148.70.134.52 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Mar 10 20:05:45 hcbbdb sshd\[7782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=mysql Mar 10 20:05:47 hcbbdb sshd\[7782\]: Failed password for mysql from 148.70.134.52 port 56382 ssh2 Mar 10 20:15:39 hcbbdb sshd\[8857\]: Invalid user admin from 148.70.134.52 Mar 10 20:15:39 hcbbdb sshd\[8857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Mar 10 20:15:41 hcbbdb sshd\[8857\]: Failed password for invalid user admin from 148.70.134.52 port 60758 ssh2	2020-03-11 07:32:48
attack	Feb 19 04:25:27 php1 sshd\[4401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=backup Feb 19 04:25:29 php1 sshd\[4401\]: Failed password for backup from 148.70.134.52 port 45086 ssh2 Feb 19 04:34:28 php1 sshd\[5294\]: Invalid user cnc from 148.70.134.52 Feb 19 04:34:28 php1 sshd\[5294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Feb 19 04:34:30 php1 sshd\[5294\]: Failed password for invalid user cnc from 148.70.134.52 port 44678 ssh2	2020-02-19 23:03:51
attackbots	Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]	2020-02-01 23:45:21
attackbots	Unauthorized connection attempt detected from IP address 148.70.134.52 to port 2220 [J]	2020-01-27 15:38:04
attackbotsspam	"SSH brute force auth login attempt."	2020-01-23 18:16:45
attackspam	Dec 26 01:22:16 plusreed sshd[28766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Dec 26 01:22:18 plusreed sshd[28766]: Failed password for root from 148.70.134.52 port 47318 ssh2 Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52 Dec 26 01:30:01 plusreed sshd[30659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 26 01:30:01 plusreed sshd[30659]: Invalid user schiller from 148.70.134.52 Dec 26 01:30:03 plusreed sshd[30659]: Failed password for invalid user schiller from 148.70.134.52 port 41544 ssh2 ...	2019-12-26 14:41:54
attack	2019-12-09T08:31:15.818954abusebot-6.cloudsearch.cf sshd\[28359\]: Invalid user php5 from 148.70.134.52 port 50096	2019-12-09 17:25:51
attackspambots	Dec 8 19:27:11 lnxded63 sshd[7713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 8 19:27:13 lnxded63 sshd[7713]: Failed password for invalid user kuestner from 148.70.134.52 port 41350 ssh2 Dec 8 19:33:40 lnxded63 sshd[8178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-12-09 03:07:25
attack	Dec 5 17:57:48 sauna sshd[110348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Dec 5 17:57:50 sauna sshd[110348]: Failed password for invalid user biochem from 148.70.134.52 port 42898 ssh2 ...	2019-12-06 00:00:10
attackspam	Dec 3 15:17:00 *** sshd[16722]: User backup from 148.70.134.52 not allowed because not listed in AllowUsers	2019-12-04 01:41:17
attackspambots	$f2bV_matches	2019-11-24 20:52:31
attackspambots	Nov 19 02:13:11 heissa sshd\[20706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=uucp Nov 19 02:13:12 heissa sshd\[20706\]: Failed password for uucp from 148.70.134.52 port 43158 ssh2 Nov 19 02:17:35 heissa sshd\[21370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 19 02:17:37 heissa sshd\[21370\]: Failed password for root from 148.70.134.52 port 51052 ssh2 Nov 19 02:22:05 heissa sshd\[22117\]: Invalid user youji from 148.70.134.52 port 58964 Nov 19 02:22:05 heissa sshd\[22117\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-11-19 09:23:50
attackbots	Nov 8 10:51:51 lanister sshd[28108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 8 10:51:53 lanister sshd[28108]: Failed password for root from 148.70.134.52 port 46950 ssh2 Nov 8 10:57:58 lanister sshd[28181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root Nov 8 10:58:00 lanister sshd[28181]: Failed password for root from 148.70.134.52 port 56492 ssh2 ...	2019-11-09 05:18:34
attackbots	2019-11-06T23:16:19.376940abusebot-2.cloudsearch.cf sshd\[32351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root	2019-11-07 07:22:32
attack	Oct 30 21:42:01 legacy sshd[17087]: Failed password for root from 148.70.134.52 port 38932 ssh2 Oct 30 21:46:51 legacy sshd[17213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Oct 30 21:46:54 legacy sshd[17213]: Failed password for invalid user it from 148.70.134.52 port 50654 ssh2 ...	2019-10-31 06:00:50
attackspam	Oct 30 19:45:49 legacy sshd[13930]: Failed password for root from 148.70.134.52 port 51474 ssh2 Oct 30 19:51:19 legacy sshd[14084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Oct 30 19:51:21 legacy sshd[14084]: Failed password for invalid user student4 from 148.70.134.52 port 34994 ssh2 ...	2019-10-31 03:03:09
attackspam	2019-10-22T11:42:16.912625abusebot-6.cloudsearch.cf sshd\[9604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 user=root	2019-10-23 04:03:28
attackspambots	SSH Bruteforce	2019-10-21 21:40:55
attack	Oct 17 07:09:18 www sshd\[21905\]: Failed password for root from 148.70.134.52 port 53136 ssh2Oct 17 07:14:22 www sshd\[21975\]: Invalid user \* from 148.70.134.52Oct 17 07:14:24 www sshd\[21975\]: Failed password for invalid user \* from 148.70.134.52 port 35430 ssh2 ...	2019-10-17 14:23:50
attackbotsspam	Sep 28 12:36:25 localhost sshd\[47649\]: Invalid user vps from 148.70.134.52 port 57220 Sep 28 12:36:25 localhost sshd\[47649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Sep 28 12:36:27 localhost sshd\[47649\]: Failed password for invalid user vps from 148.70.134.52 port 57220 ssh2 Sep 28 12:41:57 localhost sshd\[47900\]: Invalid user uuidd from 148.70.134.52 port 40444 Sep 28 12:41:57 localhost sshd\[47900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 ...	2019-09-28 20:49:05
attackbotsspam	Sep 12 17:50:47 core sshd[10321]: Invalid user 1q2w3e4r from 148.70.134.52 port 42220 Sep 12 17:50:49 core sshd[10321]: Failed password for invalid user 1q2w3e4r from 148.70.134.52 port 42220 ssh2 ...	2019-09-13 01:53:47
attack	Aug 25 10:54:28 hpm sshd\[10888\]: Invalid user pasquale from 148.70.134.52 Aug 25 10:54:28 hpm sshd\[10888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Aug 25 10:54:31 hpm sshd\[10888\]: Failed password for invalid user pasquale from 148.70.134.52 port 44202 ssh2 Aug 25 10:59:08 hpm sshd\[11263\]: Invalid user va from 148.70.134.52 Aug 25 10:59:08 hpm sshd\[11263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-08-26 05:18:24
attack	Aug 16 18:47:22 xtremcommunity sshd\[4848\]: Invalid user a from 148.70.134.52 port 46444 Aug 16 18:47:22 xtremcommunity sshd\[4848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Aug 16 18:47:24 xtremcommunity sshd\[4848\]: Failed password for invalid user a from 148.70.134.52 port 46444 ssh2 Aug 16 18:52:29 xtremcommunity sshd\[5084\]: Invalid user support from 148.70.134.52 port 36180 Aug 16 18:52:29 xtremcommunity sshd\[5084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 ...	2019-08-17 06:53:57
attackbotsspam	frenzy	2019-08-03 10:43:04
attackspam	Jul 29 20:25:25 OPSO sshd\[30532\]: Invalid user fredfred from 148.70.134.52 port 33934 Jul 29 20:25:25 OPSO sshd\[30532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52 Jul 29 20:25:27 OPSO sshd\[30532\]: Failed password for invalid user fredfred from 148.70.134.52 port 33934 ssh2 Jul 29 20:30:43 OPSO sshd\[31222\]: Invalid user kotenok from 148.70.134.52 port 55546 Jul 29 20:30:43 OPSO sshd\[31222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.134.52	2019-07-30 03:36:58

Comments on same subnet:

IP	Type	Details	Datetime
148.70.134.245	attackspambots	" "	2019-07-22 15:56:35
148.70.134.245	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-18 04:40:06
148.70.134.245	attackspambots	Port scan: Attack repeated for 24 hours	2019-07-17 20:36:19
148.70.134.245	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-08 09:26:39

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.134.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58894
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.134.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 00:55:21 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 52.134.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.134.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.177.176.162	attackspambots	Jul 15 14:44:31 sshgateway sshd\[6127\]: Invalid user petern from 94.177.176.162 Jul 15 14:44:31 sshgateway sshd\[6127\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.176.162 Jul 15 14:44:34 sshgateway sshd\[6127\]: Failed password for invalid user petern from 94.177.176.162 port 43246 ssh2	2019-07-15 22:55:06
81.26.66.36	attack	Jul 15 12:31:05 [munged] sshd[2987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.26.66.36	2019-07-15 22:41:37
91.206.15.248	attackspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-15 22:23:13
104.42.158.117	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-15 23:16:57
54.37.66.73	attack	Automatic report - Banned IP Access	2019-07-15 22:18:01
109.169.11.211	attackspambots	smtp port probing	2019-07-15 22:46:05
202.122.23.70	attackspambots	Invalid user prueba from 202.122.23.70 port 42831	2019-07-15 22:55:39
129.213.172.170	attackbots	Jul 15 06:05:19 vps200512 sshd\[4493\]: Invalid user enlace from 129.213.172.170 Jul 15 06:05:19 vps200512 sshd\[4493\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.172.170 Jul 15 06:05:21 vps200512 sshd\[4493\]: Failed password for invalid user enlace from 129.213.172.170 port 17773 ssh2 Jul 15 06:08:42 vps200512 sshd\[4510\]: Invalid user suman from 129.213.172.170 Jul 15 06:08:42 vps200512 sshd\[4510\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.172.170	2019-07-15 23:10:44
5.90.76.64	attack	Jul1508:13:08server2dovecot:imap-login:Abortedlogin$authfailed\,1attemptsin2secs$:user=\\,method=PLAIN\,rip=5.90.76.64\,lip=136.243.224.50\,TLS\,session=\Jul1508:13:14server2dovecot:imap-login:Abortedlogin$authfailed\,1attemptsin6secs$:user=\\,method=PLAIN\,rip=5.90.76.64\,lip=136.243.224.50\,TLS\,session=\Jul1508:13:21server2dovecot:imap-login:Abortedlogin$authfailed\,1attemptsin6secs$:user=\\,method=PLAIN\,rip=5.90.76.64\,lip=136.243.224.50\,TLS\,session=\Jul1508:13:26server2dovecot:imap-login:Disconnected$authfailed\,1attemptsin6secs$:user=\\,method=PLAIN\,rip=5.90.76.64\,lip=136.243.224.50\,TLS:Connectionclosed\,session=\Jul1508:17:29server2dovecot:imap-login:Abortedlogin$authfailed\,1attemptsin2secs$:user=\\,method=PLAIN\,rip=5.90.76.64\,lip=136.243.224.50\,TLS\,session=\Jul1508	2019-07-15 22:52:16
94.176.77.82	attackspam	(Jul 15) LEN=40 TTL=244 ID=7981 DF TCP DPT=23 WINDOW=14600 SYN (Jul 15) LEN=40 TTL=244 ID=10861 DF TCP DPT=23 WINDOW=14600 SYN (Jul 15) LEN=40 TTL=244 ID=61075 DF TCP DPT=23 WINDOW=14600 SYN (Jul 15) LEN=40 TTL=244 ID=64924 DF TCP DPT=23 WINDOW=14600 SYN (Jul 15) LEN=40 TTL=244 ID=12073 DF TCP DPT=23 WINDOW=14600 SYN (Jul 15) LEN=40 TTL=244 ID=24937 DF TCP DPT=23 WINDOW=14600 SYN (Jul 15) LEN=40 TTL=244 ID=12591 DF TCP DPT=23 WINDOW=14600 SYN (Jul 14) LEN=40 TTL=244 ID=29726 DF TCP DPT=23 WINDOW=14600 SYN (Jul 14) LEN=40 TTL=244 ID=61278 DF TCP DPT=23 WINDOW=14600 SYN (Jul 14) LEN=40 TTL=244 ID=63692 DF TCP DPT=23 WINDOW=14600 SYN (Jul 14) LEN=40 TTL=244 ID=6499 DF TCP DPT=23 WINDOW=14600 SYN (Jul 14) LEN=40 TTL=244 ID=63625 DF TCP DPT=23 WINDOW=14600 SYN (Jul 14) LEN=40 TTL=244 ID=17414 DF TCP DPT=23 WINDOW=14600 SYN	2019-07-15 22:51:37
212.83.163.205	attack	Honeypot attack, port: 445, PTR: 212-83-163-205.rev.poneytelecom.eu.	2019-07-15 22:48:57
185.234.216.140	attackspambots	smtp port probing	2019-07-15 23:01:01
197.224.140.125	attack	Jul 15 07:20:02 MK-Soft-VM6 sshd\[9103\]: Invalid user servidor from 197.224.140.125 port 43610 Jul 15 07:20:02 MK-Soft-VM6 sshd\[9103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.224.140.125 Jul 15 07:20:05 MK-Soft-VM6 sshd\[9103\]: Failed password for invalid user servidor from 197.224.140.125 port 43610 ssh2 ...	2019-07-15 23:12:42
176.31.123.76	attack	SQL uri injection	2019-07-15 22:13:47
189.252.48.180	attack	Honeypot attack, port: 23, PTR: dsl-189-252-48-180-dyn.prod-infinitum.com.mx.	2019-07-15 22:50:57

Recently Reported IPs

94.113.61.145	119.54.49.138	129.123.179.214	67.216.224.29
54.202.120.113	155.8.37.78	108.35.250.15	101.152.117.135
168.228.185.211	124.233.255.149	117.4.162.42	94.189.187.11
149.222.152.140	67.205.138.125	18.4.79.239	61.121.229.187
83.56.51.65	78.189.117.35	97.206.104.198	124.18.99.60