ Oct 15 22:50:19 elektron postfix/smtpd\[28859\]: NOQUEUE: reject: RCPT from unknown\[114.237.109.52\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[114.237.109.52\]\; from=\ to=\ proto=ESMTP helo=\	2019-10-16 09:58:03
112.45.122.9	attack	SPAM Delivery Attempt	2019-10-16 09:31:24
176.74.8.99	attack	[portscan] Port scan	2019-10-16 09:54:01
117.102.68.188	attack	Automatic report - Banned IP Access	2019-10-16 10:00:50
78.107.161.23	attackspambots	Multiple failed RDP login attempts	2019-10-16 10:03:57
134.175.80.27	attack	Oct 15 22:38:58 markkoudstaal sshd[20513]: Failed password for root from 134.175.80.27 port 53460 ssh2 Oct 15 22:43:30 markkoudstaal sshd[20976]: Failed password for root from 134.175.80.27 port 35780 ssh2	2019-10-16 10:04:55
192.99.31.122	attackbots	C1,WP GET /suche/wp-login.php	2019-10-16 09:52:36
46.118.232.192	attackspambots	Automated report (2019-10-15T19:49:44+00:00). Faked user agent detected.	2019-10-16 09:47:14
54.175.110.204	attackbotsspam	by Amazon Technologies Inc.	2019-10-16 10:01:19
212.237.23.252	attack	Invalid user Jaqueline from 212.237.23.252 port 56678	2019-10-16 09:36:58
49.234.115.143	attack	Oct 15 15:57:51 hanapaa sshd\[27892\]: Invalid user passw0rd from 49.234.115.143 Oct 15 15:57:51 hanapaa sshd\[27892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.115.143 Oct 15 15:57:53 hanapaa sshd\[27892\]: Failed password for invalid user passw0rd from 49.234.115.143 port 50660 ssh2 Oct 15 16:02:02 hanapaa sshd\[28216\]: Invalid user P4ssw0rd1 from 49.234.115.143 Oct 15 16:02:02 hanapaa sshd\[28216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.115.143	2019-10-16 10:06:50
34.93.39.12	attackspambots	Banned for posting to wp-login.php without referer {"log":"agent-6438","pwd":"gimboroot","wp-submit":"Log In","redirect_to":"http:\/\/www.jeannemoyer.com\/wp-admin\/","testcookie":"1"}	2019-10-16 09:58:36
149.156.132.93	attackbots	Oct 16 04:21:30 www sshd\[56630\]: Invalid user fcweb from 149.156.132.93 Oct 16 04:21:30 www sshd\[56630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.156.132.93 Oct 16 04:21:33 www sshd\[56630\]: Failed password for invalid user fcweb from 149.156.132.93 port 52118 ssh2 ...	2019-10-16 09:38:50
109.201.17.45	attackspam	Unauthorised access (Oct 15) SRC=109.201.17.45 LEN=40 PREC=0x20 TTL=238 ID=12935 TCP DPT=1433 WINDOW=1024 SYN	2019-10-16 10:05:50
94.191.70.163	attack	Oct 16 02:31:33 vpn01 sshd[26795]: Failed password for root from 94.191.70.163 port 47634 ssh2 Oct 16 02:37:01 vpn01 sshd[26847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.70.163 ...	2019-10-16 09:41:08

Recently Reported IPs

2.58.173.164	2.58.74.75	2.58.74.238	2.58.74.122
2.58.201.178	2.58.216.163	2.59.21.176	2.59.21.230
2.59.157.148	3.0.182.155	3.0.134.225	3.0.175.34
3.0.90.1	3.0.180.108	3.0.166.60	1.15.61.145
2.56.72.204	3.0.78.236	3.0.171.137	3.0.95.243