148.70.45.134 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 21 13:20:57 web1 sshd\[4894\]: Invalid user wocloud from 148.70.45.134 Aug 21 13:20:57 web1 sshd\[4894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.45.134 Aug 21 13:20:59 web1 sshd\[4894\]: Failed password for invalid user wocloud from 148.70.45.134 port 51358 ssh2 Aug 21 13:25:37 web1 sshd\[5415\]: Invalid user tibero6 from 148.70.45.134 Aug 21 13:25:37 web1 sshd\[5415\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.45.134	2019-08-22 07:38:59
attack	Aug 20 00:08:00 vps691689 sshd[4189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.45.134 Aug 20 00:08:02 vps691689 sshd[4189]: Failed password for invalid user uda from 148.70.45.134 port 41986 ssh2 ...	2019-08-20 06:14:58
attackbotsspam	Aug 10 04:22:55 localhost sshd[18933]: Invalid user trust from 148.70.45.134 port 42749 Aug 10 04:22:55 localhost sshd[18933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.45.134 Aug 10 04:22:55 localhost sshd[18933]: Invalid user trust from 148.70.45.134 port 42749 Aug 10 04:22:56 localhost sshd[18933]: Failed password for invalid user trust from 148.70.45.134 port 42749 ssh2 ...	2019-08-10 07:57:35
attackspam	2019-08-07T09:42:35.130815mizuno.rwx.ovh sshd[14244]: Connection from 148.70.45.134 port 56239 on 78.46.61.178 port 22 2019-08-07T09:42:36.732207mizuno.rwx.ovh sshd[14244]: Invalid user clark from 148.70.45.134 port 56239 2019-08-07T09:42:36.735618mizuno.rwx.ovh sshd[14244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.45.134 2019-08-07T09:42:35.130815mizuno.rwx.ovh sshd[14244]: Connection from 148.70.45.134 port 56239 on 78.46.61.178 port 22 2019-08-07T09:42:36.732207mizuno.rwx.ovh sshd[14244]: Invalid user clark from 148.70.45.134 port 56239 2019-08-07T09:42:38.578413mizuno.rwx.ovh sshd[14244]: Failed password for invalid user clark from 148.70.45.134 port 56239 ssh2 ...	2019-08-07 22:11:48
attackbotsspam	Jul 26 19:51:50 sshgateway sshd\[20119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.45.134 user=root Jul 26 19:51:51 sshgateway sshd\[20119\]: Failed password for root from 148.70.45.134 port 50565 ssh2 Jul 26 19:57:04 sshgateway sshd\[20159\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.45.134 user=root	2019-07-27 08:19:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.45.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52994
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.45.134.			IN	A

;; AUTHORITY SECTION:
.			1258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072602 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 08:19:52 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 134.45.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.45.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.137.5.134	attack	Aug 17 17:13:27 localhost sshd\[11825\]: Invalid user hz from 79.137.5.134 port 35358 Aug 17 17:13:27 localhost sshd\[11825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.5.134 Aug 17 17:13:29 localhost sshd\[11825\]: Failed password for invalid user hz from 79.137.5.134 port 35358 ssh2	2019-08-17 23:15:41
139.199.29.155	attackbotsspam	DATE:2019-08-17 13:04:52, IP:139.199.29.155, PORT:ssh SSH brute force auth (thor)	2019-08-17 23:44:06
187.8.159.140	attack	2019-08-17T15:29:55.139065abusebot-8.cloudsearch.cf sshd\[30979\]: Invalid user felix from 187.8.159.140 port 36702	2019-08-17 23:31:10
216.218.206.103	attackbots	Splunk® : port scan detected: Aug 17 10:42:37 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=216.218.206.103 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54321 PROTO=TCP SPT=48321 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-18 00:27:29
184.105.139.85	attack	Portscan or hack attempt detected by psad/fwsnort	2019-08-17 23:39:03
106.12.78.199	attack	Aug 17 05:19:27 web9 sshd\[10262\]: Invalid user esadmin from 106.12.78.199 Aug 17 05:19:27 web9 sshd\[10262\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.199 Aug 17 05:19:30 web9 sshd\[10262\]: Failed password for invalid user esadmin from 106.12.78.199 port 57162 ssh2 Aug 17 05:25:41 web9 sshd\[11524\]: Invalid user jboss from 106.12.78.199 Aug 17 05:25:41 web9 sshd\[11524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.199	2019-08-17 23:38:25
139.59.68.135	attackspam	Aug 17 03:30:28 php1 sshd\[1417\]: Invalid user www01 from 139.59.68.135 Aug 17 03:30:28 php1 sshd\[1417\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.68.135 Aug 17 03:30:30 php1 sshd\[1417\]: Failed password for invalid user www01 from 139.59.68.135 port 54156 ssh2 Aug 17 03:35:34 php1 sshd\[1941\]: Invalid user ahren from 139.59.68.135 Aug 17 03:35:34 php1 sshd\[1941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.68.135	2019-08-17 23:41:30
32.220.54.46	attackspam	Port Scan detected from 32.220.54.46 (US/United States/-). 4 hits in the last 60 seconds	2019-08-17 23:53:13
207.154.192.152	attack	Aug 17 18:09:12 rpi sshd[30985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.192.152 Aug 17 18:09:14 rpi sshd[30985]: Failed password for invalid user admin from 207.154.192.152 port 35812 ssh2	2019-08-18 00:27:57
62.234.66.145	attackbots	Aug 17 18:40:52 server sshd\[14537\]: Invalid user 123456 from 62.234.66.145 port 50339 Aug 17 18:40:52 server sshd\[14537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.66.145 Aug 17 18:40:54 server sshd\[14537\]: Failed password for invalid user 123456 from 62.234.66.145 port 50339 ssh2 Aug 17 18:44:39 server sshd\[12556\]: Invalid user giaou from 62.234.66.145 port 36046 Aug 17 18:44:39 server sshd\[12556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.66.145	2019-08-17 23:52:34
79.9.108.59	attackbotsspam	$f2bV_matches	2019-08-18 00:26:18
153.135.156.119	attackspambots	Aug 17 16:19:39 yabzik sshd[27793]: Failed password for root from 153.135.156.119 port 50364 ssh2 Aug 17 16:24:35 yabzik sshd[29618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.135.156.119 Aug 17 16:24:38 yabzik sshd[29618]: Failed password for invalid user sir from 153.135.156.119 port 57927 ssh2	2019-08-18 00:00:43
202.147.195.34	attackbots	Invalid user crack from 202.147.195.34 port 38610	2019-08-17 23:46:42
203.160.132.4	attack	Aug 16 23:02:30 sachi sshd\[15083\]: Invalid user bran from 203.160.132.4 Aug 16 23:02:30 sachi sshd\[15083\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.132.4 Aug 16 23:02:32 sachi sshd\[15083\]: Failed password for invalid user bran from 203.160.132.4 port 34874 ssh2 Aug 16 23:07:54 sachi sshd\[15591\]: Invalid user tsserver from 203.160.132.4 Aug 16 23:07:54 sachi sshd\[15591\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.132.4	2019-08-17 23:46:20
81.17.27.138	attack	C1,WP GET /wp-login.php	2019-08-17 23:19:16

Recently Reported IPs

46.152.139.13	67.230.176.41	1.174.94.76	109.155.63.120
103.99.177.247	214.246.91.247	14.48.175.185	123.24.163.253
183.60.21.113	217.35.190.167	41.213.196.160	117.107.140.162
41.35.247.219	62.234.105.77	122.152.227.144	106.12.178.127
18.139.116.181	202.83.127.157	87.236.215.179	166.87.236.103