148.70.52.44 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sep 19 22:30:18 mail sshd\[638\]: Invalid user jack from 148.70.52.44 port 25660 Sep 19 22:30:18 mail sshd\[638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.52.44 Sep 19 22:30:20 mail sshd\[638\]: Failed password for invalid user jack from 148.70.52.44 port 25660 ssh2 Sep 19 22:30:45 mail sshd\[724\]: Invalid user donald from 148.70.52.44 port 27078 Sep 19 22:30:45 mail sshd\[724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.52.44	2019-09-20 05:00:17

Type

Details

Datetime

attackbotsspam

Sep 19 22:30:18 mail sshd\[638\]: Invalid user jack from 148.70.52.44 port 25660
Sep 19 22:30:18 mail sshd\[638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.52.44
Sep 19 22:30:20 mail sshd\[638\]: Failed password for invalid user jack from 148.70.52.44 port 25660 ssh2
Sep 19 22:30:45 mail sshd\[724\]: Invalid user donald from 148.70.52.44 port 27078
Sep 19 22:30:45 mail sshd\[724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.52.44

2019-09-20 05:00:17

Comments on same subnet:

IP	Type	Details	Datetime
148.70.52.60	attack	Unauthorized connection attempt detected from IP address 148.70.52.60 to port 6678 [T]	2020-05-09 03:25:37
148.70.52.60	attackspam	Apr 20 17:07:42 v22018086721571380 sshd[23485]: Failed password for invalid user aw from 148.70.52.60 port 58280 ssh2	2020-04-21 03:12:32

Type

Details

Datetime

148.70.52.60

attack

Unauthorized connection attempt detected from IP address 148.70.52.60 to port 6678 [T]

2020-05-09 03:25:37

148.70.52.60

attackspam

Apr 20 17:07:42 v22018086721571380 sshd[23485]: Failed password for invalid user aw from 148.70.52.60 port 58280 ssh2

2020-04-21 03:12:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.52.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32909
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.52.44.			IN	A

;; AUTHORITY SECTION:
.			399	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091902 1800 900 604800 86400

;; Query time: 160 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 05:00:12 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 44.52.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 44.52.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.236.100.114	attack	Jul 13 08:21:45 logopedia-1vcpu-1gb-nyc1-01 sshd[48695]: Invalid user queen from 115.236.100.114 port 5250 ...	2020-07-13 23:55:53
64.52.84.99	attackspambots	Invalid user wanghao from 64.52.84.99 port 38814	2020-07-14 00:27:06
92.17.2.176	attackspambots	Port scan denied	2020-07-14 00:23:47
134.209.169.202	attack	Port scan denied	2020-07-14 00:29:09
175.24.77.27	attackbotsspam	Jul 13 14:54:29 PorscheCustomer sshd[30601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.77.27 Jul 13 14:54:31 PorscheCustomer sshd[30601]: Failed password for invalid user pentarun from 175.24.77.27 port 34064 ssh2 Jul 13 14:56:56 PorscheCustomer sshd[30723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.77.27 ...	2020-07-14 00:06:21
45.5.209.144	attackspam	Automatic report - Port Scan Attack	2020-07-14 00:24:52
187.45.80.11	attackbotsspam	Invalid user test from 187.45.80.11 port 42944	2020-07-14 00:34:31
46.38.150.72	attackbotsspam	Jul 13 17:43:41 srv01 postfix/smtpd\[4324\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 13 17:44:44 srv01 postfix/smtpd\[4382\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 13 17:45:16 srv01 postfix/smtpd\[4324\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 13 17:45:47 srv01 postfix/smtpd\[4324\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 13 17:46:19 srv01 postfix/smtpd\[4324\]: warning: unknown\[46.38.150.72\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-13 23:55:37
96.9.79.23	attack	Persistent port scanning [67 denied]	2020-07-14 00:44:08
114.34.56.230	attackbots	Port scan denied	2020-07-14 00:14:05
31.0.123.177	attackbotsspam	[13/Jul/2020 x@x [13/Jul/2020 x@x [13/Jul/2020 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=31.0.123.177	2020-07-14 00:35:29
192.241.238.241	attackspam	scans once in preceeding hours on the ports (in chronological order) 5601 resulting in total of 59 scans from 192.241.128.0/17 block.	2020-07-13 23:57:07
222.103.93.42	attack	Port scan denied	2020-07-14 00:20:44
128.199.250.201	attackbotsspam	Invalid user kuai from 128.199.250.201 port 52685	2020-07-14 00:37:15
218.144.106.106	attackbotsspam	Unauthorized connection attempt detected from IP address 218.144.106.106 to port 23	2020-07-14 00:05:56

Recently Reported IPs

106.12.32.48	2607:5300:203:71b::	94.199.212.76	125.150.173.190
51.254.165.68	36.75.66.81	27.72.47.240	148.240.235.160
141.98.102.243	136.55.86.110	222.133.37.18	9.212.185.185
13.248.183.112	13.32.239.33	119.42.81.149	59.196.93.224
109.193.243.71	153.201.152.44	77.236.155.204	194.172.130.162