148.70.125.239

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.70.125.207	attackspam	Unauthorized SSH login attempts	2020-07-30 21:16:44
148.70.125.42	attack	" "	2020-07-23 17:29:33
148.70.125.207	attack	Invalid user jared from 148.70.125.207 port 33742	2020-07-18 07:07:45
148.70.125.207	attack	Jul 17 13:51:26 mockhub sshd[27474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 Jul 17 13:51:28 mockhub sshd[27474]: Failed password for invalid user user from 148.70.125.207 port 60574 ssh2 ...	2020-07-18 04:56:35
148.70.125.42	attackspambots	$f2bV_matches	2020-07-11 06:54:26
148.70.125.42	attack	Unauthorized connection attempt detected from IP address 148.70.125.42 to port 788	2020-07-05 04:25:25
148.70.125.42	attack	Jun 29 20:27:47 124388 sshd[2168]: Failed password for invalid user alice from 148.70.125.42 port 32768 ssh2 Jun 29 20:31:33 124388 sshd[2334]: Invalid user oracle from 148.70.125.42 port 60618 Jun 29 20:31:33 124388 sshd[2334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 Jun 29 20:31:33 124388 sshd[2334]: Invalid user oracle from 148.70.125.42 port 60618 Jun 29 20:31:35 124388 sshd[2334]: Failed password for invalid user oracle from 148.70.125.42 port 60618 ssh2	2020-06-30 05:36:57
148.70.125.42	attackspambots	Invalid user yuhao from 148.70.125.42 port 48848	2020-06-14 16:03:20
148.70.125.207	attackspambots	2020-06-11T04:08:43.418075shield sshd\[19244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root 2020-06-11T04:08:45.255073shield sshd\[19244\]: Failed password for root from 148.70.125.207 port 39608 ssh2 2020-06-11T04:14:07.231455shield sshd\[21019\]: Invalid user admin from 148.70.125.207 port 41726 2020-06-11T04:14:07.234972shield sshd\[21019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 2020-06-11T04:14:09.889112shield sshd\[21019\]: Failed password for invalid user admin from 148.70.125.207 port 41726 ssh2	2020-06-11 12:58:08
148.70.125.42	attackspambots	Jun 10 19:57:47 vlre-nyc-1 sshd\[10457\]: Invalid user selnagar from 148.70.125.42 Jun 10 19:57:47 vlre-nyc-1 sshd\[10457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 Jun 10 19:57:50 vlre-nyc-1 sshd\[10457\]: Failed password for invalid user selnagar from 148.70.125.42 port 49964 ssh2 Jun 10 20:07:24 vlre-nyc-1 sshd\[10627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root Jun 10 20:07:27 vlre-nyc-1 sshd\[10627\]: Failed password for root from 148.70.125.42 port 34160 ssh2 ...	2020-06-11 04:57:42
148.70.125.207	attackspam	(sshd) Failed SSH login from 148.70.125.207 (CN/China/-): 5 in the last 3600 secs	2020-06-09 19:51:57
148.70.125.207	attackspambots	Jun 8 17:19:21 datentool sshd[18188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:19:23 datentool sshd[18188]: Failed password for r.r from 148.70.125.207 port 38922 ssh2 Jun 8 17:24:43 datentool sshd[18251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:24:45 datentool sshd[18251]: Failed password for r.r from 148.70.125.207 port 55026 ssh2 Jun 8 17:27:04 datentool sshd[18265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:27:07 datentool sshd[18265]: Failed password for r.r from 148.70.125.207 port 49190 ssh2 Jun 8 17:29:26 datentool sshd[18280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=r.r Jun 8 17:29:27 datentool sshd[18280]: Failed password for r.r from 148.70.125......... -------------------------------	2020-06-09 01:38:03
148.70.125.42	attack	Jun 5 19:29:15 auw2 sshd\[22857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root Jun 5 19:29:17 auw2 sshd\[22857\]: Failed password for root from 148.70.125.42 port 39514 ssh2 Jun 5 19:33:17 auw2 sshd\[23168\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root Jun 5 19:33:18 auw2 sshd\[23168\]: Failed password for root from 148.70.125.42 port 54936 ssh2 Jun 5 19:37:15 auw2 sshd\[23456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 user=root	2020-06-06 14:11:18
148.70.125.207	attackspam	May 26 17:55:03 mail sshd[10962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 17:55:05 mail sshd[10962]: Failed password for root from 148.70.125.207 port 59764 ssh2 May 26 18:08:53 mail sshd[12786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 18:08:55 mail sshd[12786]: Failed password for root from 148.70.125.207 port 37616 ssh2 May 26 18:13:29 mail sshd[13430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 18:13:31 mail sshd[13430]: Failed password for root from 148.70.125.207 port 49412 ssh2 ...	2020-05-27 01:59:34
148.70.125.42	attack	May 26 01:18:42 piServer sshd[30784]: Failed password for root from 148.70.125.42 port 37396 ssh2 May 26 01:24:05 piServer sshd[31251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.42 May 26 01:24:07 piServer sshd[31251]: Failed password for invalid user crossley from 148.70.125.42 port 40944 ssh2 ...	2020-05-26 11:46:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.125.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21737
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.125.239.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 00:37:21 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 239.125.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 239.125.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.7.116.79	attackspam	May 10 12:41:06 garuda postfix/smtpd[14884]: connect from unknown[218.7.116.79] May 10 12:41:06 garuda postfix/smtpd[14884]: warning: unknown[218.7.116.79]: SASL LOGIN authentication failed: generic failure May 10 12:41:07 garuda postfix/smtpd[14884]: lost connection after AUTH from unknown[218.7.116.79] May 10 12:41:07 garuda postfix/smtpd[14884]: disconnect from unknown[218.7.116.79] ehlo=1 auth=0/1 commands=1/2 May 10 12:41:07 garuda postfix/smtpd[14884]: connect from unknown[218.7.116.79] May 10 12:41:08 garuda postfix/smtpd[14884]: warning: unknown[218.7.116.79]: SASL LOGIN authentication failed: generic failure May 10 12:41:08 garuda postfix/smtpd[14884]: lost connection after AUTH from unknown[218.7.116.79] May 10 12:41:08 garuda postfix/smtpd[14884]: disconnect from unknown[218.7.116.79] ehlo=1 auth=0/1 commands=1/2 May 10 12:41:08 garuda postfix/smtpd[14884]: connect from unknown[218.7.116.79] May 10 12:41:09 garuda postfix/smtpd[14884]: warning: unknown[218.7......... -------------------------------	2020-05-11 02:57:05
75.109.199.102	attackspambots	May 10 14:31:52 vps647732 sshd[15016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.109.199.102 May 10 14:31:54 vps647732 sshd[15016]: Failed password for invalid user apiuser from 75.109.199.102 port 42600 ssh2 ...	2020-05-11 02:41:14
31.44.241.33	attackbotsspam	Honeypot attack, port: 445, PTR: 31-44-241-33.tv-alpari.ru.	2020-05-11 02:59:19
64.227.58.213	attackbots	May 10 19:13:07 Invalid user deploy from 64.227.58.213 port 39306	2020-05-11 02:53:14
176.63.178.99	attackspambots	Port probing on unauthorized port 23	2020-05-11 02:58:17
192.236.179.149	attackspambots	Unauthorized connection attempt detected from IP address 192.236.179.149 to port 23	2020-05-11 02:42:43
139.162.122.110	attackspambots	2020-05-10T15:33:10.083362randservbullet-proofcloud-66.localdomain sshd[24912]: Invalid user from 139.162.122.110 port 60464 2020-05-10T15:33:10.337825randservbullet-proofcloud-66.localdomain sshd[24912]: Failed none for invalid user from 139.162.122.110 port 60464 ssh2 2020-05-10T15:33:10.083362randservbullet-proofcloud-66.localdomain sshd[24912]: Invalid user from 139.162.122.110 port 60464 2020-05-10T15:33:10.337825randservbullet-proofcloud-66.localdomain sshd[24912]: Failed none for invalid user from 139.162.122.110 port 60464 ssh2 ...	2020-05-11 02:36:52
223.71.80.37	attackspam	2020/5/9 10:34:09 Firewall[240]: DoS Attack - TCP SYN Flooding IN=erouter0 OUT= MAC=48:1d:70:de:3a:51:00:01:5c:32:7b:01:08:00 SRC=223.71.80.37 DST= LEN=40 TOS=00 PREC=0x00 TTL=96 ID=256 PROTO=TCP SPT=6000 DPT=8433 SEQ=807731200 ACK	2020-05-11 02:43:33
139.59.60.196	attack	May 10 14:46:18 wordpress wordpress(www.ruhnke.cloud)[4670]: Blocked authentication attempt for admin from ::ffff:139.59.60.196	2020-05-11 02:52:31
70.89.90.10	attackbotsspam	Honeypot attack, port: 81, PTR: 70-89-90-10-atlanta-ga.hfc.comcastbusiness.net.	2020-05-11 02:35:12
158.101.166.68	attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-05-11 02:50:15
183.88.243.115	attackspambots	Dovecot Invalid User Login Attempt.	2020-05-11 02:39:20
122.227.116.155	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-11 03:07:59
196.188.0.110	attackspambots	20/5/10@08:09:30: FAIL: Alarm-Network address from=196.188.0.110 ...	2020-05-11 02:42:12
192.34.63.128	attackspambots	frenzy	2020-05-11 02:59:42

Recently Reported IPs

213.146.201.240	39.13.181.135	160.127.229.217	191.75.113.237
68.183.181.79	51.91.194.105	129.36.37.139	109.53.213.119
151.99.174.24	88.43.91.30	1.252.152.29	115.186.58.62
82.186.107.146	2.54.85.190	167.136.186.77	184.150.86.48
24.75.130.27	111.148.251.101	108.198.246.230	213.174.153.231