148.70.166.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 14 12:27:30 v22018076622670303 sshd\[21390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52 user=root Jul 14 12:27:32 v22018076622670303 sshd\[21390\]: Failed password for root from 148.70.166.52 port 49234 ssh2 Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: Invalid user teste from 148.70.166.52 port 46858 Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52 ...	2019-07-14 19:57:58
attackspam	May 19 19:24:54 server sshd\[229221\]: Invalid user admin1 from 148.70.166.52 May 19 19:24:54 server sshd\[229221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52 May 19 19:24:57 server sshd\[229221\]: Failed password for invalid user admin1 from 148.70.166.52 port 50252 ssh2 ...	2019-07-12 03:35:06
attack	[portscan] tcp/1433 [MsSQL] *(RWIN=29200)(06261032)	2019-06-26 17:19:58

类型

评论内容

时间

attack

Jul 14 12:27:30 v22018076622670303 sshd\[21390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52  user=root
Jul 14 12:27:32 v22018076622670303 sshd\[21390\]: Failed password for root from 148.70.166.52 port 49234 ssh2
Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: Invalid user teste from 148.70.166.52 port 46858
Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52
...

2019-07-14 19:57:58

attackspam

May 19 19:24:54 server sshd\[229221\]: Invalid user admin1 from 148.70.166.52
May 19 19:24:54 server sshd\[229221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52
May 19 19:24:57 server sshd\[229221\]: Failed password for invalid user admin1 from 148.70.166.52 port 50252 ssh2
...

2019-07-12 03:35:06

attack

[portscan] tcp/1433 [MsSQL]
*(RWIN=29200)(06261032)

2019-06-26 17:19:58

相同子网IP讨论:

IP	类型	评论内容	时间
148.70.166.93	attackbots	Apr 9 14:59:45 sxvn sshd[49093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.93	2020-04-10 02:48:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.166.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61787
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.166.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042702 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 06:01:23 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.166.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.166.70.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
159.65.152.201	attackspambots	SSH 15 Failed Logins	2019-08-20 09:57:11
112.133.244.218	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-19 22:17:01,273 INFO [amun_request_handler] PortScan Detected on Port: 3389 (112.133.244.218)	2019-08-20 10:34:41
121.8.124.244	attackbots	Aug 20 04:04:06 ks10 sshd[4695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.8.124.244 Aug 20 04:04:08 ks10 sshd[4695]: Failed password for invalid user zed from 121.8.124.244 port 59242 ssh2 ...	2019-08-20 10:34:17
84.201.144.119	attackspambots	[portscan] Port scan	2019-08-20 10:02:17
165.22.102.56	attack	Aug 20 03:13:43 web1 sshd\[9010\]: Invalid user customc from 165.22.102.56 Aug 20 03:13:43 web1 sshd\[9010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.102.56 Aug 20 03:13:45 web1 sshd\[9010\]: Failed password for invalid user customc from 165.22.102.56 port 34640 ssh2 Aug 20 03:18:41 web1 sshd\[9251\]: Invalid user caleb from 165.22.102.56 Aug 20 03:18:41 web1 sshd\[9251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.102.56	2019-08-20 09:57:45
95.91.8.75	attackbotsspam	Aug 19 14:04:31 vtv3 sshd\[8873\]: Invalid user shield from 95.91.8.75 port 40274 Aug 19 14:04:31 vtv3 sshd\[8873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.8.75 Aug 19 14:04:33 vtv3 sshd\[8873\]: Failed password for invalid user shield from 95.91.8.75 port 40274 ssh2 Aug 19 14:09:27 vtv3 sshd\[11400\]: Invalid user karlijn from 95.91.8.75 port 58198 Aug 19 14:09:27 vtv3 sshd\[11400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.8.75 Aug 19 14:23:04 vtv3 sshd\[18758\]: Invalid user china from 95.91.8.75 port 55506 Aug 19 14:23:04 vtv3 sshd\[18758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.8.75 Aug 19 14:23:06 vtv3 sshd\[18758\]: Failed password for invalid user china from 95.91.8.75 port 55506 ssh2 Aug 19 14:27:43 vtv3 sshd\[21284\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.91.8.75 user=root	2019-08-20 10:21:11
106.12.30.229	attack	SSH 15 Failed Logins	2019-08-20 10:05:57
185.216.132.15	attackspambots	Aug 20 04:10:56 dev0-dcde-rnet sshd[6504]: Failed password for root from 185.216.132.15 port 24018 ssh2 Aug 20 04:10:59 dev0-dcde-rnet sshd[6506]: Failed password for root from 185.216.132.15 port 24328 ssh2	2019-08-20 10:19:51
180.250.115.93	attackspam	Aug 19 16:42:33 askasleikir sshd[14282]: Failed password for invalid user ccp from 180.250.115.93 port 55879 ssh2 Aug 19 16:37:45 askasleikir sshd[14038]: Failed password for root from 180.250.115.93 port 33023 ssh2 Aug 19 16:30:20 askasleikir sshd[13560]: Failed password for invalid user fax from 180.250.115.93 port 56162 ssh2	2019-08-20 10:30:18
132.148.141.93	attackspam	wp xmlrpc	2019-08-20 10:00:09
175.211.112.250	attack	Aug 20 01:27:32 host sshd\[32273\]: Invalid user debora from 175.211.112.250 port 43006 Aug 20 01:27:32 host sshd\[32273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.211.112.250 ...	2019-08-20 10:08:01
177.184.133.41	attackspambots	Invalid user zw from 177.184.133.41 port 49508	2019-08-20 10:37:56
217.112.128.203	attackspam	Postfix RBL failed	2019-08-20 10:54:24
41.180.68.214	attackspam	Aug 20 03:35:38 rpi sshd[15796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.180.68.214 Aug 20 03:35:40 rpi sshd[15796]: Failed password for invalid user 123456 from 41.180.68.214 port 47296 ssh2	2019-08-20 09:54:48
85.187.183.70	attackspam	Aug 19 14:17:15 web9 sshd\[9078\]: Invalid user hal from 85.187.183.70 Aug 19 14:17:15 web9 sshd\[9078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.187.183.70 Aug 19 14:17:17 web9 sshd\[9078\]: Failed password for invalid user hal from 85.187.183.70 port 60630 ssh2 Aug 19 14:21:47 web9 sshd\[9933\]: Invalid user stein from 85.187.183.70 Aug 19 14:21:47 web9 sshd\[9933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.187.183.70	2019-08-20 10:39:14

最近上报的IP列表

110.53.182.126	104.47.1.33	89.91.163.15	118.174.65.251
112.219.201.124	185.208.208.186	210.221.136.144	200.35.53.121
114.108.185.93	58.137.5.50	203.99.184.247	43.139.83.95
113.92.107.41	169.47.196.197	203.134.210.36	199.249.230.114
202.75.207.106	96.78.45.206	144.135.236.152	198.96.155.3