148.70.4.242 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	...	2020-02-01 22:59:59
attackbots	Nov 21 23:28:11 game-panel sshd[2182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Nov 21 23:28:12 game-panel sshd[2182]: Failed password for invalid user ledford from 148.70.4.242 port 48786 ssh2 Nov 21 23:32:26 game-panel sshd[2297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242	2019-11-22 07:40:14
attack	Nov 17 11:27:59 linuxvps sshd\[48473\]: Invalid user brossard from 148.70.4.242 Nov 17 11:27:59 linuxvps sshd\[48473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Nov 17 11:28:01 linuxvps sshd\[48473\]: Failed password for invalid user brossard from 148.70.4.242 port 44424 ssh2 Nov 17 11:33:46 linuxvps sshd\[52116\]: Invalid user hye from 148.70.4.242 Nov 17 11:33:46 linuxvps sshd\[52116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242	2019-11-18 01:05:59
attackspambots	Nov 16 17:26:02 sauna sshd[38007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Nov 16 17:26:04 sauna sshd[38007]: Failed password for invalid user mertz from 148.70.4.242 port 40682 ssh2 ...	2019-11-17 02:09:48
attackspam	2019-11-15T07:19:19.198306tmaserv sshd\[27303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 2019-11-15T07:19:21.591567tmaserv sshd\[27303\]: Failed password for invalid user francisc from 148.70.4.242 port 39426 ssh2 2019-11-15T08:23:43.399129tmaserv sshd\[30650\]: Invalid user backup from 148.70.4.242 port 34052 2019-11-15T08:23:43.404276tmaserv sshd\[30650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 2019-11-15T08:23:45.254677tmaserv sshd\[30650\]: Failed password for invalid user backup from 148.70.4.242 port 34052 ssh2 2019-11-15T08:28:45.402648tmaserv sshd\[30887\]: Invalid user inessa from 148.70.4.242 port 42324 ...	2019-11-15 15:16:05
attackspambots	2019-11-09T08:37:12.930308abusebot-2.cloudsearch.cf sshd\[12598\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 user=root	2019-11-09 18:52:16
attack	Nov 6 07:24:02 amit sshd\[15750\]: Invalid user zhouh from 148.70.4.242 Nov 6 07:24:02 amit sshd\[15750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Nov 6 07:24:04 amit sshd\[15750\]: Failed password for invalid user zhouh from 148.70.4.242 port 40088 ssh2 ...	2019-11-06 19:29:56
attackbotsspam	Nov 4 03:37:43 firewall sshd[32062]: Invalid user bz from 148.70.4.242 Nov 4 03:37:46 firewall sshd[32062]: Failed password for invalid user bz from 148.70.4.242 port 55324 ssh2 Nov 4 03:42:51 firewall sshd[32146]: Invalid user zzz from 148.70.4.242 ...	2019-11-04 15:11:24
attackbots	$f2bV_matches	2019-11-02 20:27:14
attackbotsspam	SSH Brute Force, server-1 sshd[17682]: Failed password for invalid user sir from 148.70.4.242 port 46786 ssh2	2019-10-19 17:12:45
attackspambots	Automatic report - Banned IP Access	2019-10-17 23:19:38
attack	Oct 16 06:11:57 hanapaa sshd\[3429\]: Invalid user TAMA from 148.70.4.242 Oct 16 06:11:57 hanapaa sshd\[3429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Oct 16 06:11:59 hanapaa sshd\[3429\]: Failed password for invalid user TAMA from 148.70.4.242 port 42688 ssh2 Oct 16 06:18:26 hanapaa sshd\[3939\]: Invalid user 1q2w3e4r@12345 from 148.70.4.242 Oct 16 06:18:26 hanapaa sshd\[3939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242	2019-10-17 00:22:58
attackbotsspam	Oct 5 09:43:08 vps647732 sshd[5639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Oct 5 09:43:10 vps647732 sshd[5639]: Failed password for invalid user P@rola_!@# from 148.70.4.242 port 53116 ssh2 ...	2019-10-05 18:25:03
attack	Sep 22 00:15:06 php1 sshd\[26790\]: Invalid user nagios from 148.70.4.242 Sep 22 00:15:06 php1 sshd\[26790\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Sep 22 00:15:08 php1 sshd\[26790\]: Failed password for invalid user nagios from 148.70.4.242 port 35306 ssh2 Sep 22 00:20:42 php1 sshd\[27238\]: Invalid user jboss from 148.70.4.242 Sep 22 00:20:42 php1 sshd\[27238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242	2019-09-22 18:40:30
attack	Jul 12 12:38:10 meumeu sshd[11066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 Jul 12 12:38:12 meumeu sshd[11066]: Failed password for invalid user yi from 148.70.4.242 port 52128 ssh2 Jul 12 12:44:52 meumeu sshd[12168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.4.242 ...	2019-07-12 18:48:17

Comments on same subnet:

IP	Type	Details	Datetime
148.70.40.14	attackbotsspam	$f2bV_matches	2020-08-04 07:12:54
148.70.40.14	attackspam	Jul 20 00:41:57 Tower sshd[18576]: Connection from 148.70.40.14 port 41168 on 192.168.10.220 port 22 rdomain "" Jul 20 00:41:59 Tower sshd[18576]: Invalid user amarnath from 148.70.40.14 port 41168 Jul 20 00:41:59 Tower sshd[18576]: error: Could not get shadow information for NOUSER Jul 20 00:41:59 Tower sshd[18576]: Failed password for invalid user amarnath from 148.70.40.14 port 41168 ssh2 Jul 20 00:42:00 Tower sshd[18576]: Received disconnect from 148.70.40.14 port 41168:11: Bye Bye [preauth] Jul 20 00:42:00 Tower sshd[18576]: Disconnected from invalid user amarnath 148.70.40.14 port 41168 [preauth]	2020-07-20 13:44:40
148.70.44.229	attack	Wordpress attack - GET /wp-login.php	2020-07-01 12:59:42
148.70.40.14	attackspambots	Fail2Ban Ban Triggered	2020-06-30 17:51:27
148.70.40.14	attackspambots	Jun 25 16:42:15 gestao sshd[18487]: Failed password for root from 148.70.40.14 port 44194 ssh2 Jun 25 16:43:39 gestao sshd[18537]: Failed password for root from 148.70.40.14 port 52302 ssh2 Jun 25 16:45:00 gestao sshd[18565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.40.14 ...	2020-06-26 00:35:39
148.70.40.14	attack	6478/tcp [2020-06-24]1pkt	2020-06-24 18:30:05
148.70.48.86	attack	$f2bV_matches	2020-06-22 17:14:14
148.70.44.229	attackspambots	CN - - [20/Jun/2020:03:10:18 +0300] GET /wp-login.php HTTP/1.1 200 1443 - Apache-HttpClient/4.5.2 Java/1.8.0_151	2020-06-21 00:12:48
148.70.40.14	attackbots	Jun 15 18:25:56 melroy-server sshd[25468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.40.14 Jun 15 18:25:58 melroy-server sshd[25468]: Failed password for invalid user ubuntu from 148.70.40.14 port 59308 ssh2 ...	2020-06-16 02:28:15
148.70.40.14	attack	Jun 5 14:53:04 mail sshd\[22807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.40.14 user=root ...	2020-06-06 02:59:55
148.70.40.41	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-05-26 18:11:27
148.70.40.14	attackspambots	SSH Login Bruteforce	2020-05-13 04:38:30
148.70.40.14	attackbotsspam	2020-05-11T22:26:55.657518shield sshd\[15190\]: Invalid user rb from 148.70.40.14 port 38082 2020-05-11T22:26:55.666323shield sshd\[15190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.40.14 2020-05-11T22:26:57.657550shield sshd\[15190\]: Failed password for invalid user rb from 148.70.40.14 port 38082 ssh2 2020-05-11T22:32:29.747924shield sshd\[16231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.40.14 user=root 2020-05-11T22:32:31.257538shield sshd\[16231\]: Failed password for root from 148.70.40.14 port 43158 ssh2	2020-05-12 07:13:05
148.70.40.14	attackspambots	SSH Login Bruteforce	2020-05-08 13:25:02
148.70.48.86	attackbotsspam	Brute force attempt	2020-05-04 20:00:53

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.4.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19241
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.4.242.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 07 16:04:18 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 242.4.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 242.4.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
47.110.224.88	attackbots	47.110.224.88 - - [10/Mar/2020:00:49:07 +0200] "GET /dev/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-10 18:33:37
35.229.206.196	attackbotsspam	SSH invalid-user multiple login try	2020-03-10 18:24:59
218.92.0.173	attackspambots	Mar 10 00:55:27 sachi sshd\[31791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root Mar 10 00:55:28 sachi sshd\[31791\]: Failed password for root from 218.92.0.173 port 49415 ssh2 Mar 10 00:55:47 sachi sshd\[31808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root Mar 10 00:55:49 sachi sshd\[31808\]: Failed password for root from 218.92.0.173 port 6318 ssh2 Mar 10 00:56:09 sachi sshd\[31846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root	2020-03-10 19:00:51
180.175.176.131	attackspambots	Lines containing failures of 180.175.176.131 Mar 10 10:17:09 nexus sshd[25901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.175.176.131 user=r.r Mar 10 10:17:10 nexus sshd[25901]: Failed password for r.r from 180.175.176.131 port 53550 ssh2 Mar 10 10:17:10 nexus sshd[25901]: Received disconnect from 180.175.176.131 port 53550:11: Bye Bye [preauth] Mar 10 10:17:10 nexus sshd[25901]: Disconnected from 180.175.176.131 port 53550 [preauth] Mar 10 10:26:30 nexus sshd[27949]: Invalid user 11 from 180.175.176.131 port 39812 Mar 10 10:26:30 nexus sshd[27949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.175.176.131 Mar 10 10:26:33 nexus sshd[27949]: Failed password for invalid user 11 from 180.175.176.131 port 39812 ssh2 Mar 10 10:26:33 nexus sshd[27949]: Received disconnect from 180.175.176.131 port 39812:11: Bye Bye [preauth] Mar 10 10:26:33 nexus sshd[27949]: Disconnected from 180......... ------------------------------	2020-03-10 18:19:56
218.92.0.158	attackbots	2020-03-10T05:27:49.204995homeassistant sshd[28100]: Failed password for root from 218.92.0.158 port 4171 ssh2 2020-03-10T10:41:24.871786homeassistant sshd[4605]: Failed none for root from 218.92.0.158 port 22930 ssh2 2020-03-10T10:41:25.098872homeassistant sshd[4605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.158 user=root ...	2020-03-10 18:58:12
211.169.249.231	attackbots	Mar 9 16:57:44 garuda sshd[191388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.231 user=r.r Mar 9 16:57:47 garuda sshd[191388]: Failed password for r.r from 211.169.249.231 port 36700 ssh2 Mar 9 16:57:47 garuda sshd[191388]: Received disconnect from 211.169.249.231: 11: Bye Bye [preauth] Mar 9 17:06:24 garuda sshd[194658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.231 user=r.r Mar 9 17:06:26 garuda sshd[194658]: Failed password for r.r from 211.169.249.231 port 54594 ssh2 Mar 9 17:06:27 garuda sshd[194658]: Received disconnect from 211.169.249.231: 11: Bye Bye [preauth] Mar 9 17:11:22 garuda sshd[196165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.231 user=r.r Mar 9 17:11:24 garuda sshd[196165]: Failed password for r.r from 211.169.249.231 port 45020 ssh2 Mar 9 17:11:24 garuda sshd[196165]........ -------------------------------	2020-03-10 19:05:54
174.219.20.44	attackspam	Brute forcing email accounts	2020-03-10 18:23:49
222.186.180.130	attackspambots	10.03.2020 10:19:59 SSH access blocked by firewall	2020-03-10 18:21:59
74.6.129.83	attack	SpamScore above: 10.0	2020-03-10 18:55:04
123.206.67.160	attackspam	Mar 10 10:40:49 vps691689 sshd[10453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.67.160 Mar 10 10:40:52 vps691689 sshd[10453]: Failed password for invalid user harry from 123.206.67.160 port 59140 ssh2 ...	2020-03-10 18:29:42
51.75.23.173	attack	frenzy	2020-03-10 18:34:24
223.204.223.247	attackspam	20/3/10@05:27:44: FAIL: Alarm-Network address from=223.204.223.247 ...	2020-03-10 18:21:19
125.106.216.73	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-10 18:36:57
149.202.164.82	attackbotsspam	k+ssh-bruteforce	2020-03-10 18:31:45
2a03:4000:30:8adc::13:5989	attack	Website administration hacking try	2020-03-10 18:40:59

Recently Reported IPs

49.144.90.54	36.77.44.155	27.5.129.175	178.223.13.148
110.34.0.151	89.70.26.130	41.45.231.206	180.76.156.146
47.89.192.12	134.73.7.221	82.114.86.169	121.78.129.147
148.66.146.22	94.23.212.137	46.185.196.253	121.201.43.233
122.165.155.19	196.221.207.173	218.241.251.145	95.71.204.219