148.70.125.207

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized SSH login attempts	2020-07-30 21:16:44
attack	Invalid user jared from 148.70.125.207 port 33742	2020-07-18 07:07:45
attack	Jul 17 13:51:26 mockhub sshd[27474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 Jul 17 13:51:28 mockhub sshd[27474]: Failed password for invalid user user from 148.70.125.207 port 60574 ssh2 ...	2020-07-18 04:56:35
attackspambots	2020-06-11T04:08:43.418075shield sshd\[19244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root 2020-06-11T04:08:45.255073shield sshd\[19244\]: Failed password for root from 148.70.125.207 port 39608 ssh2 2020-06-11T04:14:07.231455shield sshd\[21019\]: Invalid user admin from 148.70.125.207 port 41726 2020-06-11T04:14:07.234972shield sshd\[21019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 2020-06-11T04:14:09.889112shield sshd\[21019\]: Failed password for invalid user admin from 148.70.125.207 port 41726 ssh2	2020-06-11 12:58:08
attackspam	(sshd) Failed SSH login from 148.70.125.207 (CN/China/-): 5 in the last 3600 secs	2020-06-09 19:51:57
attackspambots	Jun 8 17:19:21 datentool sshd[18188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:19:23 datentool sshd[18188]: Failed password for r.r from 148.70.125.207 port 38922 ssh2 Jun 8 17:24:43 datentool sshd[18251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:24:45 datentool sshd[18251]: Failed password for r.r from 148.70.125.207 port 55026 ssh2 Jun 8 17:27:04 datentool sshd[18265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:27:07 datentool sshd[18265]: Failed password for r.r from 148.70.125.207 port 49190 ssh2 Jun 8 17:29:26 datentool sshd[18280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:29:27 datentool sshd[18280]: Failed password for r.r from 148.70.125......... -------------------------------	2020-06-09 01:38:03
attackspam	May 26 17:55:03 mail sshd[10962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 17:55:05 mail sshd[10962]: Failed password for root from 148.70.125.207 port 59764 ssh2 May 26 18:08:53 mail sshd[12786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 18:08:55 mail sshd[12786]: Failed password for root from 148.70.125.207 port 37616 ssh2 May 26 18:13:29 mail sshd[13430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 18:13:31 mail sshd[13430]: Failed password for root from 148.70.125.207 port 49412 ssh2 ...	2020-05-27 01:59:34
attackspam	Invalid user mvm from 148.70.125.207 port 60990	2020-05-23 15:00:53

Comments on same subnet:

IP	Type	Details	Datetime
148.70.125.42	attack	" "	2020-07-23 17:29:33
148.70.125.42	attackspambots	$f2bV_matches	2020-07-11 06:54:26
148.70.125.42	attack	Unauthorized connection attempt detected from IP address 148.70.125.42 to port 788	2020-07-05 04:25:25
148.70.125.42	attack	Jun 29 20:27:47 124388 sshd[2168]: Failed password for invalid user alice from 148.70.125.42 port 32768 ssh2 Jun 29 20:31:33 124388 sshd[2334]: Invalid user oracle from 148.70.125.42 port 60618 Jun 29 20:31:33 124388 sshd[2334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 Jun 29 20:31:33 124388 sshd[2334]: Invalid user oracle from 148.70.125.42 port 60618 Jun 29 20:31:35 124388 sshd[2334]: Failed password for invalid user oracle from 148.70.125.42 port 60618 ssh2	2020-06-30 05:36:57
148.70.125.42	attackspambots	Invalid user yuhao from 148.70.125.42 port 48848	2020-06-14 16:03:20
148.70.125.42	attackspambots	Jun 10 19:57:47 vlre-nyc-1 sshd\[10457\]: Invalid user selnagar from 148.70.125.42 Jun 10 19:57:47 vlre-nyc-1 sshd\[10457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 Jun 10 19:57:50 vlre-nyc-1 sshd\[10457\]: Failed password for invalid user selnagar from 148.70.125.42 port 49964 ssh2 Jun 10 20:07:24 vlre-nyc-1 sshd\[10627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root Jun 10 20:07:27 vlre-nyc-1 sshd\[10627\]: Failed password for root from 148.70.125.42 port 34160 ssh2 ...	2020-06-11 04:57:42
148.70.125.42	attack	Jun 5 19:29:15 auw2 sshd\[22857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root Jun 5 19:29:17 auw2 sshd\[22857\]: Failed password for root from 148.70.125.42 port 39514 ssh2 Jun 5 19:33:17 auw2 sshd\[23168\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root Jun 5 19:33:18 auw2 sshd\[23168\]: Failed password for root from 148.70.125.42 port 54936 ssh2 Jun 5 19:37:15 auw2 sshd\[23456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root	2020-06-06 14:11:18
148.70.125.42	attack	May 26 01:18:42 piServer sshd[30784]: Failed password for root from 148.70.125.42 port 37396 ssh2 May 26 01:24:05 piServer sshd[31251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 May 26 01:24:07 piServer sshd[31251]: Failed password for invalid user crossley from 148.70.125.42 port 40944 ssh2 ...	2020-05-26 11:46:56
148.70.125.42	attackspam	(sshd) Failed SSH login from 148.70.125.42 (CN/China/-): 5 in the last 3600 secs	2020-05-26 00:45:05
148.70.125.42	attackspambots	2020-05-24T21:15:41.296164abusebot-7.cloudsearch.cf sshd[3911]: Invalid user jenna from 148.70.125.42 port 59188 2020-05-24T21:15:41.304938abusebot-7.cloudsearch.cf sshd[3911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 2020-05-24T21:15:41.296164abusebot-7.cloudsearch.cf sshd[3911]: Invalid user jenna from 148.70.125.42 port 59188 2020-05-24T21:15:43.349598abusebot-7.cloudsearch.cf sshd[3911]: Failed password for invalid user jenna from 148.70.125.42 port 59188 ssh2 2020-05-24T21:19:31.054375abusebot-7.cloudsearch.cf sshd[4109]: Invalid user delphinia from 148.70.125.42 port 44604 2020-05-24T21:19:31.059017abusebot-7.cloudsearch.cf sshd[4109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 2020-05-24T21:19:31.054375abusebot-7.cloudsearch.cf sshd[4109]: Invalid user delphinia from 148.70.125.42 port 44604 2020-05-24T21:19:33.013109abusebot-7.cloudsearch.cf sshd[4109]: Failed ...	2020-05-25 08:19:08
148.70.125.42	attackbots	May 24 22:06:28 abendstille sshd\[17378\]: Invalid user downloads from 148.70.125.42 May 24 22:06:28 abendstille sshd\[17378\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 May 24 22:06:30 abendstille sshd\[17378\]: Failed password for invalid user downloads from 148.70.125.42 port 41198 ssh2 May 24 22:10:04 abendstille sshd\[21030\]: Invalid user admin from 148.70.125.42 May 24 22:10:04 abendstille sshd\[21030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 ...	2020-05-25 04:18:17
148.70.125.42	attackspam	May 22 07:17:47 master sshd[27505]: Failed password for invalid user xzk from 148.70.125.42 port 33742 ssh2 May 22 07:34:52 master sshd[27556]: Failed password for invalid user hus from 148.70.125.42 port 43464 ssh2 May 22 07:40:53 master sshd[27570]: Failed password for invalid user bts from 148.70.125.42 port 50856 ssh2 May 22 07:46:51 master sshd[27603]: Failed password for invalid user pbi from 148.70.125.42 port 58250 ssh2 May 22 07:52:47 master sshd[27615]: Failed password for invalid user oko from 148.70.125.42 port 37412 ssh2 May 22 07:58:41 master sshd[27628]: Failed password for invalid user ocn from 148.70.125.42 port 44806 ssh2 May 22 08:04:28 master sshd[27659]: Failed password for invalid user kl from 148.70.125.42 port 52200 ssh2 May 22 08:10:23 master sshd[27666]: Failed password for invalid user tnq from 148.70.125.42 port 59592 ssh2 May 22 08:16:13 master sshd[27686]: Failed password for invalid user vkr from 148.70.125.42 port 38754 ssh2	2020-05-23 00:31:44
148.70.125.42	attackspam	Invalid user hduser from 148.70.125.42 port 53106	2020-05-21 06:56:40
148.70.125.42	attack	2020-05-16T04:44:34.384014vps773228.ovh.net sshd[4269]: Invalid user zhong from 148.70.125.42 port 38626 2020-05-16T04:44:36.167396vps773228.ovh.net sshd[4269]: Failed password for invalid user zhong from 148.70.125.42 port 38626 ssh2 2020-05-16T04:50:46.539299vps773228.ovh.net sshd[4367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root 2020-05-16T04:50:48.044621vps773228.ovh.net sshd[4367]: Failed password for root from 148.70.125.42 port 49968 ssh2 2020-05-16T04:53:51.066742vps773228.ovh.net sshd[4387]: Invalid user analy from 148.70.125.42 port 55638 ...	2020-05-16 12:16:09
148.70.125.42	attackbots	May 10 02:10:58 NPSTNNYC01T sshd[2423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 May 10 02:11:00 NPSTNNYC01T sshd[2423]: Failed password for invalid user admin from 148.70.125.42 port 34944 ssh2 May 10 02:15:22 NPSTNNYC01T sshd[2905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 ...	2020-05-10 15:08:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.125.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18130
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.125.207.			IN	A

;; AUTHORITY SECTION:
.			529	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052301 1800 900 604800 86400

;; Query time: 143 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 15:00:49 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 207.125.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 207.125.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.91.56.133	attackbots	Sep 16 06:08:26 SilenceServices sshd[13851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.56.133 Sep 16 06:08:28 SilenceServices sshd[13851]: Failed password for invalid user toor from 51.91.56.133 port 48910 ssh2 Sep 16 06:12:08 SilenceServices sshd[15359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.56.133	2019-09-16 15:31:36
83.246.93.210	attack	Reported by AbuseIPDB proxy server.	2019-09-16 15:25:28
106.13.59.131	attackspam	ssh failed login	2019-09-16 15:54:57
61.219.11.153	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-16 16:06:43
221.226.212.178	attackspambots	Sep 15 23:10:57 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=221.226.212.178, lip=10.140.194.78, TLS, session= Sep 15 23:10:57 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=221.226.212.178, lip=10.140.194.78, TLS, session= Sep 15 23:11:07 flomail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 10 secs): user=, method=PLAIN, rip=221.226.212.178, lip=10.140.194.78, TLS, session=	2019-09-16 15:39:37
117.58.241.164	attackbotsspam	2019-09-16 H=$host-244-243-58-117.alwayson.net.bd$ \[117.58.241.164\] F=\ rejected RCPT \: Mail not accepted. 117.58.241.164 is listed at a DNSBL. 2019-09-16 H=$host-244-243-58-117.alwayson.net.bd$ \[117.58.241.164\] F=\ rejected RCPT \: Mail not accepted. 117.58.241.164 is listed at a DNSBL. 2019-09-16 H=$host-244-243-58-117.alwayson.net.bd$ \[117.58.241.164\] F=\ rejected RCPT \<REMOVED@REMOVED.de\>: Mail not accepted. 117.58.241.164 is listed at a DNSBL.	2019-09-16 15:38:41
134.19.218.134	attackspam	Invalid user felix from 134.19.218.134 port 47294	2019-09-16 15:32:59
124.158.7.146	attack	Sep 16 10:18:39 server sshd\[13551\]: User root from 124.158.7.146 not allowed because listed in DenyUsers Sep 16 10:18:39 server sshd\[13551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.7.146 user=root Sep 16 10:18:40 server sshd\[13551\]: Failed password for invalid user root from 124.158.7.146 port 63358 ssh2 Sep 16 10:18:43 server sshd\[13551\]: Failed password for invalid user root from 124.158.7.146 port 63358 ssh2 Sep 16 10:18:46 server sshd\[13551\]: Failed password for invalid user root from 124.158.7.146 port 63358 ssh2	2019-09-16 15:30:54
46.101.205.211	attack	Invalid user moses from 46.101.205.211 port 33736	2019-09-16 15:58:58
59.28.91.30	attackspambots	Sep 15 23:25:11 hcbbdb sshd\[30033\]: Invalid user qhsupport from 59.28.91.30 Sep 15 23:25:11 hcbbdb sshd\[30033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.28.91.30 Sep 15 23:25:13 hcbbdb sshd\[30033\]: Failed password for invalid user qhsupport from 59.28.91.30 port 46408 ssh2 Sep 15 23:29:59 hcbbdb sshd\[30550\]: Invalid user console from 59.28.91.30 Sep 15 23:29:59 hcbbdb sshd\[30550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.28.91.30	2019-09-16 15:53:08
35.231.6.102	attackbotsspam	Sep 15 21:06:55 ny01 sshd[19644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.231.6.102 Sep 15 21:06:56 ny01 sshd[19644]: Failed password for invalid user rashid from 35.231.6.102 port 39964 ssh2 Sep 15 21:10:59 ny01 sshd[20388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.231.6.102	2019-09-16 15:46:52
185.176.27.166	attackbotsspam	Port-scan: detected 113 distinct ports within a 24-hour window.	2019-09-16 16:08:55
207.154.215.236	attackspambots	Sep 15 22:03:24 web9 sshd\[18055\]: Invalid user gz from 207.154.215.236 Sep 15 22:03:24 web9 sshd\[18055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.215.236 Sep 15 22:03:26 web9 sshd\[18055\]: Failed password for invalid user gz from 207.154.215.236 port 33432 ssh2 Sep 15 22:07:31 web9 sshd\[18814\]: Invalid user thomas from 207.154.215.236 Sep 15 22:07:31 web9 sshd\[18814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.215.236	2019-09-16 16:07:52
200.196.249.170	attack	Sep 15 22:48:42 xtremcommunity sshd\[129973\]: Invalid user applmgr from 200.196.249.170 port 60522 Sep 15 22:48:42 xtremcommunity sshd\[129973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.249.170 Sep 15 22:48:44 xtremcommunity sshd\[129973\]: Failed password for invalid user applmgr from 200.196.249.170 port 60522 ssh2 Sep 15 22:54:16 xtremcommunity sshd\[130111\]: Invalid user ftppas@123 from 200.196.249.170 port 47578 Sep 15 22:54:16 xtremcommunity sshd\[130111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.196.249.170 ...	2019-09-16 15:36:32
190.64.137.171	attack	Sep 16 09:25:01 meumeu sshd[412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.137.171 Sep 16 09:25:03 meumeu sshd[412]: Failed password for invalid user debi from 190.64.137.171 port 56002 ssh2 Sep 16 09:29:52 meumeu sshd[1003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.137.171 ...	2019-09-16 15:32:08

Recently Reported IPs

117.200.228.84	117.63.48.176	114.47.118.68	114.40.111.25
114.39.184.243	8.196.187.81	114.35.12.183	114.33.220.240
89.232.189.47	114.33.83.88	34.14.48.16	164.128.59.121
113.118.160.90	83.167.246.168	112.200.230.62	111.251.25.193
111.243.28.22	111.91.123.245	110.169.221.152	106.113.134.55