148.70.149.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	IP 148.70.149.92 attacked honeypot on port: 6379 at 8/6/2020 6:24:56 AM	2020-08-06 22:59:35

Comments on same subnet:

IP	Type	Details	Datetime
148.70.149.39	attackspam	Automatic report - Banned IP Access	2020-10-12 21:23:15
148.70.149.39	attack	Oct 12 04:47:44 *** sshd[4974]: User root from 148.70.149.39 not allowed because not listed in AllowUsers	2020-10-12 12:53:33
148.70.149.39	attackbots	SSH Bruteforce Attempt on Honeypot	2020-10-05 07:52:36
148.70.149.39	attackbotsspam	vps:sshd-InvalidUser	2020-10-05 00:12:23
148.70.149.39	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-28T21:05:13Z and 2020-09-28T21:22:52Z	2020-09-29 06:55:27
148.70.149.39	attackbots	(sshd) Failed SSH login from 148.70.149.39 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 14:01:30 server2 sshd[13641]: Invalid user trade from 148.70.149.39 port 34092 Sep 28 14:01:33 server2 sshd[13641]: Failed password for invalid user trade from 148.70.149.39 port 34092 ssh2 Sep 28 14:14:11 server2 sshd[16006]: Invalid user lj from 148.70.149.39 port 54884 Sep 28 14:14:13 server2 sshd[16006]: Failed password for invalid user lj from 148.70.149.39 port 54884 ssh2 Sep 28 14:22:37 server2 sshd[17482]: Invalid user sistema from 148.70.149.39 port 33408	2020-09-28 23:23:37
148.70.149.39	attack	Sep 21 12:42:43 ourumov-web sshd\[15034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 21 12:42:45 ourumov-web sshd\[15034\]: Failed password for root from 148.70.149.39 port 51236 ssh2 Sep 21 12:48:22 ourumov-web sshd\[15390\]: Invalid user jenkins from 148.70.149.39 port 45552 ...	2020-09-21 21:08:48
148.70.149.39	attack	fail2ban detected brute force on sshd	2020-09-21 12:55:48
148.70.149.39	attackspam	Bruteforce detected by fail2ban	2020-09-21 04:47:23
148.70.149.39	attack	148.70.149.39 (CN/China/-), 9 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 13:03:10 server4 sshd[16368]: Invalid user admin from 71.11.134.32 Sep 20 12:53:10 server4 sshd[10082]: Invalid user admin from 24.237.89.47 Sep 20 12:53:17 server4 sshd[10390]: Invalid user admin from 148.70.149.39 Sep 20 12:53:19 server4 sshd[10390]: Failed password for invalid user admin from 148.70.149.39 port 59694 ssh2 Sep 20 12:57:11 server4 sshd[12743]: Failed password for invalid user admin from 96.42.78.206 port 35605 ssh2 Sep 20 12:57:12 server4 sshd[12773]: Invalid user admin from 96.42.78.206 Sep 20 12:57:07 server4 sshd[12739]: Invalid user admin from 96.42.78.206 Sep 20 12:57:08 server4 sshd[12739]: Failed password for invalid user admin from 96.42.78.206 port 35526 ssh2 Sep 20 12:57:09 server4 sshd[12743]: Invalid user admin from 96.42.78.206 IP Addresses Blocked: 71.11.134.32 (US/United States/-) 24.237.89.47 (US/United States/-)	2020-09-21 01:26:05
148.70.149.39	attackspambots	2020-09-20T10:10:30.071493ollin.zadara.org sshd[788155]: Invalid user postgresql from 148.70.149.39 port 46284 2020-09-20T10:10:31.682239ollin.zadara.org sshd[788155]: Failed password for invalid user postgresql from 148.70.149.39 port 46284 ssh2 ...	2020-09-20 17:25:03
148.70.149.39	attackbots	Time: Mon Sep 7 18:38:15 2020 +0200 IP: 148.70.149.39 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 7 18:33:10 mail-03 sshd[30399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:33:12 mail-03 sshd[30399]: Failed password for root from 148.70.149.39 port 34256 ssh2 Sep 7 18:36:18 mail-03 sshd[30568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root Sep 7 18:36:20 mail-03 sshd[30568]: Failed password for root from 148.70.149.39 port 58714 ssh2 Sep 7 18:38:11 mail-03 sshd[30677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.149.39 user=root	2020-09-08 02:30:22
148.70.149.39	attackbots	Sep 7 16:28:31 webhost01 sshd[663]: Failed password for root from 148.70.149.39 port 41884 ssh2 ...	2020-09-07 17:56:12
148.70.149.39	attackspambots	Invalid user drake from 148.70.149.39 port 33452	2020-08-30 18:01:25
148.70.149.39	attack	Invalid user media from 148.70.149.39 port 38948	2020-08-29 06:01:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.149.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54968
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.149.92.			IN	A

;; AUTHORITY SECTION:
.			160	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080602 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 06 22:59:30 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 92.149.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.149.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.191.150.32	attack	Unauthorized connection attempt detected from IP address 203.191.150.32 to port 1433 [J]	2020-01-19 06:17:40
157.230.156.51	attack	Unauthorized connection attempt detected from IP address 157.230.156.51 to port 2220 [J]	2020-01-19 05:56:42
109.225.118.24	attackbotsspam	Unauthorized connection attempt detected from IP address 109.225.118.24 to port 5555 [J]	2020-01-19 06:01:16
79.166.82.191	attackspambots	Unauthorized connection attempt detected from IP address 79.166.82.191 to port 81 [J]	2020-01-19 06:07:21
78.151.217.222	attackspam	Unauthorized connection attempt detected from IP address 78.151.217.222 to port 23 [J]	2020-01-19 06:08:00
212.12.172.155	attackbotsspam	$f2bV_matches	2020-01-19 06:17:15
201.201.154.143	attack	Unauthorized connection attempt detected from IP address 201.201.154.143 to port 80 [J]	2020-01-19 05:51:50
150.109.170.49	attackbotsspam	Unauthorized connection attempt detected from IP address 150.109.170.49 to port 8546 [J]	2020-01-19 06:26:08
86.43.127.154	attackspam	Unauthorized connection attempt detected from IP address 86.43.127.154 to port 8080 [J]	2020-01-19 06:04:59
185.195.25.121	attack	Unauthorized connection attempt detected from IP address 185.195.25.121 to port 2220 [J]	2020-01-19 06:22:48
150.109.52.25	attack	Unauthorized connection attempt detected from IP address 150.109.52.25 to port 2220 [J]	2020-01-19 06:26:35
58.187.97.184	attackspambots	Unauthorized connection attempt detected from IP address 58.187.97.184 to port 23 [J]	2020-01-19 06:10:50
122.164.159.29	attackspam	Unauthorized connection attempt detected from IP address 122.164.159.29 to port 4567 [J]	2020-01-19 05:59:14
218.212.30.250	attack	Unauthorized connection attempt detected from IP address 218.212.30.250 to port 5555 [J]	2020-01-19 05:49:23
170.106.36.178	attackbotsspam	Unauthorized connection attempt detected from IP address 170.106.36.178 to port 4444 [J]	2020-01-19 05:55:13

Recently Reported IPs

183.190.87.21	188.24.20.8	230.254.203.62	148.207.86.108
82.5.3.46	187.162.28.159	32.107.58.93	186.194.88.210
173.245.54.72	114.227.24.233	103.236.134.132	217.137.43.111
47.148.101.205	5.81.225.180	179.177.220.255	162.254.227.147
94.25.181.232	114.231.42.126	183.89.165.253	103.44.249.61