148.70.149.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	IP 148.70.149.92 attacked honeypot on port: 6379 at 8/6/2020 6:24:56 AM	2020-08-06 22:59:35

Comments on same subnet:

IP	Type	Details	Datetime
148.70.149.39	attackspam	Automatic report - Banned IP Access	2020-10-12 21:23:15
148.70.149.39	attack	Oct 12 04:47:44 *** sshd[4974]: User root from 148.70.149.39 not allowed because not listed in AllowUsers	2020-10-12 12:53:33
148.70.149.39	attackbots	SSH Bruteforce Attempt on Honeypot	2020-10-05 07:52:36
148.70.149.39	attackbotsspam	vps:sshd-InvalidUser	2020-10-05 00:12:23
148.70.149.39	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T21:05:13Z and 2020-09-28T21:22:52Z	2020-09-29 06:55:27
148.70.149.39	attackbots	(sshd) Failed SSH login from 148.70.149.39 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 14:01:30 server2 sshd[13641]: Invalid user trade from 148.70.149.39 port 34092 Sep 28 14:01:33 server2 sshd[13641]: Failed password for invalid user trade from 148.70.149.39 port 34092 ssh2 Sep 28 14:14:11 server2 sshd[16006]: Invalid user lj from 148.70.149.39 port 54884 Sep 28 14:14:13 server2 sshd[16006]: Failed password for invalid user lj from 148.70.149.39 port 54884 ssh2 Sep 28 14:22:37 server2 sshd[17482]: Invalid user sistema from 148.70.149.39 port 33408	2020-09-28 23:23:37
148.70.149.39	attack	Sep 21 12:42:43 ourumov-web sshd\[15034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 21 12:42:45 ourumov-web sshd\[15034\]: Failed password for root from 148.70.149.39 port 51236 ssh2 Sep 21 12:48:22 ourumov-web sshd\[15390\]: Invalid user jenkins from 148.70.149.39 port 45552 ...	2020-09-21 21:08:48
148.70.149.39	attack	fail2ban detected brute force on sshd	2020-09-21 12:55:48
148.70.149.39	attackspam	Bruteforce detected by fail2ban	2020-09-21 04:47:23
148.70.149.39	attack	148.70.149.39 (CN/China/-), 9 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 13:03:10 server4 sshd[16368]: Invalid user admin from 71.11.134.32 Sep 20 12:53:10 server4 sshd[10082]: Invalid user admin from 24.237.89.47 Sep 20 12:53:17 server4 sshd[10390]: Invalid user admin from 148.70.149.39 Sep 20 12:53:19 server4 sshd[10390]: Failed password for invalid user admin from 148.70.149.39 port 59694 ssh2 Sep 20 12:57:11 server4 sshd[12743]: Failed password for invalid user admin from 96.42.78.206 port 35605 ssh2 Sep 20 12:57:12 server4 sshd[12773]: Invalid user admin from 96.42.78.206 Sep 20 12:57:07 server4 sshd[12739]: Invalid user admin from 96.42.78.206 Sep 20 12:57:08 server4 sshd[12739]: Failed password for invalid user admin from 96.42.78.206 port 35526 ssh2 Sep 20 12:57:09 server4 sshd[12743]: Invalid user admin from 96.42.78.206 IP Addresses Blocked: 71.11.134.32 (US/United States/-) 24.237.89.47 (US/United States/-)	2020-09-21 01:26:05
148.70.149.39	attackspambots	2020-09-20T10:10:30.071493ollin.zadara.org sshd[788155]: Invalid user postgresql from 148.70.149.39 port 46284 2020-09-20T10:10:31.682239ollin.zadara.org sshd[788155]: Failed password for invalid user postgresql from 148.70.149.39 port 46284 ssh2 ...	2020-09-20 17:25:03
148.70.149.39	attackbots	Time: Mon Sep 7 18:38:15 2020 +0200 IP: 148.70.149.39 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 7 18:33:10 mail-03 sshd[30399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:33:12 mail-03 sshd[30399]: Failed password for root from 148.70.149.39 port 34256 ssh2 Sep 7 18:36:18 mail-03 sshd[30568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:36:20 mail-03 sshd[30568]: Failed password for root from 148.70.149.39 port 58714 ssh2 Sep 7 18:38:11 mail-03 sshd[30677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root	2020-09-08 02:30:22
148.70.149.39	attackbots	Sep 7 16:28:31 webhost01 sshd[663]: Failed password for root from 148.70.149.39 port 41884 ssh2 ...	2020-09-07 17:56:12
148.70.149.39	attackspambots	Invalid user drake from 148.70.149.39 port 33452	2020-08-30 18:01:25
148.70.149.39	attack	Invalid user media from 148.70.149.39 port 38948	2020-08-29 06:01:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.149.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54968
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.149.92.			IN	A

;; AUTHORITY SECTION:
.			160	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080602 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 06 22:59:30 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 92.149.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.149.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.6.121.157	attack	88/tcp [2019-09-04]1pkt	2019-09-05 08:53:14
197.51.3.207	attack	Unauthorized connection attempt from IP address 197.51.3.207 on Port 445(SMB)	2019-09-05 08:55:01
91.112.83.178	attack	Unauthorized connection attempt from IP address 91.112.83.178 on Port 445(SMB)	2019-09-05 08:39:31
177.140.88.147	attackspam	Automatic report - Port Scan Attack	2019-09-05 08:35:53
218.98.26.163	attackspambots	Sep 4 14:32:12 lcprod sshd\[15254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.163 user=root Sep 4 14:32:15 lcprod sshd\[15254\]: Failed password for root from 218.98.26.163 port 24398 ssh2 Sep 4 14:32:21 lcprod sshd\[15288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.163 user=root Sep 4 14:32:23 lcprod sshd\[15288\]: Failed password for root from 218.98.26.163 port 44588 ssh2 Sep 4 14:32:30 lcprod sshd\[15298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.163 user=root	2019-09-05 08:40:46
118.25.92.221	attackspambots	Sep 4 14:03:11 friendsofhawaii sshd\[2332\]: Invalid user vijayaraj from 118.25.92.221 Sep 4 14:03:11 friendsofhawaii sshd\[2332\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.92.221 Sep 4 14:03:12 friendsofhawaii sshd\[2332\]: Failed password for invalid user vijayaraj from 118.25.92.221 port 39620 ssh2 Sep 4 14:08:12 friendsofhawaii sshd\[2775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.92.221 user=root Sep 4 14:08:14 friendsofhawaii sshd\[2775\]: Failed password for root from 118.25.92.221 port 55760 ssh2	2019-09-05 08:21:33
85.13.2.117	attack	Unauthorised access (Sep 5) SRC=85.13.2.117 LEN=40 TTL=54 ID=13101 TCP DPT=8080 WINDOW=32114 SYN	2019-09-05 08:26:02
180.253.183.235	attack	Unauthorized connection attempt from IP address 180.253.183.235 on Port 445(SMB)	2019-09-05 08:35:16
94.191.20.179	attackbotsspam	$f2bV_matches	2019-09-05 08:37:27
37.204.111.194	attackspam	2019-09-04T23:39:00.754650abusebot-5.cloudsearch.cf sshd\[2142\]: Invalid user mysql from 37.204.111.194 port 43336	2019-09-05 08:17:28
39.97.185.107	attackspam	Automatic report - Port Scan Attack	2019-09-05 08:34:52
186.58.83.184	attackbotsspam	Unauthorized connection attempt from IP address 186.58.83.184 on Port 445(SMB)	2019-09-05 08:29:38
202.69.66.130	attack	Sep 5 02:05:30 h2177944 sshd\[19698\]: Invalid user a from 202.69.66.130 port 22612 Sep 5 02:05:30 h2177944 sshd\[19698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.69.66.130 Sep 5 02:05:32 h2177944 sshd\[19698\]: Failed password for invalid user a from 202.69.66.130 port 22612 ssh2 Sep 5 02:10:04 h2177944 sshd\[19820\]: Invalid user rapha from 202.69.66.130 port 33343 Sep 5 02:10:04 h2177944 sshd\[19820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.69.66.130 ...	2019-09-05 08:28:31
218.98.40.135	attackspam	2019-09-04T23:23:25.913017abusebot-7.cloudsearch.cf sshd\[5117\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.135 user=root	2019-09-05 08:14:51
95.63.233.86	attackbots	Automatic report - Port Scan Attack	2019-09-05 08:57:39

Recently Reported IPs

183.190.87.21	188.24.20.8	230.254.203.62	148.207.86.108
82.5.3.46	187.162.28.159	32.107.58.93	186.194.88.210
173.245.54.72	114.227.24.233	103.236.134.132	217.137.43.111
47.148.101.205	5.81.225.180	179.177.220.255	162.254.227.147
94.25.181.232	114.231.42.126	183.89.165.253	103.44.249.61