148.70.216.44 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.70.216.213	attack	Sep 23 08:34:58 debian sshd\[22488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.216.213 user=root Sep 23 08:35:00 debian sshd\[22488\]: Failed password for root from 148.70.216.213 port 47148 ssh2 Sep 23 08:35:02 debian sshd\[22490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.216.213 user=root ...	2019-09-24 02:46:41

Type

Details

Datetime

148.70.216.213

attack

Sep 23 08:34:58 debian sshd\[22488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.216.213  user=root
Sep 23 08:35:00 debian sshd\[22488\]: Failed password for root from 148.70.216.213 port 47148 ssh2
Sep 23 08:35:02 debian sshd\[22490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.216.213  user=root
...

2019-09-24 02:46:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.216.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60759
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.70.216.44.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 13:39:26 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 44.216.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 44.216.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.222.12.106	attack	Jun 23 14:02:39 powerpi2 sshd[31464]: Invalid user suporte from 51.222.12.106 port 50068 Jun 23 14:02:41 powerpi2 sshd[31464]: Failed password for invalid user suporte from 51.222.12.106 port 50068 ssh2 Jun 23 14:09:09 powerpi2 sshd[31839]: Invalid user firefart from 51.222.12.106 port 49936 ...	2020-06-23 23:54:17
36.92.143.71	attack	Jun 23 08:05:18 Tower sshd[21759]: Connection from 36.92.143.71 port 40558 on 192.168.10.220 port 22 rdomain "" Jun 23 08:05:19 Tower sshd[21759]: Invalid user fanny from 36.92.143.71 port 40558 Jun 23 08:05:19 Tower sshd[21759]: error: Could not get shadow information for NOUSER Jun 23 08:05:19 Tower sshd[21759]: Failed password for invalid user fanny from 36.92.143.71 port 40558 ssh2 Jun 23 08:05:20 Tower sshd[21759]: Received disconnect from 36.92.143.71 port 40558:11: Bye Bye [preauth] Jun 23 08:05:20 Tower sshd[21759]: Disconnected from invalid user fanny 36.92.143.71 port 40558 [preauth]	2020-06-23 23:55:12
222.186.52.39	attack	Unauthorized connection attempt detected from IP address 222.186.52.39 to port 22	2020-06-24 00:09:01
182.74.25.246	attackbots	Jun 23 17:23:47 mail sshd[24506]: Failed password for invalid user zsq from 182.74.25.246 port 57486 ssh2 ...	2020-06-23 23:43:38
203.195.150.131	attack	Unauthorised connection attempt detected at AUO FR1 NODE2. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-24 00:06:42
208.68.39.220	attack	Scanned 320 unique addresses for 2 unique TCP ports in 24 hours (ports 289,19937)	2020-06-23 23:55:29
123.206.219.211	attackspam	$f2bV_matches	2020-06-23 23:50:20
129.204.142.198	attackbotsspam	Jun 23 16:47:00 rocket sshd[16050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.142.198 Jun 23 16:47:03 rocket sshd[16050]: Failed password for invalid user test from 129.204.142.198 port 36772 ssh2 ...	2020-06-23 23:53:19
111.229.68.113	attackspambots	2020-06-23T14:16:28+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-06-24 00:06:03
141.98.10.197	attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.197 user=root Failed password for root from 141.98.10.197 port 34245 ssh2 Invalid user demo from 141.98.10.197 port 44565 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.197 Failed password for invalid user demo from 141.98.10.197 port 44565 ssh2	2020-06-24 00:03:47
96.226.111.131	attack	Unauthorized connection attempt detected from IP address 96.226.111.131 to port 3389 [T]	2020-06-24 00:20:46
94.41.126.220	attack	Automatic report - Port Scan Attack	2020-06-24 00:21:26
186.10.125.209	attackspambots	Jun 23 14:47:49 django-0 sshd[32567]: Invalid user user from 186.10.125.209 ...	2020-06-23 23:41:02
103.219.112.1	attackspam	Scanned 324 unique addresses for 2 unique TCP ports in 24 hours (ports 10588,12230)	2020-06-24 00:19:46
202.74.243.120	attack	Honeypot attack, port: 445, PTR: emldhk.rad1.aamranetworks.com.	2020-06-24 00:10:32

Recently Reported IPs

171.111.57.69	106.198.121.170	209.14.136.190	60.190.124.34
178.218.194.188	117.251.52.148	115.54.217.138	203.189.153.44
118.116.61.88	116.206.101.230	202.21.100.234	60.214.127.162
182.112.63.79	118.195.182.223	58.219.163.105	123.207.27.143
91.241.161.9	61.220.237.233	70.176.96.74	217.60.194.43