148.70.134.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Mar 10 20:05:45 hcbbdb sshd\[7782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=mysql Mar 10 20:05:47 hcbbdb sshd\[7782\]: Failed password for mysql from 148.70.134.52 port 56382 ssh2 Mar 10 20:15:39 hcbbdb sshd\[8857\]: Invalid user admin from 148.70.134.52 Mar 10 20:15:39 hcbbdb sshd\[8857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Mar 10 20:15:41 hcbbdb sshd\[8857\]: Failed password for invalid user admin from 148.70.134.52 port 60758 ssh2	2020-03-11 07:32:48
attack	Feb 19 04:25:27 php1 sshd\[4401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=backup Feb 19 04:25:29 php1 sshd\[4401\]: Failed password for backup from 148.70.134.52 port 45086 ssh2 Feb 19 04:34:28 php1 sshd\[5294\]: Invalid user cnc from 148.70.134.52 Feb 19 04:34:28 php1 sshd\[5294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Feb 19 04:34:30 php1 sshd\[5294\]: Failed password for invalid user cnc from 148.70.134.52 port 44678 ssh2	2020-02-19 23:03:51
attackbots	Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]	2020-02-01 23:45:21
attackbots	Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]	2020-01-27 15:38:04
attackbotsspam	"SSH brute force auth login attempt."	2020-01-23 18:16:45
attackspam	Dec 26 01:22:16 plusreed sshd[28766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Dec 26 01:22:18 plusreed sshd[28766]: Failed password for root from 148.70.134.52 port 47318 ssh2 Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52 Dec 26 01:30:01 plusreed sshd[30659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52 Dec 26 01:30:03 plusreed sshd[30659]: Failed password for invalid user schiller from 148.70.134.52 port 41544 ssh2 ...	2019-12-26 14:41:54
attack	2019-12-09T08:31:15.818954abusebot-6.cloudsearch.cf sshd\[28359\]: Invalid user php5 from 148.70.134.52 port 50096	2019-12-09 17:25:51
attackspambots	Dec 8 19:27:11 lnxded63 sshd[7713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 8 19:27:13 lnxded63 sshd[7713]: Failed password for invalid user kuestner from 148.70.134.52 port 41350 ssh2 Dec 8 19:33:40 lnxded63 sshd[8178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-12-09 03:07:25
attack	Dec 5 17:57:48 sauna sshd[110348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 5 17:57:50 sauna sshd[110348]: Failed password for invalid user biochem from 148.70.134.52 port 42898 ssh2 ...	2019-12-06 00:00:10
attackspam	Dec 3 15:17:00 *** sshd[16722]: User backup from 148.70.134.52 not allowed because not listed in AllowUsers	2019-12-04 01:41:17
attackspambots	$f2bV_matches	2019-11-24 20:52:31
attackspambots	Nov 19 02:13:11 heissa sshd\[20706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=uucp Nov 19 02:13:12 heissa sshd\[20706\]: Failed password for uucp from 148.70.134.52 port 43158 ssh2 Nov 19 02:17:35 heissa sshd\[21370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 19 02:17:37 heissa sshd\[21370\]: Failed password for root from 148.70.134.52 port 51052 ssh2 Nov 19 02:22:05 heissa sshd\[22117\]: Invalid user youji from 148.70.134.52 port 58964 Nov 19 02:22:05 heissa sshd\[22117\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-11-19 09:23:50
attackbots	Nov 8 10:51:51 lanister sshd[28108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 8 10:51:53 lanister sshd[28108]: Failed password for root from 148.70.134.52 port 46950 ssh2 Nov 8 10:57:58 lanister sshd[28181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 8 10:58:00 lanister sshd[28181]: Failed password for root from 148.70.134.52 port 56492 ssh2 ...	2019-11-09 05:18:34
attackbots	2019-11-06T23:16:19.376940abusebot-2.cloudsearch.cf sshd\[32351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root	2019-11-07 07:22:32
attack	Oct 30 21:42:01 legacy sshd[17087]: Failed password for root from 148.70.134.52 port 38932 ssh2 Oct 30 21:46:51 legacy sshd[17213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Oct 30 21:46:54 legacy sshd[17213]: Failed password for invalid user it from 148.70.134.52 port 50654 ssh2 ...	2019-10-31 06:00:50
attackspam	Oct 30 19:45:49 legacy sshd[13930]: Failed password for root from 148.70.134.52 port 51474 ssh2 Oct 30 19:51:19 legacy sshd[14084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Oct 30 19:51:21 legacy sshd[14084]: Failed password for invalid user student4 from 148.70.134.52 port 34994 ssh2 ...	2019-10-31 03:03:09
attackspam	2019-10-22T11:42:16.912625abusebot-6.cloudsearch.cf sshd\[9604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root	2019-10-23 04:03:28
attackspambots	SSH Bruteforce	2019-10-21 21:40:55
attack	Oct 17 07:09:18 www sshd\[21905\]: Failed password for root from 148.70.134.52 port 53136 ssh2Oct 17 07:14:22 www sshd\[21975\]: Invalid user \* from 148.70.134.52Oct 17 07:14:24 www sshd\[21975\]: Failed password for invalid user \* from 148.70.134.52 port 35430 ssh2 ...	2019-10-17 14:23:50
attackbotsspam	Sep 28 12:36:25 localhost sshd\[47649\]: Invalid user vps from 148.70.134.52 port 57220 Sep 28 12:36:25 localhost sshd\[47649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Sep 28 12:36:27 localhost sshd\[47649\]: Failed password for invalid user vps from 148.70.134.52 port 57220 ssh2 Sep 28 12:41:57 localhost sshd\[47900\]: Invalid user uuidd from 148.70.134.52 port 40444 Sep 28 12:41:57 localhost sshd\[47900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 ...	2019-09-28 20:49:05
attackbotsspam	Sep 12 17:50:47 core sshd[10321]: Invalid user 1q2w3e4r from 148.70.134.52 port 42220 Sep 12 17:50:49 core sshd[10321]: Failed password for invalid user 1q2w3e4r from 148.70.134.52 port 42220 ssh2 ...	2019-09-13 01:53:47
attack	Aug 25 10:54:28 hpm sshd\[10888\]: Invalid user pasquale from 148.70.134.52 Aug 25 10:54:28 hpm sshd\[10888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Aug 25 10:54:31 hpm sshd\[10888\]: Failed password for invalid user pasquale from 148.70.134.52 port 44202 ssh2 Aug 25 10:59:08 hpm sshd\[11263\]: Invalid user va from 148.70.134.52 Aug 25 10:59:08 hpm sshd\[11263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-08-26 05:18:24
attack	Aug 16 18:47:22 xtremcommunity sshd\[4848\]: Invalid user a from 148.70.134.52 port 46444 Aug 16 18:47:22 xtremcommunity sshd\[4848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Aug 16 18:47:24 xtremcommunity sshd\[4848\]: Failed password for invalid user a from 148.70.134.52 port 46444 ssh2 Aug 16 18:52:29 xtremcommunity sshd\[5084\]: Invalid user support from 148.70.134.52 port 36180 Aug 16 18:52:29 xtremcommunity sshd\[5084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 ...	2019-08-17 06:53:57
attackbotsspam	frenzy	2019-08-03 10:43:04
attackspam	Jul 29 20:25:25 OPSO sshd\[30532\]: Invalid user fredfred from 148.70.134.52 port 33934 Jul 29 20:25:25 OPSO sshd\[30532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Jul 29 20:25:27 OPSO sshd\[30532\]: Failed password for invalid user fredfred from 148.70.134.52 port 33934 ssh2 Jul 29 20:30:43 OPSO sshd\[31222\]: Invalid user kotenok from 148.70.134.52 port 55546 Jul 29 20:30:43 OPSO sshd\[31222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-07-30 03:36:58

相同子网IP讨论:

IP	类型	评论内容	时间
148.70.134.245	attackspambots	" "	2019-07-22 15:56:35
148.70.134.245	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-18 04:40:06
148.70.134.245	attackspambots	Port scan: Attack repeated for 24 hours	2019-07-17 20:36:19
148.70.134.245	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-08 09:26:39

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.134.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58894
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.134.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 00:55:21 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.134.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.134.70.148.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
103.87.28.153	attack	Port Scan detected from 103.87.28.153 (IN/India/Maharashtra/Badlapur/-). 4 hits in the last 95 seconds	2020-09-08 02:27:36
119.28.238.101	attack	prod11 ...	2020-09-08 02:38:01
49.145.207.150	attack	1599410879 - 09/06/2020 18:47:59 Host: 49.145.207.150/49.145.207.150 Port: 445 TCP Blocked	2020-09-08 02:24:12
14.232.208.115	attackspam	TCP (SYN) 14.232.208.115:47368 -> port 1433, len 44	2020-09-08 02:07:10
168.151.116.105	attack	Automatic report - Banned IP Access	2020-09-08 02:42:36
103.120.160.178	attack	Wordpress attack	2020-09-08 02:45:04
158.69.199.225	attack	(sshd) Failed SSH login from 158.69.199.225 (CA/Canada/225.ip-158-69-199.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 7 12:17:12 server sshd[7224]: Failed password for root from 158.69.199.225 port 51791 ssh2 Sep 7 12:27:20 server sshd[12438]: Failed password for root from 158.69.199.225 port 47252 ssh2 Sep 7 12:34:47 server sshd[16219]: Failed password for root from 158.69.199.225 port 50882 ssh2 Sep 7 12:41:54 server sshd[21586]: Failed password for root from 158.69.199.225 port 54504 ssh2 Sep 7 12:48:59 server sshd[27884]: Failed password for root from 158.69.199.225 port 58085 ssh2	2020-09-08 02:21:47
36.66.151.17	attackspam	SSH bruteforce	2020-09-08 02:37:23
129.204.248.191	attackspam	TCP (SYN) 129.204.248.191:46802 -> port 30788, len 44	2020-09-08 02:27:10
51.38.239.53	attack	2020-09-07T17:39:38.543557upcloud.m0sh1x2.com sshd[27841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=solution-info-services.fr user=root 2020-09-07T17:39:40.482707upcloud.m0sh1x2.com sshd[27841]: Failed password for root from 51.38.239.53 port 48996 ssh2	2020-09-08 02:12:11
90.103.51.1	attackspam	HTTP/80/443/8080 Probe, BF, WP, Hack -	2020-09-08 02:21:35
192.227.223.165	attackspambots	Malicious/Probing: /wp-includes/wlwmanifest.xml	2020-09-08 02:33:37
111.47.18.22	attackbotsspam	Sep 7 19:14:57 mout sshd[29561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.47.18.22 user=root Sep 7 19:14:59 mout sshd[29561]: Failed password for root from 111.47.18.22 port 2084 ssh2 Sep 7 19:15:00 mout sshd[29561]: Disconnected from authenticating user root 111.47.18.22 port 2084 [preauth]	2020-09-08 02:11:46
106.53.255.167	attackspambots	2020-09-07T10:58:12.626157abusebot-5.cloudsearch.cf sshd[14548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.255.167 user=root 2020-09-07T10:58:14.300552abusebot-5.cloudsearch.cf sshd[14548]: Failed password for root from 106.53.255.167 port 60208 ssh2 2020-09-07T11:00:34.166945abusebot-5.cloudsearch.cf sshd[14552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.255.167 user=root 2020-09-07T11:00:36.001940abusebot-5.cloudsearch.cf sshd[14552]: Failed password for root from 106.53.255.167 port 57780 ssh2 2020-09-07T11:05:21.299643abusebot-5.cloudsearch.cf sshd[14579]: Invalid user oracle from 106.53.255.167 port 52352 2020-09-07T11:05:21.306130abusebot-5.cloudsearch.cf sshd[14579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.255.167 2020-09-07T11:05:21.299643abusebot-5.cloudsearch.cf sshd[14579]: Invalid user oracle from 106.53.255.167 p ...	2020-09-08 02:17:42
103.251.213.122	attack	Unauthorised login to NAS	2020-09-08 02:15:30

最近上报的IP列表

94.113.61.145	119.54.49.138	129.123.179.214	67.216.224.29
54.202.120.113	155.8.37.78	108.35.250.15	101.152.117.135
168.228.185.211	124.233.255.149	117.4.162.42	94.189.187.11
149.222.152.140	67.205.138.125	18.4.79.239	61.121.229.187
83.56.51.65	78.189.117.35	97.206.104.198	124.18.99.60