必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbotsspam
Mar 10 20:05:45 hcbbdb sshd\[7782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=mysql
Mar 10 20:05:47 hcbbdb sshd\[7782\]: Failed password for mysql from 148.70.134.52 port 56382 ssh2
Mar 10 20:15:39 hcbbdb sshd\[8857\]: Invalid user admin from 148.70.134.52
Mar 10 20:15:39 hcbbdb sshd\[8857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Mar 10 20:15:41 hcbbdb sshd\[8857\]: Failed password for invalid user admin from 148.70.134.52 port 60758 ssh2
2020-03-11 07:32:48
attack
Feb 19 04:25:27 php1 sshd\[4401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=backup
Feb 19 04:25:29 php1 sshd\[4401\]: Failed password for backup from 148.70.134.52 port 45086 ssh2
Feb 19 04:34:28 php1 sshd\[5294\]: Invalid user cnc from 148.70.134.52
Feb 19 04:34:28 php1 sshd\[5294\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Feb 19 04:34:30 php1 sshd\[5294\]: Failed password for invalid user cnc from 148.70.134.52 port 44678 ssh2
2020-02-19 23:03:51
attackbots
Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]
2020-02-01 23:45:21
attackbots
Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]
2020-01-27 15:38:04
attackbotsspam
"SSH brute force auth login attempt."
2020-01-23 18:16:45
attackspam
Dec 26 01:22:16 plusreed sshd[28766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=root
Dec 26 01:22:18 plusreed sshd[28766]: Failed password for root from 148.70.134.52 port 47318 ssh2
Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52
Dec 26 01:30:01 plusreed sshd[30659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52
Dec 26 01:30:03 plusreed sshd[30659]: Failed password for invalid user schiller from 148.70.134.52 port 41544 ssh2
...
2019-12-26 14:41:54
attack
2019-12-09T08:31:15.818954abusebot-6.cloudsearch.cf sshd\[28359\]: Invalid user php5 from 148.70.134.52 port 50096
2019-12-09 17:25:51
attackspambots
Dec  8 19:27:11 lnxded63 sshd[7713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Dec  8 19:27:13 lnxded63 sshd[7713]: Failed password for invalid user kuestner from 148.70.134.52 port 41350 ssh2
Dec  8 19:33:40 lnxded63 sshd[8178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
2019-12-09 03:07:25
attack
Dec  5 17:57:48 sauna sshd[110348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Dec  5 17:57:50 sauna sshd[110348]: Failed password for invalid user biochem from 148.70.134.52 port 42898 ssh2
...
2019-12-06 00:00:10
attackspam
Dec  3 15:17:00 *** sshd[16722]: User backup from 148.70.134.52 not allowed because not listed in AllowUsers
2019-12-04 01:41:17
attackspambots
$f2bV_matches
2019-11-24 20:52:31
attackspambots
Nov 19 02:13:11 heissa sshd\[20706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=uucp
Nov 19 02:13:12 heissa sshd\[20706\]: Failed password for uucp from 148.70.134.52 port 43158 ssh2
Nov 19 02:17:35 heissa sshd\[21370\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=root
Nov 19 02:17:37 heissa sshd\[21370\]: Failed password for root from 148.70.134.52 port 51052 ssh2
Nov 19 02:22:05 heissa sshd\[22117\]: Invalid user youji from 148.70.134.52 port 58964
Nov 19 02:22:05 heissa sshd\[22117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
2019-11-19 09:23:50
attackbots
Nov  8 10:51:51 lanister sshd[28108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=root
Nov  8 10:51:53 lanister sshd[28108]: Failed password for root from 148.70.134.52 port 46950 ssh2
Nov  8 10:57:58 lanister sshd[28181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=root
Nov  8 10:58:00 lanister sshd[28181]: Failed password for root from 148.70.134.52 port 56492 ssh2
...
2019-11-09 05:18:34
attackbots
2019-11-06T23:16:19.376940abusebot-2.cloudsearch.cf sshd\[32351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=root
2019-11-07 07:22:32
attack
Oct 30 21:42:01 legacy sshd[17087]: Failed password for root from 148.70.134.52 port 38932 ssh2
Oct 30 21:46:51 legacy sshd[17213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Oct 30 21:46:54 legacy sshd[17213]: Failed password for invalid user it from 148.70.134.52 port 50654 ssh2
...
2019-10-31 06:00:50
attackspam
Oct 30 19:45:49 legacy sshd[13930]: Failed password for root from 148.70.134.52 port 51474 ssh2
Oct 30 19:51:19 legacy sshd[14084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Oct 30 19:51:21 legacy sshd[14084]: Failed password for invalid user student4 from 148.70.134.52 port 34994 ssh2
...
2019-10-31 03:03:09
attackspam
2019-10-22T11:42:16.912625abusebot-6.cloudsearch.cf sshd\[9604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52  user=root
2019-10-23 04:03:28
attackspambots
SSH Bruteforce
2019-10-21 21:40:55
attack
Oct 17 07:09:18 www sshd\[21905\]: Failed password for root from 148.70.134.52 port 53136 ssh2Oct 17 07:14:22 www sshd\[21975\]: Invalid user \* from 148.70.134.52Oct 17 07:14:24 www sshd\[21975\]: Failed password for invalid user \* from 148.70.134.52 port 35430 ssh2
...
2019-10-17 14:23:50
attackbotsspam
Sep 28 12:36:25 localhost sshd\[47649\]: Invalid user vps from 148.70.134.52 port 57220
Sep 28 12:36:25 localhost sshd\[47649\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Sep 28 12:36:27 localhost sshd\[47649\]: Failed password for invalid user vps from 148.70.134.52 port 57220 ssh2
Sep 28 12:41:57 localhost sshd\[47900\]: Invalid user uuidd from 148.70.134.52 port 40444
Sep 28 12:41:57 localhost sshd\[47900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
...
2019-09-28 20:49:05
attackbotsspam
Sep 12 17:50:47 core sshd[10321]: Invalid user 1q2w3e4r from 148.70.134.52 port 42220
Sep 12 17:50:49 core sshd[10321]: Failed password for invalid user 1q2w3e4r from 148.70.134.52 port 42220 ssh2
...
2019-09-13 01:53:47
attack
Aug 25 10:54:28 hpm sshd\[10888\]: Invalid user pasquale from 148.70.134.52
Aug 25 10:54:28 hpm sshd\[10888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Aug 25 10:54:31 hpm sshd\[10888\]: Failed password for invalid user pasquale from 148.70.134.52 port 44202 ssh2
Aug 25 10:59:08 hpm sshd\[11263\]: Invalid user va from 148.70.134.52
Aug 25 10:59:08 hpm sshd\[11263\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
2019-08-26 05:18:24
attack
Aug 16 18:47:22 xtremcommunity sshd\[4848\]: Invalid user a from 148.70.134.52 port 46444
Aug 16 18:47:22 xtremcommunity sshd\[4848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Aug 16 18:47:24 xtremcommunity sshd\[4848\]: Failed password for invalid user a from 148.70.134.52 port 46444 ssh2
Aug 16 18:52:29 xtremcommunity sshd\[5084\]: Invalid user support from 148.70.134.52 port 36180
Aug 16 18:52:29 xtremcommunity sshd\[5084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
...
2019-08-17 06:53:57
attackbotsspam
frenzy
2019-08-03 10:43:04
attackspam
Jul 29 20:25:25 OPSO sshd\[30532\]: Invalid user fredfred from 148.70.134.52 port 33934
Jul 29 20:25:25 OPSO sshd\[30532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
Jul 29 20:25:27 OPSO sshd\[30532\]: Failed password for invalid user fredfred from 148.70.134.52 port 33934 ssh2
Jul 29 20:30:43 OPSO sshd\[31222\]: Invalid user kotenok from 148.70.134.52 port 55546
Jul 29 20:30:43 OPSO sshd\[31222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52
2019-07-30 03:36:58
相同子网IP讨论:
IP 类型 评论内容 时间
148.70.134.245 attackspambots
" "
2019-07-22 15:56:35
148.70.134.245 attackspam
MultiHost/MultiPort Probe, Scan, Hack -
2019-07-18 04:40:06
148.70.134.245 attackspambots
Port scan: Attack repeated for 24 hours
2019-07-17 20:36:19
148.70.134.245 attack
MultiHost/MultiPort Probe, Scan, Hack -
2019-07-08 09:26:39
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.134.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58894
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.134.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 00:55:21 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:
Host 52.134.70.148.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.134.70.148.in-addr.arpa: NXDOMAIN

相关IP信息:
最新评论:
IP 类型 评论内容 时间
187.207.112.38 attackspam
1600448593 - 09/18/2020 19:03:13 Host: 187.207.112.38/187.207.112.38 Port: 445 TCP Blocked
2020-09-19 03:56:53
46.101.4.101 attackbots
Sep 18 13:52:39 ws24vmsma01 sshd[8559]: Failed password for root from 46.101.4.101 port 48272 ssh2
Sep 18 14:03:10 ws24vmsma01 sshd[163263]: Failed password for root from 46.101.4.101 port 39856 ssh2
...
2020-09-19 03:41:55
119.28.53.199 attackspam
DATE:2020-09-18 18:05:29, IP:119.28.53.199, PORT:ssh SSH brute force auth (docker-dc)
2020-09-19 03:36:15
167.71.203.197 attackbots
Sep 18 20:25:20 * sshd[30821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.203.197
Sep 18 20:25:22 * sshd[30821]: Failed password for invalid user guest from 167.71.203.197 port 40754 ssh2
2020-09-19 03:56:24
109.69.1.178 attackbotsspam
Sep 18 18:58:34 inter-technics sshd[1153]: Invalid user jboss from 109.69.1.178 port 43024
Sep 18 18:58:34 inter-technics sshd[1153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.69.1.178
Sep 18 18:58:34 inter-technics sshd[1153]: Invalid user jboss from 109.69.1.178 port 43024
Sep 18 18:58:36 inter-technics sshd[1153]: Failed password for invalid user jboss from 109.69.1.178 port 43024 ssh2
Sep 18 19:03:16 inter-technics sshd[1402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.69.1.178  user=root
Sep 18 19:03:18 inter-technics sshd[1402]: Failed password for root from 109.69.1.178 port 37550 ssh2
...
2020-09-19 03:50:19
78.36.152.186 attackbotsspam
SSH invalid-user multiple login attempts
2020-09-19 03:31:03
144.139.114.150 attackspambots
Automatic report - Banned IP Access
2020-09-19 03:32:30
106.38.33.70 attackspambots
2020-09-18T18:03:35.423882mail.standpoint.com.ua sshd[30426]: Failed password for invalid user shaun from 106.38.33.70 port 40864 ssh2
2020-09-18T18:07:01.880794mail.standpoint.com.ua sshd[30852]: Invalid user ts3bot from 106.38.33.70 port 49602
2020-09-18T18:07:01.883330mail.standpoint.com.ua sshd[30852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.38.33.70
2020-09-18T18:07:01.880794mail.standpoint.com.ua sshd[30852]: Invalid user ts3bot from 106.38.33.70 port 49602
2020-09-18T18:07:03.750525mail.standpoint.com.ua sshd[30852]: Failed password for invalid user ts3bot from 106.38.33.70 port 49602 ssh2
...
2020-09-19 03:36:28
212.64.43.52 attackspam
fail2ban/Sep 18 21:26:08 h1962932 sshd[20949]: Invalid user sts from 212.64.43.52 port 35052
Sep 18 21:26:08 h1962932 sshd[20949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.43.52
Sep 18 21:26:08 h1962932 sshd[20949]: Invalid user sts from 212.64.43.52 port 35052
Sep 18 21:26:10 h1962932 sshd[20949]: Failed password for invalid user sts from 212.64.43.52 port 35052 ssh2
Sep 18 21:32:07 h1962932 sshd[21618]: Invalid user ruben from 212.64.43.52 port 40622
2020-09-19 03:58:56
172.68.186.18 attack
Web Probe / Attack
2020-09-19 03:39:49
77.222.116.152 attackbotsspam
Sep 18 17:01:28 ssh2 sshd[28728]: User root from pool-77-222-116-152.is74.ru not allowed because not listed in AllowUsers
Sep 18 17:01:28 ssh2 sshd[28728]: Failed password for invalid user root from 77.222.116.152 port 56564 ssh2
Sep 18 17:01:28 ssh2 sshd[28728]: Connection closed by invalid user root 77.222.116.152 port 56564 [preauth]
...
2020-09-19 03:52:12
60.243.248.13 attackspam
Listed on    dnsbl-sorbs plus abuseat.org and zen-spamhaus   / proto=6  .  srcport=21700  .  dstport=23  .     (2883)
2020-09-19 03:55:08
115.45.121.183 attackspam
Telnet Honeypot -> Telnet Bruteforce / Login
2020-09-19 04:00:19
62.210.99.227 attackbotsspam
62.210.99.227 - - [18/Sep/2020:20:59:51 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15709 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
62.210.99.227 - - [18/Sep/2020:21:00:01 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-09-19 03:28:43
192.144.210.27 attackspambots
(sshd) Failed SSH login from 192.144.210.27 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 18:44:07 server sshd[19781]: Invalid user avanthi from 192.144.210.27
Sep 18 18:44:07 server sshd[19781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.210.27 
Sep 18 18:44:09 server sshd[19781]: Failed password for invalid user avanthi from 192.144.210.27 port 41982 ssh2
Sep 18 19:03:18 server sshd[22813]: Invalid user admin from 192.144.210.27
Sep 18 19:03:18 server sshd[22813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.210.27
2020-09-19 03:47:21

最近上报的IP列表

94.113.61.145 119.54.49.138 129.123.179.214 67.216.224.29
54.202.120.113 155.8.37.78 108.35.250.15 101.152.117.135
168.228.185.211 124.233.255.149 117.4.162.42 94.189.187.11
149.222.152.140 67.205.138.125 18.4.79.239 61.121.229.187
83.56.51.65 78.189.117.35 97.206.104.198 124.18.99.60