148.66.22.253 Threat Intelligence and Host Information

Share on:

Apr 24, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 45/100

Host and Network Information

Mitre ATT&CK IDs: T1110 - Brute Force
Tags: Brute-Force, Bruteforce, SSH, Telnet, attack, login, scanner, tsec
View other sources: Spamhaus VirusTotal
Country: Hong Kong
Network: AS45753 netsec limited
Noticed: 25 times
Protcols Attacked: ssh
Countries Attacked: United States of America
Passive DNS Results: zjz.xgkongjian.cn test.xgkongjian.cn xgkongjian.cn www.xgkongjian.cn www.stampdir.cn jinrongts.com youyou00.com www.playcf.cn huaijiult.com runsdk.com yunshoufa.vip nba58.vip modcake.club hongkong.afo.ssjmnf.cn hnslbzcl.com qindingtong.com longqingyd.com mmlpdr.com email.grsu.cn abzjob.com www.h1234b.com www.hm3d.top www.xye.me zuo8.top www.zuo8.top cn6n.com izehan.com ftp.hk5.3vcdn.cn guozihou.work www.fon1173.top 8883e.com lyzhuxian.xyz xn–886-5j3e1tv69ng3n.top 886dzcfklm.top ffqn.net ijk88.com jidukj.cn zldjx.cn qingzuizx.xyz zhylk.com www.hackyh.com huusvip.com huuvip.com bowenyijing.com hackyh.com zzhl888.com pmgy.vip yunshangtuan.com s5.hk.3vcdn.cn

Open Ports Detected

22 3306 443

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-28531

Map

Whois Information

NetRange: 148.66.0.0 - 148.66.31.255
CIDR: 148.66.0.0/19
NetName: APNIC
NetHandle: NET-148-66-0-0-1
Parent: NET148 (NET-148-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2017-05-22
Updated: 2017-05-22
Ref: https://rdap.arin.net/registry/ip/148.66.0.0
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
inetnum: 148.66.20.0 - 148.66.23.255
netname: SIMCENTRIC-HK180178033
descr: SIMCENTRIC-HK NETBLOCK
country: HK
admin-c: SNA67-AP
tech-c: SNA67-AP
abuse-c: AH1002-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-NETSEC-HK
mnt-irt: IRT-HK-NETSEC
last-modified: 2021-11-29T05:34:14Z
irt: IRT-HK-NETSEC
address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: NN411-AP
tech-c: NN411-AP
mnt-by: MAINT-HK-NETSEC
last-modified: 2023-04-15T23:46:31Z
role: ABUSE HKNETSEC
address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong
country: ZZ
phone: +000000000
e-mail: [email protected]
admin-c: NN411-AP
tech-c: NN411-AP
nic-hdl: AH1002-AP
abuse-mailbox: [email protected]
mnt-by: APNIC-ABUSE
last-modified: 2023-04-15T23:46:31Z
person: Simcentric Network Administrator
address: RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon
country: HK
phone: +85227511100
e-mail: [email protected]
nic-hdl: SNA67-AP
mnt-by: MAINT-SIMCENTRIC-HK
last-modified: 2017-05-23T05:27:23Z
route: 148.66.22.0/24
origin: AS45753
descr: Netsec Limited
mnt-by: MAINT-NETSEC-HK
last-modified: 2021-11-29T08:46:35Z
route: 148.66.22.0/24
origin: AS9744
descr: Netsec Limited
mnt-by: MAINT-NETSEC-HK
last-modified: 2021-11-29T08:26:48Z

Links to attack logs

dosing-ssh-bruteforce-ip-list-2023-04-24 bruteforce-ip-list-2023-04-21