148.70.94.56 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jan 9 07:42:09 pi sshd[13317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 Jan 9 07:42:11 pi sshd[13317]: Failed password for invalid user lpwi from 148.70.94.56 port 47912 ssh2	2020-03-14 00:04:24
attack	SSH invalid-user multiple login try	2020-03-10 22:02:56
attackbots	2020-03-03T21:40:14.230602vps773228.ovh.net sshd[3270]: Invalid user user5 from 148.70.94.56 port 49956 2020-03-03T21:40:14.245255vps773228.ovh.net sshd[3270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 2020-03-03T21:40:14.230602vps773228.ovh.net sshd[3270]: Invalid user user5 from 148.70.94.56 port 49956 2020-03-03T21:40:16.310713vps773228.ovh.net sshd[3270]: Failed password for invalid user user5 from 148.70.94.56 port 49956 ssh2 2020-03-03T21:56:18.045026vps773228.ovh.net sshd[3658]: Invalid user git from 148.70.94.56 port 35678 2020-03-03T21:56:18.050253vps773228.ovh.net sshd[3658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 2020-03-03T21:56:18.045026vps773228.ovh.net sshd[3658]: Invalid user git from 148.70.94.56 port 35678 2020-03-03T21:56:20.120583vps773228.ovh.net sshd[3658]: Failed password for invalid user git from 148.70.94.56 port 35678 ssh2 2020-03-03T22:09:0 ...	2020-03-04 05:44:19
attackspambots	Invalid user zdenkatopicova from 148.70.94.56 port 46946 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 Failed password for invalid user zdenkatopicova from 148.70.94.56 port 46946 ssh2 Invalid user 123456 from 148.70.94.56 port 44824 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56	2020-02-13 02:56:08
attack	Automatic report - SSH Brute-Force Attack	2020-02-09 09:58:25
attackspam	...	2020-02-01 22:50:26
attackspam	Unauthorized connection attempt detected from IP address 148.70.94.56 to port 2220 [J]	2020-01-28 13:17:20
attackspam	Unauthorized connection attempt detected from IP address 148.70.94.56 to port 2220 [J]	2020-01-16 16:34:35
attackbots	Dec 23 08:36:38 scivo sshd[17151]: Invalid user nordmark from 148.70.94.56 Dec 23 08:36:38 scivo sshd[17151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 Dec 23 08:36:40 scivo sshd[17151]: Failed password for invalid user nordmark from 148.70.94.56 port 46040 ssh2 Dec 23 08:36:41 scivo sshd[17151]: Received disconnect from 148.70.94.56: 11: Bye Bye [preauth] Dec 23 08:46:13 scivo sshd[17733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 user=r.r Dec 23 08:46:15 scivo sshd[17733]: Failed password for r.r from 148.70.94.56 port 57142 ssh2 Dec 23 08:46:15 scivo sshd[17733]: Received disconnect from 148.70.94.56: 11: Bye Bye [preauth] Dec 23 08:54:14 scivo sshd[18095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 user=r.r Dec 23 08:54:16 scivo sshd[18095]: Failed password for r.r from 148.70.94.56 port 36........ -------------------------------	2019-12-28 07:56:23
attackbots	Dec 23 08:36:38 scivo sshd[17151]: Invalid user nordmark from 148.70.94.56 Dec 23 08:36:38 scivo sshd[17151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 Dec 23 08:36:40 scivo sshd[17151]: Failed password for invalid user nordmark from 148.70.94.56 port 46040 ssh2 Dec 23 08:36:41 scivo sshd[17151]: Received disconnect from 148.70.94.56: 11: Bye Bye [preauth] Dec 23 08:46:13 scivo sshd[17733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 user=r.r Dec 23 08:46:15 scivo sshd[17733]: Failed password for r.r from 148.70.94.56 port 57142 ssh2 Dec 23 08:46:15 scivo sshd[17733]: Received disconnect from 148.70.94.56: 11: Bye Bye [preauth] Dec 23 08:54:14 scivo sshd[18095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 user=r.r Dec 23 08:54:16 scivo sshd[18095]: Failed password for r.r from 148.70.94.56 port 36........ -------------------------------	2019-12-24 09:06:11
attack	Dec 23 08:36:38 scivo sshd[17151]: Invalid user nordmark from 148.70.94.56 Dec 23 08:36:38 scivo sshd[17151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 Dec 23 08:36:40 scivo sshd[17151]: Failed password for invalid user nordmark from 148.70.94.56 port 46040 ssh2 Dec 23 08:36:41 scivo sshd[17151]: Received disconnect from 148.70.94.56: 11: Bye Bye [preauth] Dec 23 08:46:13 scivo sshd[17733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 user=r.r Dec 23 08:46:15 scivo sshd[17733]: Failed password for r.r from 148.70.94.56 port 57142 ssh2 Dec 23 08:46:15 scivo sshd[17733]: Received disconnect from 148.70.94.56: 11: Bye Bye [preauth] Dec 23 08:54:14 scivo sshd[18095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.94.56 user=r.r Dec 23 08:54:16 scivo sshd[18095]: Failed password for r.r from 148.70.94.56 port 36........ -------------------------------	2019-12-23 22:56:39

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.94.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45610
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.94.56.			IN	A

;; AUTHORITY SECTION:
.			420	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122300 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 23 22:56:28 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 56.94.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 56.94.70.148.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
177.22.126.149	attackspambots	Aug 20 21:57:36 rocket sshd[21709]: Failed password for root from 177.22.126.149 port 42168 ssh2 Aug 20 22:01:41 rocket sshd[22338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.22.126.149 ...	2020-08-21 05:08:54
83.196.219.52	attackbotsspam	DATE:2020-08-20 22:28:10, IP:83.196.219.52, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-08-21 05:34:41
222.186.30.112	attackspambots	Aug 20 17:11:17 ny01 sshd[31542]: Failed password for root from 222.186.30.112 port 52038 ssh2 Aug 20 17:11:26 ny01 sshd[31573]: Failed password for root from 222.186.30.112 port 54896 ssh2	2020-08-21 05:14:44
106.75.141.160	attackbotsspam	Aug 20 22:28:23 havingfunrightnow sshd[26817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.160 Aug 20 22:28:25 havingfunrightnow sshd[26817]: Failed password for invalid user admin from 106.75.141.160 port 39852 ssh2 Aug 20 22:40:18 havingfunrightnow sshd[27183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.141.160 ...	2020-08-21 05:13:06
187.243.6.106	attack	Triggered by Fail2Ban at Ares web server	2020-08-21 05:20:55
119.29.119.151	attack	Aug 20 22:09:31 hidden sshd[31216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.119.151 Aug 20 22:09:34 hidden sshd[31216]: Failed password for invalid user jakarta from 119.29.119.151 port 45324 ssh2 Aug 20 22:28:42 hidden sshd[1855]: Invalid user titus from 119.29.119.151 port 56908	2020-08-21 05:22:03
138.197.129.38	attackbots	Aug 20 21:01:51 vps-51d81928 sshd[779374]: Invalid user tom from 138.197.129.38 port 36380 Aug 20 21:01:51 vps-51d81928 sshd[779374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.129.38 Aug 20 21:01:51 vps-51d81928 sshd[779374]: Invalid user tom from 138.197.129.38 port 36380 Aug 20 21:01:53 vps-51d81928 sshd[779374]: Failed password for invalid user tom from 138.197.129.38 port 36380 ssh2 Aug 20 21:05:30 vps-51d81928 sshd[779440]: Invalid user neide from 138.197.129.38 port 37212 ...	2020-08-21 05:09:20
145.239.211.242	attack	Trolling for resource vulnerabilities	2020-08-21 05:21:16
113.235.122.128	attack	Aug 20 22:28:44 ns382633 sshd\[27613\]: Invalid user vuser from 113.235.122.128 port 47182 Aug 20 22:28:44 ns382633 sshd\[27613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.235.122.128 Aug 20 22:28:47 ns382633 sshd\[27613\]: Failed password for invalid user vuser from 113.235.122.128 port 47182 ssh2 Aug 20 22:32:01 ns382633 sshd\[28335\]: Invalid user rust from 113.235.122.128 port 40824 Aug 20 22:32:01 ns382633 sshd\[28335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.235.122.128	2020-08-21 05:27:29
101.71.235.247	attack	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2020-08-21 05:18:32
106.13.184.139	attackspambots	2020-08-20T21:33:31.281624shield sshd\[8524\]: Invalid user zaid from 106.13.184.139 port 40620 2020-08-20T21:33:31.290621shield sshd\[8524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.184.139 2020-08-20T21:33:33.166118shield sshd\[8524\]: Failed password for invalid user zaid from 106.13.184.139 port 40620 ssh2 2020-08-20T21:36:09.698980shield sshd\[8736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.184.139 user=root 2020-08-20T21:36:11.263596shield sshd\[8736\]: Failed password for root from 106.13.184.139 port 50786 ssh2	2020-08-21 05:43:51
177.203.150.26	attack	Aug 20 23:27:54 ip106 sshd[31499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.203.150.26 Aug 20 23:27:56 ip106 sshd[31499]: Failed password for invalid user user from 177.203.150.26 port 55100 ssh2 ...	2020-08-21 05:33:22
222.186.180.223	attackbots	$f2bV_matches	2020-08-21 05:22:29
222.186.190.14	attack	Aug 21 02:13:54 gw1 sshd[11947]: Failed password for root from 222.186.190.14 port 46206 ssh2 ...	2020-08-21 05:17:27
31.220.3.105	attack	Aug 20 23:00:18 ns382633 sshd\[919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.3.105 user=root Aug 20 23:00:20 ns382633 sshd\[919\]: Failed password for root from 31.220.3.105 port 38439 ssh2 Aug 20 23:00:23 ns382633 sshd\[919\]: Failed password for root from 31.220.3.105 port 38439 ssh2 Aug 20 23:00:27 ns382633 sshd\[919\]: Failed password for root from 31.220.3.105 port 38439 ssh2 Aug 20 23:00:29 ns382633 sshd\[919\]: Failed password for root from 31.220.3.105 port 38439 ssh2	2020-08-21 05:18:53

最近上报的IP列表

49.145.229.243	125.163.30.100	217.182.78.50	91.54.36.57
198.195.76.174	13.58.59.210	59.215.170.38	177.139.248.221
103.104.217.251	94.177.207.114	129.20.234.32	125.112.23.235
139.42.144.10	22.123.176.236	70.111.170.2	111.162.47.151
238.83.23.203	67.247.98.74	200.75.232.185	41.61.4.99