148.70.1.30 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	...	2020-02-01 23:57:30
attack	Nov 19 14:08:22 php1 sshd\[28005\]: Invalid user vmail from 148.70.1.30 Nov 19 14:08:22 php1 sshd\[28005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30 Nov 19 14:08:24 php1 sshd\[28005\]: Failed password for invalid user vmail from 148.70.1.30 port 49878 ssh2 Nov 19 14:12:49 php1 sshd\[28480\]: Invalid user emmye from 148.70.1.30 Nov 19 14:12:49 php1 sshd\[28480\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30	2019-11-20 08:29:11
attackspam	Nov 18 22:26:49 eddieflores sshd\[19712\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30 user=root Nov 18 22:26:51 eddieflores sshd\[19712\]: Failed password for root from 148.70.1.30 port 34142 ssh2 Nov 18 22:31:36 eddieflores sshd\[20050\]: Invalid user giraud from 148.70.1.30 Nov 18 22:31:36 eddieflores sshd\[20050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30 Nov 18 22:31:37 eddieflores sshd\[20050\]: Failed password for invalid user giraud from 148.70.1.30 port 42282 ssh2	2019-11-19 16:58:17
attackspam	51 failed attempt(s) in the last 24h	2019-11-13 07:30:13
attackbotsspam	SSH brutforce	2019-11-07 19:35:22
attack	Oct 28 17:10:27 * sshd[2404]: Failed password for root from 148.70.1.30 port 44926 ssh2 Oct 28 17:16:14 * sshd[3093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30	2019-10-29 01:24:35
attackspambots	Sep 26 13:04:28 gw1 sshd[15356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30 Sep 26 13:04:30 gw1 sshd[15356]: Failed password for invalid user omu from 148.70.1.30 port 39794 ssh2 ...	2019-09-26 16:08:02
attack	Sep 19 09:31:28 hanapaa sshd\[24426\]: Invalid user am from 148.70.1.30 Sep 19 09:31:28 hanapaa sshd\[24426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30 Sep 19 09:31:31 hanapaa sshd\[24426\]: Failed password for invalid user am from 148.70.1.30 port 38514 ssh2 Sep 19 09:35:51 hanapaa sshd\[24757\]: Invalid user john from 148.70.1.30 Sep 19 09:35:51 hanapaa sshd\[24757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.1.30	2019-09-20 03:45:02

Comments on same subnet:

IP	Type	Details	Datetime
148.70.149.39	attackspam	Automatic report - Banned IP Access	2020-10-12 21:23:15
148.70.149.39	attack	Oct 12 04:47:44 *** sshd[4974]: User root from 148.70.149.39 not allowed because not listed in AllowUsers	2020-10-12 12:53:33
148.70.173.252	attack	Oct 11 22:15:29 ns381471 sshd[3002]: Failed password for root from 148.70.173.252 port 49936 ssh2 Oct 11 22:19:33 ns381471 sshd[3988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.173.252	2020-10-12 04:22:31
148.70.173.252	attackspam	Ssh brute force	2020-10-11 12:21:59
148.70.173.252	attackbotsspam	$f2bV_matches	2020-10-11 05:44:54
148.70.129.112	attack	Invalid user postgresql from 148.70.129.112 port 16018	2020-10-10 23:45:33
148.70.129.112	attackspam	SSH login attempts.	2020-10-10 15:35:18
148.70.160.127	attack	2375/tcp 2376/tcp 2375/tcp [2020-09-26/10-07]3pkt	2020-10-09 03:30:23
148.70.160.127	attackbotsspam	2375/tcp 2376/tcp 2375/tcp [2020-09-26/10-07]3pkt	2020-10-08 19:35:51
148.70.102.69	attackspam	3x Failed Password	2020-10-07 06:35:00
148.70.102.69	attackspam	Oct 6 10:35:17 router sshd[19741]: Failed password for root from 148.70.102.69 port 45304 ssh2 Oct 6 10:41:07 router sshd[19777]: Failed password for root from 148.70.102.69 port 51472 ssh2 ...	2020-10-06 22:52:49
148.70.102.69	attack	Oct 6 05:42:38 mout sshd[10941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.102.69 user=root Oct 6 05:42:40 mout sshd[10941]: Failed password for root from 148.70.102.69 port 39562 ssh2	2020-10-06 14:38:06
148.70.169.14	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-05T19:50:57Z	2020-10-06 05:43:17
148.70.195.242	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-06 04:20:45
148.70.169.14	attackbots	Oct 5 08:45:15 marvibiene sshd[553]: Failed password for root from 148.70.169.14 port 49804 ssh2 Oct 5 08:50:55 marvibiene sshd[834]: Failed password for root from 148.70.169.14 port 53866 ssh2	2020-10-05 21:47:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.1.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58902
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.1.30.			IN	A

;; AUTHORITY SECTION:
.			314	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091902 1800 900 604800 86400

;; Query time: 505 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 03:44:59 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 30.1.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 30.1.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.248.218.225	attack	Automatic report - Port Scan Attack	2019-11-15 14:41:29
59.126.69.60	attackbots	2019-11-15T06:31:16.051667abusebot.cloudsearch.cf sshd\[25527\]: Invalid user 123 from 59.126.69.60 port 33770	2019-11-15 14:50:55
222.186.175.182	attackspam	Nov 15 05:55:55 mail sshd[9637]: Failed password for root from 222.186.175.182 port 34304 ssh2 Nov 15 05:55:59 mail sshd[9637]: Failed password for root from 222.186.175.182 port 34304 ssh2 Nov 15 05:56:03 mail sshd[9637]: Failed password for root from 222.186.175.182 port 34304 ssh2 Nov 15 05:56:08 mail sshd[9637]: Failed password for root from 222.186.175.182 port 34304 ssh2	2019-11-15 14:22:11
191.101.87.147	attackbotsspam	Automatic report - Banned IP Access	2019-11-15 14:54:36
185.173.35.57	attackspam	port scan and connect, tcp 443 (https)	2019-11-15 14:26:54
217.131.243.75	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/217.131.243.75/ TR - 1H : (77) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TR NAME ASN : ASN34984 IP : 217.131.243.75 CIDR : 217.131.224.0/19 PREFIX COUNT : 2324 UNIQUE IP COUNT : 1397504 ATTACKS DETECTED ASN34984 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 5 DateTime : 2019-11-15 05:58:21 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-15 14:09:29
218.5.244.218	attackbots	Nov 15 08:26:24 server sshd\[7388\]: Invalid user squid from 218.5.244.218 port 65229 Nov 15 08:26:24 server sshd\[7388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.5.244.218 Nov 15 08:26:26 server sshd\[7388\]: Failed password for invalid user squid from 218.5.244.218 port 65229 ssh2 Nov 15 08:31:10 server sshd\[900\]: Invalid user 9999999 from 218.5.244.218 port 22557 Nov 15 08:31:10 server sshd\[900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.5.244.218	2019-11-15 14:53:49
114.39.174.173	attackspam	Telnet Server BruteForce Attack	2019-11-15 14:18:25
71.6.233.27	attackspam	" "	2019-11-15 14:06:06
88.249.60.209	attack	Honeypot attack, port: 23, PTR: 88.249.60.209.static.ttnet.com.tr.	2019-11-15 14:24:34
51.75.248.241	attackspambots	Nov 15 07:08:06 vps666546 sshd\[520\]: Invalid user bob from 51.75.248.241 port 60374 Nov 15 07:08:06 vps666546 sshd\[520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.241 Nov 15 07:08:08 vps666546 sshd\[520\]: Failed password for invalid user bob from 51.75.248.241 port 60374 ssh2 Nov 15 07:09:32 vps666546 sshd\[628\]: Invalid user bob from 51.75.248.241 port 57026 Nov 15 07:09:32 vps666546 sshd\[628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.241 ...	2019-11-15 14:10:55
62.234.154.56	attackspam	Nov 15 05:05:12 work-partkepr sshd\[26885\]: Invalid user ssf from 62.234.154.56 port 33139 Nov 15 05:05:12 work-partkepr sshd\[26885\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.154.56 ...	2019-11-15 14:17:26
51.79.141.84	attackbots	Port Scan: UDP/389	2019-11-15 14:16:01
51.254.206.149	attackspambots	Nov 15 06:57:13 SilenceServices sshd[2306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.206.149 Nov 15 06:57:15 SilenceServices sshd[2306]: Failed password for invalid user smmsp from 51.254.206.149 port 39746 ssh2 Nov 15 07:00:50 SilenceServices sshd[3436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.206.149	2019-11-15 14:07:34
128.199.224.215	attackbotsspam	SSH Bruteforce attempt	2019-11-15 14:44:52

Recently Reported IPs

51.75.215.82	75.150.123.180	86.82.253.232	122.69.237.206
49.225.13.117	161.18.111.181	171.121.34.10	97.45.82.127
181.97.123.209	190.115.1.49	97.242.107.165	32.85.109.216
98.232.123.64	201.220.146.61	79.79.192.10	138.68.28.57
180.219.249.217	165.224.108.59	209.50.15.34	154.117.133.214