148.70.50.244 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244 Invalid user kcc from 148.70.50.244 port 39226 Failed password for invalid user kcc from 148.70.50.244 port 39226 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244 user=root Failed password for root from 148.70.50.244 port 45644 ssh2	2020-08-30 20:24:26
attackbotsspam	Aug 28 17:34:14 jane sshd[29981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244 Aug 28 17:34:16 jane sshd[29981]: Failed password for invalid user bridge from 148.70.50.244 port 34790 ssh2 ...	2020-08-29 00:56:02
attackbotsspam	Aug 19 10:27:52 dhoomketu sshd[2474122]: Invalid user teamspeak from 148.70.50.244 port 40066 Aug 19 10:27:52 dhoomketu sshd[2474122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244 Aug 19 10:27:52 dhoomketu sshd[2474122]: Invalid user teamspeak from 148.70.50.244 port 40066 Aug 19 10:27:55 dhoomketu sshd[2474122]: Failed password for invalid user teamspeak from 148.70.50.244 port 40066 ssh2 Aug 19 10:32:31 dhoomketu sshd[2474215]: Invalid user nan from 148.70.50.244 port 33910 ...	2020-08-19 18:06:07

类型

评论内容

时间

attackbots

pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244
Invalid user kcc from 148.70.50.244 port 39226
Failed password for invalid user kcc from 148.70.50.244 port 39226 ssh2
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244  user=root
Failed password for root from 148.70.50.244 port 45644 ssh2

2020-08-30 20:24:26

attackbotsspam

Aug 28 17:34:14 jane sshd[29981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244 
Aug 28 17:34:16 jane sshd[29981]: Failed password for invalid user bridge from 148.70.50.244 port 34790 ssh2
...

2020-08-29 00:56:02

attackbotsspam

Aug 19 10:27:52 dhoomketu sshd[2474122]: Invalid user teamspeak from 148.70.50.244 port 40066
Aug 19 10:27:52 dhoomketu sshd[2474122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.50.244 
Aug 19 10:27:52 dhoomketu sshd[2474122]: Invalid user teamspeak from 148.70.50.244 port 40066
Aug 19 10:27:55 dhoomketu sshd[2474122]: Failed password for invalid user teamspeak from 148.70.50.244 port 40066 ssh2
Aug 19 10:32:31 dhoomketu sshd[2474215]: Invalid user nan from 148.70.50.244 port 33910
...

2020-08-19 18:06:07

相同子网IP讨论:

IP	类型	评论内容	时间
148.70.50.40	attackspam	Joomla HTTP User Agent Object Injection Vulnerability	2019-07-16 00:46:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.50.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.50.244.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081802 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 10:37:52 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 244.50.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 244.50.70.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
206.189.166.172	attackspam	2019-07-18T18:13:32.773117abusebot.cloudsearch.cf sshd\[5491\]: Invalid user bwadmin from 206.189.166.172 port 56712	2019-07-19 02:36:42
202.51.74.235	attack	Jul 18 20:25:57 dev0-dcde-rnet sshd[28126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.235 Jul 18 20:25:59 dev0-dcde-rnet sshd[28126]: Failed password for invalid user mortega from 202.51.74.235 port 50882 ssh2 Jul 18 20:34:13 dev0-dcde-rnet sshd[28142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.235	2019-07-19 02:35:19
122.166.237.117	attack	2019-07-18T10:51:09.750286abusebot-8.cloudsearch.cf sshd\[18436\]: Invalid user logviewer from 122.166.237.117 port 10752	2019-07-19 02:52:50
188.131.134.157	attackspambots	(sshd) Failed SSH login from 188.131.134.157 (-): 5 in the last 3600 secs	2019-07-19 02:49:48
195.5.128.214	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 08:58:17,724 INFO [amun_request_handler] PortScan Detected on Port: 445 (195.5.128.214)	2019-07-19 02:43:46
52.20.59.141	attackbots	scout.us1.salesloft.com -52.206.39.1CyrmusONE/tampered build/no wonder hundreds of local men accessing the house/audio used for many yrs -windows and doors purposely fitted to fail/who's the African gentleman/byside.com door - wondering who he was/not many africans locally	2019-07-19 02:45:26
103.139.77.23	attack	Automatic report - Port Scan Attack	2019-07-19 02:30:52
93.29.187.145	attackspam	Jul 18 12:40:27 xeon sshd[61227]: Failed password for invalid user luky from 93.29.187.145 port 56534 ssh2	2019-07-19 02:40:37
64.31.33.70	attack	\[2019-07-18 07:48:23\] NOTICE\[20804\] chan_sip.c: Registration from '"9090" \' failed for '64.31.33.70:5943' - Wrong password \[2019-07-18 07:48:23\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-18T07:48:23.133-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="9090",SessionID="0x7f06f823f758",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.31.33.70/5943",Challenge="23d4fc03",ReceivedChallenge="23d4fc03",ReceivedHash="ea04502c51b50805c2128842cb65b5b7" \[2019-07-18 07:48:23\] NOTICE\[20804\] chan_sip.c: Registration from '"9090" \' failed for '64.31.33.70:5943' - Wrong password \[2019-07-18 07:48:23\] SECURITY\[20812\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-18T07:48:23.211-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="9090",SessionID="0x7f06f8009f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/	2019-07-19 02:24:44
36.90.17.226	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 08:58:41,091 INFO [amun_request_handler] PortScan Detected on Port: 445 (36.90.17.226)	2019-07-19 02:37:47
85.209.0.11	attackspam	Port scan on 18 port(s): 14400 19271 21598 21918 26144 26703 31202 37151 37513 38628 40496 42420 45138 49723 52441 52492 58722 59932	2019-07-19 02:39:27
91.121.112.70	attackbotsspam	Automatic report - Banned IP Access	2019-07-19 02:44:20
87.8.157.36	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-19 02:41:00
211.21.93.238	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 08:57:49,341 INFO [amun_request_handler] PortScan Detected on Port: 445 (211.21.93.238)	2019-07-19 02:50:15
121.122.103.14	attackspam	Jul 17 11:31:16 vpxxxxxxx22308 sshd[2337]: Invalid user cj from 121.122.103.14 Jul 17 11:31:16 vpxxxxxxx22308 sshd[2337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.103.14 Jul 17 11:31:18 vpxxxxxxx22308 sshd[2337]: Failed password for invalid user cj from 121.122.103.14 port 52846 ssh2 Jul 17 11:37:09 vpxxxxxxx22308 sshd[3331]: Invalid user koko from 121.122.103.14 Jul 17 11:37:09 vpxxxxxxx22308 sshd[3331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.122.103.14 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=121.122.103.14	2019-07-19 02:25:22

最近上报的IP列表

58.164.204.22	159.253.31.115	80.163.5.93	73.190.128.201
245.90.83.143	94.250.90.223	238.125.211.24	216.39.2.250
76.172.150.152	79.115.119.64	82.152.45.239	58.182.43.171
53.139.212.102	253.198.22.108	64.185.196.84	98.91.160.229
33.175.1.106	193.213.107.33	59.255.253.31	147.81.206.142