148.70.104.221

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
148.70.104.232	attackspam	Aug 26 00:25:43 TORMINT sshd\[16548\]: Invalid user ncim from 148.70.104.232 Aug 26 00:25:43 TORMINT sshd\[16548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.104.232 Aug 26 00:25:44 TORMINT sshd\[16548\]: Failed password for invalid user ncim from 148.70.104.232 port 47360 ssh2 ...	2019-08-26 18:47:37
148.70.104.232	attackbots	Aug 20 06:34:24 hcbb sshd\[24284\]: Invalid user mao from 148.70.104.232 Aug 20 06:34:24 hcbb sshd\[24284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.104.232 Aug 20 06:34:26 hcbb sshd\[24284\]: Failed password for invalid user mao from 148.70.104.232 port 56438 ssh2 Aug 20 06:42:20 hcbb sshd\[25080\]: Invalid user admin from 148.70.104.232 Aug 20 06:42:20 hcbb sshd\[25080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.104.232	2019-08-21 09:32:43

类型

评论内容

时间

148.70.104.232

attackspam

Aug 26 00:25:43 TORMINT sshd\[16548\]: Invalid user ncim from 148.70.104.232
Aug 26 00:25:43 TORMINT sshd\[16548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.104.232
Aug 26 00:25:44 TORMINT sshd\[16548\]: Failed password for invalid user ncim from 148.70.104.232 port 47360 ssh2
...

2019-08-26 18:47:37

148.70.104.232

attackbots

Aug 20 06:34:24 hcbb sshd\[24284\]: Invalid user mao from 148.70.104.232
Aug 20 06:34:24 hcbb sshd\[24284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.104.232
Aug 20 06:34:26 hcbb sshd\[24284\]: Failed password for invalid user mao from 148.70.104.232 port 56438 ssh2
Aug 20 06:42:20 hcbb sshd\[25080\]: Invalid user admin from 148.70.104.232
Aug 20 06:42:20 hcbb sshd\[25080\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.104.232

2019-08-21 09:32:43

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.104.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29011
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.104.221.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 00:20:51 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 221.104.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 221.104.70.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
188.191.4.158	attackspambots	Honeypot attack, port: 445, PTR: sktv-188.191.4.158.kamtv.ru.	2020-04-17 21:14:00
23.96.126.127	attackspambots	Invalid user admin from 23.96.126.127 port 33206	2020-04-17 21:14:35
111.229.16.126	attack	Brute-force attempt banned	2020-04-17 21:06:43
123.206.14.58	attackspam	2020-04-17T12:30:29.123244abusebot-6.cloudsearch.cf sshd[16086]: Invalid user admin from 123.206.14.58 port 33576 2020-04-17T12:30:29.129756abusebot-6.cloudsearch.cf sshd[16086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.14.58 2020-04-17T12:30:29.123244abusebot-6.cloudsearch.cf sshd[16086]: Invalid user admin from 123.206.14.58 port 33576 2020-04-17T12:30:31.163672abusebot-6.cloudsearch.cf sshd[16086]: Failed password for invalid user admin from 123.206.14.58 port 33576 ssh2 2020-04-17T12:33:07.466783abusebot-6.cloudsearch.cf sshd[16270]: Invalid user ftpuser from 123.206.14.58 port 47813 2020-04-17T12:33:07.472629abusebot-6.cloudsearch.cf sshd[16270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.14.58 2020-04-17T12:33:07.466783abusebot-6.cloudsearch.cf sshd[16270]: Invalid user ftpuser from 123.206.14.58 port 47813 2020-04-17T12:33:08.864045abusebot-6.cloudsearch.cf sshd[16270]: Fa ...	2020-04-17 21:12:26
182.61.105.189	attack	Apr 17 20:03:30 webhost01 sshd[6961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.105.189 Apr 17 20:03:33 webhost01 sshd[6961]: Failed password for invalid user ez from 182.61.105.189 port 34876 ssh2 ...	2020-04-17 21:05:34
222.186.15.62	attack	Apr 17 14:52:38 ovpn sshd\[4768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Apr 17 14:52:40 ovpn sshd\[4768\]: Failed password for root from 222.186.15.62 port 58400 ssh2 Apr 17 15:11:46 ovpn sshd\[9233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.62 user=root Apr 17 15:11:47 ovpn sshd\[9233\]: Failed password for root from 222.186.15.62 port 29334 ssh2 Apr 17 15:11:49 ovpn sshd\[9233\]: Failed password for root from 222.186.15.62 port 29334 ssh2	2020-04-17 21:16:40
146.120.111.254	attack	Honeypot attack, port: 81, PTR: host-254.kbbx.ru.	2020-04-17 21:32:48
195.182.22.223	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 21:05:14
45.143.220.140	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-17 21:21:40
91.121.45.5	attack	Apr 17 10:04:41 vps46666688 sshd[2877]: Failed password for root from 91.121.45.5 port 64742 ssh2 ...	2020-04-17 21:36:52
141.98.80.30	attack	Apr 17 13:51:25 mail postfix/smtpd\[29099\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 17 13:51:25 mail postfix/smtpd\[29711\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 17 13:51:43 mail postfix/smtpd\[29715\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Apr 17 13:51:43 mail postfix/smtpd\[29714\]: warning: unknown\[141.98.80.30\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-04-17 21:35:54
132.255.228.38	attackspambots	Apr 17 14:16:38 vps647732 sshd[28570]: Failed password for root from 132.255.228.38 port 39982 ssh2 ...	2020-04-17 21:08:55
106.12.69.68	attackbotsspam	Apr 17 14:51:45 ncomp sshd[12193]: Invalid user test from 106.12.69.68 Apr 17 14:51:45 ncomp sshd[12193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.69.68 Apr 17 14:51:45 ncomp sshd[12193]: Invalid user test from 106.12.69.68 Apr 17 14:51:47 ncomp sshd[12193]: Failed password for invalid user test from 106.12.69.68 port 52926 ssh2	2020-04-17 21:15:33
106.13.178.153	attack	leo_www	2020-04-17 21:17:28
106.13.20.61	attackbots	(sshd) Failed SSH login from 106.13.20.61 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 17 15:58:23 s1 sshd[23809]: Invalid user md from 106.13.20.61 port 59934 Apr 17 15:58:25 s1 sshd[23809]: Failed password for invalid user md from 106.13.20.61 port 59934 ssh2 Apr 17 16:05:41 s1 sshd[24306]: Invalid user ng from 106.13.20.61 port 51852 Apr 17 16:05:43 s1 sshd[24306]: Failed password for invalid user ng from 106.13.20.61 port 51852 ssh2 Apr 17 16:08:57 s1 sshd[24486]: Invalid user hadoop from 106.13.20.61 port 55946	2020-04-17 21:24:15

最近上报的IP列表

35.185.82.214	73.138.164.239	35.185.68.193	191.130.175.135
35.185.26.221	213.32.253.165	2404:f080:1101:318:150:95:105:108	191.5.115.18
181.192.55.136	98.239.24.50	35.180.47.211	50.182.25.179
35.173.203.17	35.157.209.53	35.154.4.211	154.67.7.95
35.154.232.83	94.11.196.4	35.154.191.189	165.9.241.183