148.70.134.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Mar 10 20:05:45 hcbbdb sshd\[7782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=mysql Mar 10 20:05:47 hcbbdb sshd\[7782\]: Failed password for mysql from 148.70.134.52 port 56382 ssh2 Mar 10 20:15:39 hcbbdb sshd\[8857\]: Invalid user admin from 148.70.134.52 Mar 10 20:15:39 hcbbdb sshd\[8857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Mar 10 20:15:41 hcbbdb sshd\[8857\]: Failed password for invalid user admin from 148.70.134.52 port 60758 ssh2	2020-03-11 07:32:48
attack	Feb 19 04:25:27 php1 sshd\[4401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=backup Feb 19 04:25:29 php1 sshd\[4401\]: Failed password for backup from 148.70.134.52 port 45086 ssh2 Feb 19 04:34:28 php1 sshd\[5294\]: Invalid user cnc from 148.70.134.52 Feb 19 04:34:28 php1 sshd\[5294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Feb 19 04:34:30 php1 sshd\[5294\]: Failed password for invalid user cnc from 148.70.134.52 port 44678 ssh2	2020-02-19 23:03:51
attackbots	Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]	2020-02-01 23:45:21
attackbots	Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]	2020-01-27 15:38:04
attackbotsspam	"SSH brute force auth login attempt."	2020-01-23 18:16:45
attackspam	Dec 26 01:22:16 plusreed sshd[28766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Dec 26 01:22:18 plusreed sshd[28766]: Failed password for root from 148.70.134.52 port 47318 ssh2 Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52 Dec 26 01:30:01 plusreed sshd[30659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52 Dec 26 01:30:03 plusreed sshd[30659]: Failed password for invalid user schiller from 148.70.134.52 port 41544 ssh2 ...	2019-12-26 14:41:54
attack	2019-12-09T08:31:15.818954abusebot-6.cloudsearch.cf sshd\[28359\]: Invalid user php5 from 148.70.134.52 port 50096	2019-12-09 17:25:51
attackspambots	Dec 8 19:27:11 lnxded63 sshd[7713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 8 19:27:13 lnxded63 sshd[7713]: Failed password for invalid user kuestner from 148.70.134.52 port 41350 ssh2 Dec 8 19:33:40 lnxded63 sshd[8178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-12-09 03:07:25
attack	Dec 5 17:57:48 sauna sshd[110348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 5 17:57:50 sauna sshd[110348]: Failed password for invalid user biochem from 148.70.134.52 port 42898 ssh2 ...	2019-12-06 00:00:10
attackspam	Dec 3 15:17:00 *** sshd[16722]: User backup from 148.70.134.52 not allowed because not listed in AllowUsers	2019-12-04 01:41:17
attackspambots	$f2bV_matches	2019-11-24 20:52:31
attackspambots	Nov 19 02:13:11 heissa sshd\[20706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=uucp Nov 19 02:13:12 heissa sshd\[20706\]: Failed password for uucp from 148.70.134.52 port 43158 ssh2 Nov 19 02:17:35 heissa sshd\[21370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 19 02:17:37 heissa sshd\[21370\]: Failed password for root from 148.70.134.52 port 51052 ssh2 Nov 19 02:22:05 heissa sshd\[22117\]: Invalid user youji from 148.70.134.52 port 58964 Nov 19 02:22:05 heissa sshd\[22117\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-11-19 09:23:50
attackbots	Nov 8 10:51:51 lanister sshd[28108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 8 10:51:53 lanister sshd[28108]: Failed password for root from 148.70.134.52 port 46950 ssh2 Nov 8 10:57:58 lanister sshd[28181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 8 10:58:00 lanister sshd[28181]: Failed password for root from 148.70.134.52 port 56492 ssh2 ...	2019-11-09 05:18:34
attackbots	2019-11-06T23:16:19.376940abusebot-2.cloudsearch.cf sshd\[32351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root	2019-11-07 07:22:32
attack	Oct 30 21:42:01 legacy sshd[17087]: Failed password for root from 148.70.134.52 port 38932 ssh2 Oct 30 21:46:51 legacy sshd[17213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Oct 30 21:46:54 legacy sshd[17213]: Failed password for invalid user it from 148.70.134.52 port 50654 ssh2 ...	2019-10-31 06:00:50
attackspam	Oct 30 19:45:49 legacy sshd[13930]: Failed password for root from 148.70.134.52 port 51474 ssh2 Oct 30 19:51:19 legacy sshd[14084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Oct 30 19:51:21 legacy sshd[14084]: Failed password for invalid user student4 from 148.70.134.52 port 34994 ssh2 ...	2019-10-31 03:03:09
attackspam	2019-10-22T11:42:16.912625abusebot-6.cloudsearch.cf sshd\[9604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root	2019-10-23 04:03:28
attackspambots	SSH Bruteforce	2019-10-21 21:40:55
attack	Oct 17 07:09:18 www sshd\[21905\]: Failed password for root from 148.70.134.52 port 53136 ssh2Oct 17 07:14:22 www sshd\[21975\]: Invalid user \* from 148.70.134.52Oct 17 07:14:24 www sshd\[21975\]: Failed password for invalid user \* from 148.70.134.52 port 35430 ssh2 ...	2019-10-17 14:23:50
attackbotsspam	Sep 28 12:36:25 localhost sshd\[47649\]: Invalid user vps from 148.70.134.52 port 57220 Sep 28 12:36:25 localhost sshd\[47649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Sep 28 12:36:27 localhost sshd\[47649\]: Failed password for invalid user vps from 148.70.134.52 port 57220 ssh2 Sep 28 12:41:57 localhost sshd\[47900\]: Invalid user uuidd from 148.70.134.52 port 40444 Sep 28 12:41:57 localhost sshd\[47900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 ...	2019-09-28 20:49:05
attackbotsspam	Sep 12 17:50:47 core sshd[10321]: Invalid user 1q2w3e4r from 148.70.134.52 port 42220 Sep 12 17:50:49 core sshd[10321]: Failed password for invalid user 1q2w3e4r from 148.70.134.52 port 42220 ssh2 ...	2019-09-13 01:53:47
attack	Aug 25 10:54:28 hpm sshd\[10888\]: Invalid user pasquale from 148.70.134.52 Aug 25 10:54:28 hpm sshd\[10888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Aug 25 10:54:31 hpm sshd\[10888\]: Failed password for invalid user pasquale from 148.70.134.52 port 44202 ssh2 Aug 25 10:59:08 hpm sshd\[11263\]: Invalid user va from 148.70.134.52 Aug 25 10:59:08 hpm sshd\[11263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-08-26 05:18:24
attack	Aug 16 18:47:22 xtremcommunity sshd\[4848\]: Invalid user a from 148.70.134.52 port 46444 Aug 16 18:47:22 xtremcommunity sshd\[4848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Aug 16 18:47:24 xtremcommunity sshd\[4848\]: Failed password for invalid user a from 148.70.134.52 port 46444 ssh2 Aug 16 18:52:29 xtremcommunity sshd\[5084\]: Invalid user support from 148.70.134.52 port 36180 Aug 16 18:52:29 xtremcommunity sshd\[5084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 ...	2019-08-17 06:53:57
attackbotsspam	frenzy	2019-08-03 10:43:04
attackspam	Jul 29 20:25:25 OPSO sshd\[30532\]: Invalid user fredfred from 148.70.134.52 port 33934 Jul 29 20:25:25 OPSO sshd\[30532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Jul 29 20:25:27 OPSO sshd\[30532\]: Failed password for invalid user fredfred from 148.70.134.52 port 33934 ssh2 Jul 29 20:30:43 OPSO sshd\[31222\]: Invalid user kotenok from 148.70.134.52 port 55546 Jul 29 20:30:43 OPSO sshd\[31222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-07-30 03:36:58

相同子网IP讨论:

IP	类型	评论内容	时间
148.70.134.245	attackspambots	" "	2019-07-22 15:56:35
148.70.134.245	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-18 04:40:06
148.70.134.245	attackspambots	Port scan: Attack repeated for 24 hours	2019-07-17 20:36:19
148.70.134.245	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-08 09:26:39

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.134.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58894
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.134.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 00:55:21 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.134.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.134.70.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
187.207.112.38	attackspam	1600448593 - 09/18/2020 19:03:13 Host: 187.207.112.38/187.207.112.38 Port: 445 TCP Blocked	2020-09-19 03:56:53
46.101.4.101	attackbots	Sep 18 13:52:39 ws24vmsma01 sshd[8559]: Failed password for root from 46.101.4.101 port 48272 ssh2 Sep 18 14:03:10 ws24vmsma01 sshd[163263]: Failed password for root from 46.101.4.101 port 39856 ssh2 ...	2020-09-19 03:41:55
119.28.53.199	attackspam	DATE:2020-09-18 18:05:29, IP:119.28.53.199, PORT:ssh SSH brute force auth (docker-dc)	2020-09-19 03:36:15
167.71.203.197	attackbots	Sep 18 20:25:20 * sshd[30821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.203.197 Sep 18 20:25:22 * sshd[30821]: Failed password for invalid user guest from 167.71.203.197 port 40754 ssh2	2020-09-19 03:56:24
109.69.1.178	attackbotsspam	Sep 18 18:58:34 inter-technics sshd[1153]: Invalid user jboss from 109.69.1.178 port 43024 Sep 18 18:58:34 inter-technics sshd[1153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.69.1.178 Sep 18 18:58:34 inter-technics sshd[1153]: Invalid user jboss from 109.69.1.178 port 43024 Sep 18 18:58:36 inter-technics sshd[1153]: Failed password for invalid user jboss from 109.69.1.178 port 43024 ssh2 Sep 18 19:03:16 inter-technics sshd[1402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.69.1.178 user=root Sep 18 19:03:18 inter-technics sshd[1402]: Failed password for root from 109.69.1.178 port 37550 ssh2 ...	2020-09-19 03:50:19
78.36.152.186	attackbotsspam	SSH invalid-user multiple login attempts	2020-09-19 03:31:03
144.139.114.150	attackspambots	Automatic report - Banned IP Access	2020-09-19 03:32:30
106.38.33.70	attackspambots	2020-09-18T18:03:35.423882mail.standpoint.com.ua sshd[30426]: Failed password for invalid user shaun from 106.38.33.70 port 40864 ssh2 2020-09-18T18:07:01.880794mail.standpoint.com.ua sshd[30852]: Invalid user ts3bot from 106.38.33.70 port 49602 2020-09-18T18:07:01.883330mail.standpoint.com.ua sshd[30852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.38.33.70 2020-09-18T18:07:01.880794mail.standpoint.com.ua sshd[30852]: Invalid user ts3bot from 106.38.33.70 port 49602 2020-09-18T18:07:03.750525mail.standpoint.com.ua sshd[30852]: Failed password for invalid user ts3bot from 106.38.33.70 port 49602 ssh2 ...	2020-09-19 03:36:28
212.64.43.52	attackspam	fail2ban/Sep 18 21:26:08 h1962932 sshd[20949]: Invalid user sts from 212.64.43.52 port 35052 Sep 18 21:26:08 h1962932 sshd[20949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.43.52 Sep 18 21:26:08 h1962932 sshd[20949]: Invalid user sts from 212.64.43.52 port 35052 Sep 18 21:26:10 h1962932 sshd[20949]: Failed password for invalid user sts from 212.64.43.52 port 35052 ssh2 Sep 18 21:32:07 h1962932 sshd[21618]: Invalid user ruben from 212.64.43.52 port 40622	2020-09-19 03:58:56
172.68.186.18	attack	Web Probe / Attack	2020-09-19 03:39:49
77.222.116.152	attackbotsspam	Sep 18 17:01:28 ssh2 sshd[28728]: User root from pool-77-222-116-152.is74.ru not allowed because not listed in AllowUsers Sep 18 17:01:28 ssh2 sshd[28728]: Failed password for invalid user root from 77.222.116.152 port 56564 ssh2 Sep 18 17:01:28 ssh2 sshd[28728]: Connection closed by invalid user root 77.222.116.152 port 56564 [preauth] ...	2020-09-19 03:52:12
60.243.248.13	attackspam	Listed on dnsbl-sorbs plus abuseat.org and zen-spamhaus / proto=6 . srcport=21700 . dstport=23 . (2883)	2020-09-19 03:55:08
115.45.121.183	attackspam	Telnet Honeypot -> Telnet Bruteforce / Login	2020-09-19 04:00:19
62.210.99.227	attackbotsspam	62.210.99.227 - - [18/Sep/2020:20:59:51 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15709 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 62.210.99.227 - - [18/Sep/2020:21:00:01 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-19 03:28:43
192.144.210.27	attackspambots	(sshd) Failed SSH login from 192.144.210.27 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 18:44:07 server sshd[19781]: Invalid user avanthi from 192.144.210.27 Sep 18 18:44:07 server sshd[19781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.210.27 Sep 18 18:44:09 server sshd[19781]: Failed password for invalid user avanthi from 192.144.210.27 port 41982 ssh2 Sep 18 19:03:18 server sshd[22813]: Invalid user admin from 192.144.210.27 Sep 18 19:03:18 server sshd[22813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.210.27	2020-09-19 03:47:21

最近上报的IP列表

94.113.61.145	119.54.49.138	129.123.179.214	67.216.224.29
54.202.120.113	155.8.37.78	108.35.250.15	101.152.117.135
168.228.185.211	124.233.255.149	117.4.162.42	94.189.187.11
149.222.152.140	67.205.138.125	18.4.79.239	61.121.229.187
83.56.51.65	78.189.117.35	97.206.104.198	124.18.99.60