148.70.166.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 14 12:27:30 v22018076622670303 sshd\[21390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52 user=root Jul 14 12:27:32 v22018076622670303 sshd\[21390\]: Failed password for root from 148.70.166.52 port 49234 ssh2 Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: Invalid user teste from 148.70.166.52 port 46858 Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52 ...	2019-07-14 19:57:58
attackspam	May 19 19:24:54 server sshd\[229221\]: Invalid user admin1 from 148.70.166.52 May 19 19:24:54 server sshd\[229221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52 May 19 19:24:57 server sshd\[229221\]: Failed password for invalid user admin1 from 148.70.166.52 port 50252 ssh2 ...	2019-07-12 03:35:06
attack	[portscan] tcp/1433 [MsSQL] *(RWIN=29200)(06261032)	2019-06-26 17:19:58

类型

评论内容

时间

attack

Jul 14 12:27:30 v22018076622670303 sshd\[21390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52  user=root
Jul 14 12:27:32 v22018076622670303 sshd\[21390\]: Failed password for root from 148.70.166.52 port 49234 ssh2
Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: Invalid user teste from 148.70.166.52 port 46858
Jul 14 12:33:33 v22018076622670303 sshd\[21412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52
...

2019-07-14 19:57:58

attackspam

May 19 19:24:54 server sshd\[229221\]: Invalid user admin1 from 148.70.166.52
May 19 19:24:54 server sshd\[229221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.52
May 19 19:24:57 server sshd\[229221\]: Failed password for invalid user admin1 from 148.70.166.52 port 50252 ssh2
...

2019-07-12 03:35:06

attack

[portscan] tcp/1433 [MsSQL]
*(RWIN=29200)(06261032)

2019-06-26 17:19:58

相同子网IP讨论:

IP	类型	评论内容	时间
148.70.166.93	attackbots	Apr 9 14:59:45 sxvn sshd[49093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.166.93	2020-04-10 02:48:47

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.166.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61787
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.166.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042702 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 06:01:23 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.166.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.166.70.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
27.78.14.83	attackspam	May 4 15:48:59 home sshd[29535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.78.14.83 May 4 15:49:01 home sshd[29535]: Failed password for invalid user support from 27.78.14.83 port 55196 ssh2 May 4 15:49:12 home sshd[29567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.78.14.83 ...	2020-05-04 21:50:01
177.1.214.84	attackbots	May 4 15:12:11 markkoudstaal sshd[10905]: Failed password for root from 177.1.214.84 port 61872 ssh2 May 4 15:16:53 markkoudstaal sshd[11752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.1.214.84 May 4 15:16:55 markkoudstaal sshd[11752]: Failed password for invalid user admin from 177.1.214.84 port 18512 ssh2	2020-05-04 21:29:14
94.100.221.203	attackbots	May 4 09:27:24 NPSTNNYC01T sshd[5247]: Failed password for root from 94.100.221.203 port 52372 ssh2 May 4 09:32:25 NPSTNNYC01T sshd[5675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.100.221.203 May 4 09:32:27 NPSTNNYC01T sshd[5675]: Failed password for invalid user hduser from 94.100.221.203 port 35668 ssh2 ...	2020-05-04 21:38:50
182.75.177.182	attackbotsspam	May 4 14:12:40 DAAP sshd[19917]: Invalid user postgres from 182.75.177.182 port 49614 May 4 14:12:40 DAAP sshd[19917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.75.177.182 May 4 14:12:40 DAAP sshd[19917]: Invalid user postgres from 182.75.177.182 port 49614 May 4 14:12:41 DAAP sshd[19917]: Failed password for invalid user postgres from 182.75.177.182 port 49614 ssh2 May 4 14:16:59 DAAP sshd[20048]: Invalid user ec2-user from 182.75.177.182 port 59594 ...	2020-05-04 21:24:57
222.186.15.10	attackspambots	2020-05-04T13:30:05.676983shield sshd\[20136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root 2020-05-04T13:30:07.289688shield sshd\[20136\]: Failed password for root from 222.186.15.10 port 22511 ssh2 2020-05-04T13:30:09.431016shield sshd\[20136\]: Failed password for root from 222.186.15.10 port 22511 ssh2 2020-05-04T13:30:11.517559shield sshd\[20136\]: Failed password for root from 222.186.15.10 port 22511 ssh2 2020-05-04T13:30:15.220942shield sshd\[20146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root	2020-05-04 21:31:09
83.241.232.51	attackbotsspam	May 4 15:19:54 h1745522 sshd[10615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.241.232.51 user=root May 4 15:19:56 h1745522 sshd[10615]: Failed password for root from 83.241.232.51 port 45758 ssh2 May 4 15:23:35 h1745522 sshd[10720]: Invalid user azureuser from 83.241.232.51 port 50360 May 4 15:23:35 h1745522 sshd[10720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.241.232.51 May 4 15:23:35 h1745522 sshd[10720]: Invalid user azureuser from 83.241.232.51 port 50360 May 4 15:23:37 h1745522 sshd[10720]: Failed password for invalid user azureuser from 83.241.232.51 port 50360 ssh2 May 4 15:27:30 h1745522 sshd[10861]: Invalid user ubuntu from 83.241.232.51 port 54961 May 4 15:27:30 h1745522 sshd[10861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.241.232.51 May 4 15:27:30 h1745522 sshd[10861]: Invalid user ubuntu from 83.241.232.51 port 549 ...	2020-05-04 21:28:11
162.243.143.55	attackspam	proto=tcp . spt=54730 . dpt=465 . src=162.243.143.55 . dst=xx.xx.4.1 . Found on CINS badguys (220)	2020-05-04 21:45:43
1.1.129.160	attackspambots	SMB Server BruteForce Attack	2020-05-04 21:34:25
36.81.203.211	attackbots	May 4 09:43:33 NPSTNNYC01T sshd[6630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.81.203.211 May 4 09:43:36 NPSTNNYC01T sshd[6630]: Failed password for invalid user ts3 from 36.81.203.211 port 42584 ssh2 May 4 09:47:21 NPSTNNYC01T sshd[6922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.81.203.211 ...	2020-05-04 21:51:29
185.147.162.27	attackspambots	May 4 14:36:00 mout sshd[29384]: Invalid user antena from 185.147.162.27 port 54170	2020-05-04 21:59:47
168.227.99.10	attackspambots	May 4 14:00:46 ovpn sshd\[9190\]: Invalid user kathy from 168.227.99.10 May 4 14:00:46 ovpn sshd\[9190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.227.99.10 May 4 14:00:48 ovpn sshd\[9190\]: Failed password for invalid user kathy from 168.227.99.10 port 33312 ssh2 May 4 14:14:26 ovpn sshd\[12465\]: Invalid user dax from 168.227.99.10 May 4 14:14:26 ovpn sshd\[12465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.227.99.10	2020-05-04 22:00:19
89.221.217.193	attackspam	SSH/22 MH Probe, BF, Hack -	2020-05-04 21:56:10
159.203.242.122	attack	May 04 07:03:35 askasleikir sshd[39182]: Failed password for invalid user bootcamp from 159.203.242.122 port 39900 ssh2 May 04 07:14:59 askasleikir sshd[39486]: Failed password for root from 159.203.242.122 port 55372 ssh2	2020-05-04 21:25:41
178.73.215.171	attackbots	May 4 15:34:06 debian-2gb-nbg1-2 kernel: \[10858145.642835\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=178.73.215.171 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=TCP SPT=48437 DPT=4505 WINDOW=65535 RES=0x00 SYN URGP=0	2020-05-04 22:03:22
49.231.35.39	attack	2020-05-04T12:28:22.003387shield sshd\[9568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.35.39 user=root 2020-05-04T12:28:24.123104shield sshd\[9568\]: Failed password for root from 49.231.35.39 port 53803 ssh2 2020-05-04T12:32:59.619621shield sshd\[10053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.35.39 user=root 2020-05-04T12:33:01.237492shield sshd\[10053\]: Failed password for root from 49.231.35.39 port 58855 ssh2 2020-05-04T12:37:46.523459shield sshd\[11053\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.35.39 user=root	2020-05-04 21:43:07

最近上报的IP列表

110.53.182.126	104.47.1.33	89.91.163.15	118.174.65.251
112.219.201.124	185.208.208.186	210.221.136.144	200.35.53.121
114.108.185.93	58.137.5.50	203.99.184.247	43.139.83.95
113.92.107.41	169.47.196.197	203.134.210.36	199.249.230.114
202.75.207.106	96.78.45.206	144.135.236.152	198.96.155.3