148.70.129.112

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Invalid user postgresql from 148.70.129.112 port 16018	2020-10-10 23:45:33
attackspam	SSH login attempts.	2020-10-10 15:35:18
attack	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-07-30 07:44:46
attack	Invalid user admin from 148.70.129.112 port 26116	2020-07-15 21:01:47
attackbotsspam	Jun 29 03:54:22 *** sshd[22147]: User root from 148.70.129.112 not allowed because not listed in AllowUsers	2020-06-29 15:23:19
attackbotsspam	Invalid user import from 148.70.129.112 port 47589	2020-06-23 12:33:23
attackspambots	Jun 15 14:10:27 inter-technics sshd[29639]: Invalid user ubuntu from 148.70.129.112 port 57028 Jun 15 14:10:27 inter-technics sshd[29639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.129.112 Jun 15 14:10:27 inter-technics sshd[29639]: Invalid user ubuntu from 148.70.129.112 port 57028 Jun 15 14:10:29 inter-technics sshd[29639]: Failed password for invalid user ubuntu from 148.70.129.112 port 57028 ssh2 Jun 15 14:15:20 inter-technics sshd[29942]: Invalid user ricardo from 148.70.129.112 port 57653 ...	2020-06-16 02:53:35
attackspambots	Jun 11 05:51:24 buvik sshd[29745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.129.112 Jun 11 05:51:25 buvik sshd[29745]: Failed password for invalid user tomcat7 from 148.70.129.112 port 51639 ssh2 Jun 11 05:58:53 buvik sshd[30660]: Invalid user toxic from 148.70.129.112 ...	2020-06-11 12:15:55
attack	May 16 04:38:53 vps647732 sshd[27331]: Failed password for root from 148.70.129.112 port 33758 ssh2 ...	2020-05-16 19:59:32
attack	May 5 15:04:55 gw1 sshd[29020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.129.112 May 5 15:04:57 gw1 sshd[29020]: Failed password for invalid user nagios from 148.70.129.112 port 20002 ssh2 ...	2020-05-05 18:05:11
attack	Apr 27 22:03:07 [host] sshd[5240]: pam_unix(sshd:a Apr 27 22:03:09 [host] sshd[5240]: Failed password Apr 27 22:13:04 [host] sshd[5859]: Invalid user sn	2020-04-28 04:17:47
attack	Invalid user avahi from 148.70.129.112 port 37120	2020-04-25 18:27:24
attackbotsspam	Apr 21 21:50:10 lock-38 sshd[1338341]: Failed password for invalid user jd from 148.70.129.112 port 50676 ssh2 Apr 21 21:50:10 lock-38 sshd[1338341]: Disconnected from invalid user jd 148.70.129.112 port 50676 [preauth] Apr 21 22:01:53 lock-38 sshd[1338636]: Invalid user eq from 148.70.129.112 port 14568 Apr 21 22:01:53 lock-38 sshd[1338636]: Invalid user eq from 148.70.129.112 port 14568 Apr 21 22:01:53 lock-38 sshd[1338636]: Failed password for invalid user eq from 148.70.129.112 port 14568 ssh2 ...	2020-04-22 05:55:56
attack	detected by Fail2Ban	2020-04-11 23:37:07
attackspam	Mar 17 18:36:49 plusreed sshd[20856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.129.112 user=vmail Mar 17 18:36:51 plusreed sshd[20856]: Failed password for vmail from 148.70.129.112 port 48734 ssh2 ...	2020-03-18 07:12:42

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.129.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27439
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.129.112.			IN	A

;; AUTHORITY SECTION:
.			317	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031702 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 18 07:12:39 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 112.129.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 112.129.70.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
116.196.94.108	attackbotsspam	Repeated brute force against a port	2020-07-08 16:10:54
165.227.46.89	attackspam	Jul 8 05:47:07 serwer sshd\[2881\]: Invalid user cnc from 165.227.46.89 port 32770 Jul 8 05:47:07 serwer sshd\[2881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.46.89 Jul 8 05:47:09 serwer sshd\[2881\]: Failed password for invalid user cnc from 165.227.46.89 port 32770 ssh2 ...	2020-07-08 15:53:03
107.180.111.21	attackspambots	/en/wp-includes/wlwmanifest.xml	2020-07-08 16:25:05
212.129.246.52	attackspam	Jul 8 07:57:12 ns382633 sshd\[27328\]: Invalid user kanmura from 212.129.246.52 port 57206 Jul 8 07:57:12 ns382633 sshd\[27328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.246.52 Jul 8 07:57:14 ns382633 sshd\[27328\]: Failed password for invalid user kanmura from 212.129.246.52 port 57206 ssh2 Jul 8 08:14:38 ns382633 sshd\[30419\]: Invalid user test7 from 212.129.246.52 port 57724 Jul 8 08:14:38 ns382633 sshd\[30419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.246.52	2020-07-08 16:11:24
195.91.153.10	attack	Jul 8 08:13:07 havingfunrightnow sshd[32298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.91.153.10 Jul 8 08:13:09 havingfunrightnow sshd[32298]: Failed password for invalid user hphk from 195.91.153.10 port 39557 ssh2 Jul 8 08:33:21 havingfunrightnow sshd[32707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.91.153.10 ...	2020-07-08 16:16:36
110.77.138.123	attack	Jul 8 03:43:33 *** sshd[11979]: Did not receive identification string from 110.77.138.123	2020-07-08 16:15:45
165.22.76.96	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-08T06:32:44Z and 2020-07-08T06:38:29Z	2020-07-08 16:19:31
185.153.208.21	attackspam	prod8 ...	2020-07-08 15:57:07
111.229.78.120	attack	k+ssh-bruteforce	2020-07-08 16:20:17
45.122.221.210	attack	Jul 8 05:43:29 vm0 sshd[1386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.122.221.210 Jul 8 05:43:32 vm0 sshd[1386]: Failed password for invalid user ansible from 45.122.221.210 port 59158 ssh2 ...	2020-07-08 16:21:26
185.25.206.242	attackbots	Jul 8 13:39:29 itv-usvr-02 sshd[12425]: Invalid user bb from 185.25.206.242 port 51170 Jul 8 13:39:29 itv-usvr-02 sshd[12425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.25.206.242 Jul 8 13:39:29 itv-usvr-02 sshd[12425]: Invalid user bb from 185.25.206.242 port 51170 Jul 8 13:39:32 itv-usvr-02 sshd[12425]: Failed password for invalid user bb from 185.25.206.242 port 51170 ssh2 Jul 8 13:45:53 itv-usvr-02 sshd[12683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.25.206.242 user=mail Jul 8 13:45:54 itv-usvr-02 sshd[12683]: Failed password for mail from 185.25.206.242 port 57360 ssh2	2020-07-08 15:51:49
74.208.81.55	attackspambots	enlinea.de 74.208.81.55 [08/Jul/2020:07:32:32 +0200] "POST /wp-login.php HTTP/1.1" 200 6104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" enlinea.de 74.208.81.55 [08/Jul/2020:07:32:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4109 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-08 16:18:07
116.106.179.15	attackbots	1594179840 - 07/08/2020 05:44:00 Host: 116.106.179.15/116.106.179.15 Port: 445 TCP Blocked	2020-07-08 15:50:04
175.101.10.196	attackbots	Automatic report - XMLRPC Attack	2020-07-08 16:15:03
218.92.0.165	attack	2020-07-08T08:20:15.605279mail.csmailer.org sshd[2319]: Failed password for root from 218.92.0.165 port 21362 ssh2 2020-07-08T08:20:18.507781mail.csmailer.org sshd[2319]: Failed password for root from 218.92.0.165 port 21362 ssh2 2020-07-08T08:20:21.822373mail.csmailer.org sshd[2319]: Failed password for root from 218.92.0.165 port 21362 ssh2 2020-07-08T08:20:21.822919mail.csmailer.org sshd[2319]: error: maximum authentication attempts exceeded for root from 218.92.0.165 port 21362 ssh2 [preauth] 2020-07-08T08:20:21.822945mail.csmailer.org sshd[2319]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-08 16:22:56

最近上报的IP列表

84.151.195.201	61.161.45.25	189.152.247.92	111.229.171.219
178.35.144.74	112.226.204.26	103.232.172.42	193.37.72.105
111.229.186.30	103.89.176.74	185.22.9.7	90.102.70.31
45.140.204.199	36.237.198.198	5.188.217.103	137.220.175.40
106.52.44.179	114.36.125.180	83.185.255.176	134.175.129.213