148.70.14.39 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.70.149.39	attackspam	Automatic report - Banned IP Access	2020-10-12 21:23:15
148.70.149.39	attack	Oct 12 04:47:44 *** sshd[4974]: User root from 148.70.149.39 not allowed because not listed in AllowUsers	2020-10-12 12:53:33
148.70.149.39	attackbots	SSH Bruteforce Attempt on Honeypot	2020-10-05 07:52:36
148.70.149.39	attackbotsspam	vps:sshd-InvalidUser	2020-10-05 00:12:23
148.70.149.39	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T21:05:13Z and 2020-09-28T21:22:52Z	2020-09-29 06:55:27
148.70.149.39	attackbots	(sshd) Failed SSH login from 148.70.149.39 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 14:01:30 server2 sshd[13641]: Invalid user trade from 148.70.149.39 port 34092 Sep 28 14:01:33 server2 sshd[13641]: Failed password for invalid user trade from 148.70.149.39 port 34092 ssh2 Sep 28 14:14:11 server2 sshd[16006]: Invalid user lj from 148.70.149.39 port 54884 Sep 28 14:14:13 server2 sshd[16006]: Failed password for invalid user lj from 148.70.149.39 port 54884 ssh2 Sep 28 14:22:37 server2 sshd[17482]: Invalid user sistema from 148.70.149.39 port 33408	2020-09-28 23:23:37
148.70.14.121	attackbots	Sep 22 14:03:09 ns382633 sshd\[12429\]: Invalid user catherine from 148.70.14.121 port 44206 Sep 22 14:03:09 ns382633 sshd\[12429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 Sep 22 14:03:11 ns382633 sshd\[12429\]: Failed password for invalid user catherine from 148.70.14.121 port 44206 ssh2 Sep 22 14:11:24 ns382633 sshd\[14125\]: Invalid user copy from 148.70.14.121 port 33718 Sep 22 14:11:24 ns382633 sshd\[14125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121	2020-09-22 22:56:07
148.70.14.121	attack	Sep 22 09:00:26 ns381471 sshd[15166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 Sep 22 09:00:28 ns381471 sshd[15166]: Failed password for invalid user james from 148.70.14.121 port 36778 ssh2	2020-09-22 15:00:47
148.70.14.121	attackbots	2020-09-21T15:01:37.7680171495-001 sshd[42956]: Invalid user db from 148.70.14.121 port 48066 2020-09-21T15:01:37.7710491495-001 sshd[42956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 2020-09-21T15:01:37.7680171495-001 sshd[42956]: Invalid user db from 148.70.14.121 port 48066 2020-09-21T15:01:39.3387951495-001 sshd[42956]: Failed password for invalid user db from 148.70.14.121 port 48066 ssh2 2020-09-21T15:04:00.6466881495-001 sshd[43075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.14.121 user=root 2020-09-21T15:04:02.8466871495-001 sshd[43075]: Failed password for root from 148.70.14.121 port 43336 ssh2 ...	2020-09-22 07:02:12
148.70.149.39	attack	Sep 21 12:42:43 ourumov-web sshd\[15034\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 21 12:42:45 ourumov-web sshd\[15034\]: Failed password for root from 148.70.149.39 port 51236 ssh2 Sep 21 12:48:22 ourumov-web sshd\[15390\]: Invalid user jenkins from 148.70.149.39 port 45552 ...	2020-09-21 21:08:48
148.70.149.39	attack	fail2ban detected brute force on sshd	2020-09-21 12:55:48
148.70.149.39	attackspam	Bruteforce detected by fail2ban	2020-09-21 04:47:23
148.70.149.39	attack	148.70.149.39 (CN/China/-), 9 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 13:03:10 server4 sshd[16368]: Invalid user admin from 71.11.134.32 Sep 20 12:53:10 server4 sshd[10082]: Invalid user admin from 24.237.89.47 Sep 20 12:53:17 server4 sshd[10390]: Invalid user admin from 148.70.149.39 Sep 20 12:53:19 server4 sshd[10390]: Failed password for invalid user admin from 148.70.149.39 port 59694 ssh2 Sep 20 12:57:11 server4 sshd[12743]: Failed password for invalid user admin from 96.42.78.206 port 35605 ssh2 Sep 20 12:57:12 server4 sshd[12773]: Invalid user admin from 96.42.78.206 Sep 20 12:57:07 server4 sshd[12739]: Invalid user admin from 96.42.78.206 Sep 20 12:57:08 server4 sshd[12739]: Failed password for invalid user admin from 96.42.78.206 port 35526 ssh2 Sep 20 12:57:09 server4 sshd[12743]: Invalid user admin from 96.42.78.206 IP Addresses Blocked: 71.11.134.32 (US/United States/-) 24.237.89.47 (US/United States/-)	2020-09-21 01:26:05
148.70.149.39	attackspambots	2020-09-20T10:10:30.071493ollin.zadara.org sshd[788155]: Invalid user postgresql from 148.70.149.39 port 46284 2020-09-20T10:10:31.682239ollin.zadara.org sshd[788155]: Failed password for invalid user postgresql from 148.70.149.39 port 46284 ssh2 ...	2020-09-20 17:25:03
148.70.149.39	attackbots	Time: Mon Sep 7 18:38:15 2020 +0200 IP: 148.70.149.39 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 7 18:33:10 mail-03 sshd[30399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:33:12 mail-03 sshd[30399]: Failed password for root from 148.70.149.39 port 34256 ssh2 Sep 7 18:36:18 mail-03 sshd[30568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:36:20 mail-03 sshd[30568]: Failed password for root from 148.70.149.39 port 58714 ssh2 Sep 7 18:38:11 mail-03 sshd[30677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root	2020-09-08 02:30:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.14.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16716
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.70.14.39.			IN	A

;; AUTHORITY SECTION:
.			318	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:44:20 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 39.14.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 39.14.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.41	attack	2019-11-15T18:28:18.041164scmdmz1 sshd\[8877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.41 user=root 2019-11-15T18:28:20.037207scmdmz1 sshd\[8877\]: Failed password for root from 222.186.180.41 port 21312 ssh2 2019-11-15T18:28:23.001703scmdmz1 sshd\[8877\]: Failed password for root from 222.186.180.41 port 21312 ssh2 ...	2019-11-16 01:32:15
104.206.128.38	attack	Port scan	2019-11-16 01:58:52
104.206.128.34	attack	Port scan	2019-11-16 02:05:02
206.189.122.133	attackspam	Nov 15 18:20:48 ns41 sshd[26297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.122.133	2019-11-16 01:47:51
85.67.210.90	attack	port scan and connect, tcp 23 (telnet)	2019-11-16 01:36:40
1.71.129.108	attackbots	Nov 15 18:24:50 eventyay sshd[13073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.129.108 Nov 15 18:24:52 eventyay sshd[13073]: Failed password for invalid user asdfghjkl from 1.71.129.108 port 34857 ssh2 Nov 15 18:29:45 eventyay sshd[13111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.129.108 ...	2019-11-16 01:45:05
185.176.27.178	attackbots	Nov 15 18:33:43 mc1 kernel: \[5125491.039802\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=28479 PROTO=TCP SPT=56995 DPT=24498 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 18:34:37 mc1 kernel: \[5125545.747136\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=13424 PROTO=TCP SPT=56995 DPT=24533 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 18:39:25 mc1 kernel: \[5125833.400612\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=26834 PROTO=TCP SPT=56995 DPT=54936 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-16 01:42:52
202.200.126.253	attackspambots	Invalid user tournay from 202.200.126.253 port 40654	2019-11-16 01:57:04
185.40.199.50	attack	Automatic report - XMLRPC Attack	2019-11-16 01:46:53
149.56.89.123	attackbots	Nov 15 18:50:24 DAAP sshd[25821]: Invalid user nivilinszky from 149.56.89.123 port 53382 ...	2019-11-16 01:57:48
186.154.237.247	attackbots	Received: from standardbank.co.za ( [186.154.237.247]) by smg.telkomsa.net (Telkom Internet Messaging Gateway) with SMTP id B7.47.02726.3EA8DCD5; Thu, 14 Nov 2019 19:12:06 +0200 (CAT) From: Nedbank GreenBack To: zxzxzxzxzx@telkomsa.net Subject: Nedbank GreenBack Credit Card Reward Statement Date: 14 Nov 2019 12:12:01 -0500 Message-ID: <20191114121201.A6DD7FDCD72F66DF@standardbank.co.za> MIME-Version: 1.0 Content-Type: multipart/mixed;	2019-11-16 02:06:03
104.206.128.50	attackspambots	Fail2Ban Ban Triggered	2019-11-16 01:49:24
149.202.115.157	attackspam	Invalid user admin from 149.202.115.157 port 45492	2019-11-16 01:31:19
68.183.110.49	attackbotsspam	Nov 15 18:16:02 eventyay sshd[12855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.110.49 Nov 15 18:16:04 eventyay sshd[12855]: Failed password for invalid user saraswathy from 68.183.110.49 port 53794 ssh2 Nov 15 18:19:53 eventyay sshd[12956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.110.49 ...	2019-11-16 01:55:20
185.176.27.2	attackbots	11/15/2019-18:06:46.462714 185.176.27.2 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-16 01:22:58

Recently Reported IPs

148.69.245.243	148.69.237.13	148.69.75.200	148.70.247.100
148.70.51.171	148.72.0.125	148.72.0.187	148.72.1.168
148.71.90.180	148.71.218.108	148.71.84.129	148.72.1.221
148.72.100.19	148.72.1.21	148.72.100.39	148.72.102.246
148.72.100.208	148.72.106.20	148.72.108.140	148.72.106.212