148.70.14.215 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.70.149.39	attackspam	Automatic report - Banned IP Access	2020-10-12 21:23:15
148.70.149.39	attack	Oct 12 04:47:44 *** sshd[4974]: User root from 148.70.149.39 not allowed because not listed in AllowUsers	2020-10-12 12:53:33
148.70.149.39	attackbots	SSH Bruteforce Attempt on Honeypot	2020-10-05 07:52:36
148.70.149.39	attackbotsspam	vps:sshd-InvalidUser	2020-10-05 00:12:23
148.70.149.39	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T21:05:13Z and 2020-09-28T21:22:52Z	2020-09-29 06:55:27
148.70.149.39	attackbots	(sshd) Failed SSH login from 148.70.149.39 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 14:01:30 server2 sshd[13641]: Invalid user trade from 148.70.149.39 port 34092 Sep 28 14:01:33 server2 sshd[13641]: Failed password for invalid user trade from 148.70.149.39 port 34092 ssh2 Sep 28 14:14:11 server2 sshd[16006]: Invalid user lj from 148.70.149.39 port 54884 Sep 28 14:14:13 server2 sshd[16006]: Failed password for invalid user lj from 148.70.149.39 port 54884 ssh2 Sep 28 14:22:37 server2 sshd[17482]: Invalid user sistema from 148.70.149.39 port 33408	2020-09-28 23:23:37
148.70.14.121	attackbots	Sep 22 14:03:09 ns382633 sshd\[12429\]: Invalid user catherine from 148.70.14.121 port 44206 Sep 22 14:03:09 ns382633 sshd\[12429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 Sep 22 14:03:11 ns382633 sshd\[12429\]: Failed password for invalid user catherine from 148.70.14.121 port 44206 ssh2 Sep 22 14:11:24 ns382633 sshd\[14125\]: Invalid user copy from 148.70.14.121 port 33718 Sep 22 14:11:24 ns382633 sshd\[14125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121	2020-09-22 22:56:07
148.70.14.121	attack	Sep 22 09:00:26 ns381471 sshd[15166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 Sep 22 09:00:28 ns381471 sshd[15166]: Failed password for invalid user james from 148.70.14.121 port 36778 ssh2	2020-09-22 15:00:47
148.70.14.121	attackbots	2020-09-21T15:01:37.7680171495-001 sshd[42956]: Invalid user db from 148.70.14.121 port 48066 2020-09-21T15:01:37.7710491495-001 sshd[42956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 2020-09-21T15:01:37.7680171495-001 sshd[42956]: Invalid user db from 148.70.14.121 port 48066 2020-09-21T15:01:39.3387951495-001 sshd[42956]: Failed password for invalid user db from 148.70.14.121 port 48066 ssh2 2020-09-21T15:04:00.6466881495-001 sshd[43075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 user=root 2020-09-21T15:04:02.8466871495-001 sshd[43075]: Failed password for root from 148.70.14.121 port 43336 ssh2 ...	2020-09-22 07:02:12
148.70.149.39	attack	Sep 21 12:42:43 ourumov-web sshd\[15034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 21 12:42:45 ourumov-web sshd\[15034\]: Failed password for root from 148.70.149.39 port 51236 ssh2 Sep 21 12:48:22 ourumov-web sshd\[15390\]: Invalid user jenkins from 148.70.149.39 port 45552 ...	2020-09-21 21:08:48
148.70.149.39	attack	fail2ban detected brute force on sshd	2020-09-21 12:55:48
148.70.149.39	attackspam	Bruteforce detected by fail2ban	2020-09-21 04:47:23
148.70.149.39	attack	148.70.149.39 (CN/China/-), 9 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 13:03:10 server4 sshd[16368]: Invalid user admin from 71.11.134.32 Sep 20 12:53:10 server4 sshd[10082]: Invalid user admin from 24.237.89.47 Sep 20 12:53:17 server4 sshd[10390]: Invalid user admin from 148.70.149.39 Sep 20 12:53:19 server4 sshd[10390]: Failed password for invalid user admin from 148.70.149.39 port 59694 ssh2 Sep 20 12:57:11 server4 sshd[12743]: Failed password for invalid user admin from 96.42.78.206 port 35605 ssh2 Sep 20 12:57:12 server4 sshd[12773]: Invalid user admin from 96.42.78.206 Sep 20 12:57:07 server4 sshd[12739]: Invalid user admin from 96.42.78.206 Sep 20 12:57:08 server4 sshd[12739]: Failed password for invalid user admin from 96.42.78.206 port 35526 ssh2 Sep 20 12:57:09 server4 sshd[12743]: Invalid user admin from 96.42.78.206 IP Addresses Blocked: 71.11.134.32 (US/United States/-) 24.237.89.47 (US/United States/-)	2020-09-21 01:26:05
148.70.149.39	attackspambots	2020-09-20T10:10:30.071493ollin.zadara.org sshd[788155]: Invalid user postgresql from 148.70.149.39 port 46284 2020-09-20T10:10:31.682239ollin.zadara.org sshd[788155]: Failed password for invalid user postgresql from 148.70.149.39 port 46284 ssh2 ...	2020-09-20 17:25:03
148.70.149.39	attackbots	Time: Mon Sep 7 18:38:15 2020 +0200 IP: 148.70.149.39 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 7 18:33:10 mail-03 sshd[30399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:33:12 mail-03 sshd[30399]: Failed password for root from 148.70.149.39 port 34256 ssh2 Sep 7 18:36:18 mail-03 sshd[30568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:36:20 mail-03 sshd[30568]: Failed password for root from 148.70.149.39 port 58714 ssh2 Sep 7 18:38:11 mail-03 sshd[30677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root	2020-09-08 02:30:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.14.215
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51683
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.70.14.215.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 07:51:36 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 215.14.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 215.14.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
39.78.92.84	attackspambots	Unauthorised access (Dec 27) SRC=39.78.92.84 LEN=40 TTL=49 ID=23663 TCP DPT=23 WINDOW=15563 SYN	2019-12-27 19:04:40
162.244.81.46	attack	Host Scan	2019-12-27 19:05:04
92.207.166.44	attack	$f2bV_matches	2019-12-27 19:16:45
51.77.211.94	attackbotsspam	--- report --- Dec 27 07:31:52 sshd: Connection from 51.77.211.94 port 58224	2019-12-27 18:57:54
46.105.125.98	attackbotsspam	Lines containing failures of 46.105.125.98 Dec 25 22:09:13 siirappi sshd[13249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.125.98 user=r.r Dec 25 22:09:15 siirappi sshd[13249]: Failed password for r.r from 46.105.125.98 port 59410 ssh2 Dec 25 22:09:15 siirappi sshd[13249]: Received disconnect from 46.105.125.98 port 59410:11: Bye Bye [preauth] Dec 25 22:09:15 siirappi sshd[13249]: Disconnected from 46.105.125.98 port 59410 [preauth] Dec 25 22:20:47 siirappi sshd[13422]: Invalid user stack from 46.105.125.98 port 36244 Dec 25 22:20:47 siirappi sshd[13422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.125.98 Dec 25 22:20:49 siirappi sshd[13422]: Failed password for invalid user stack from 46.105.125.98 port 36244 ssh2 Dec 25 22:20:50 siirappi sshd[13422]: Received disconnect from 46.105.125.98 port 36244:11: Bye Bye [preauth] Dec 25 22:20:50 siirappi sshd[13422]: Disconn........ ------------------------------	2019-12-27 19:04:14
159.65.136.141	attackspambots	Invalid user training from 159.65.136.141 port 36342	2019-12-27 19:08:57
112.85.42.227	attackbots	Dec 27 06:05:44 TORMINT sshd\[3515\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root Dec 27 06:05:46 TORMINT sshd\[3515\]: Failed password for root from 112.85.42.227 port 36328 ssh2 Dec 27 06:11:07 TORMINT sshd\[3820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root ...	2019-12-27 19:15:09
159.65.9.28	attackbotsspam	Invalid user xd from 159.65.9.28 port 50332	2019-12-27 19:32:25
159.203.193.42	attack	[portscan] tcp/993 [imaps] *(RWIN=65535)(12271226)	2019-12-27 19:03:53
37.49.230.67	attackbotsspam	Host Scan	2019-12-27 19:19:32
187.0.211.99	attack	Dec 27 12:01:16 pornomens sshd\[19499\]: Invalid user thorjussen from 187.0.211.99 port 54814 Dec 27 12:01:16 pornomens sshd\[19499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.0.211.99 Dec 27 12:01:18 pornomens sshd\[19499\]: Failed password for invalid user thorjussen from 187.0.211.99 port 54814 ssh2 ...	2019-12-27 19:06:20
103.4.94.138	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 27-12-2019 06:25:14.	2019-12-27 18:52:40
1.246.223.47	attackbots	" "	2019-12-27 19:14:30
106.52.234.191	attackbotsspam	Dec 27 09:28:17 vps691689 sshd[5230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.234.191 Dec 27 09:28:20 vps691689 sshd[5230]: Failed password for invalid user phillip from 106.52.234.191 port 41479 ssh2 ...	2019-12-27 19:07:02
159.89.148.68	attackbots	159.89.148.68 - - [27/Dec/2019:06:25:01 +0000] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.148.68 - - [27/Dec/2019:06:25:02 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-27 19:05:40

Recently Reported IPs

156.214.95.21	95.107.227.168	189.213.149.218	120.85.119.111
73.205.125.220	156.198.104.243	77.3.42.15	117.150.187.152
42.235.88.14	177.93.197.156	71.167.143.130	109.74.211.68
59.95.65.192	89.148.151.64	179.191.86.91	185.146.59.237
100.2.208.140	119.93.20.210	95.111.242.160	178.167.77.232