148.70.7.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Want to login in wordpress admin "Hacker"	2020-07-24 18:02:55
attackbots	Multiple web server 500 error code (Internal Error).	2020-06-05 07:13:59
attack	C2,WP GET /wp-login.php	2020-05-03 12:45:06

Comments on same subnet:

IP	Type	Details	Datetime
148.70.77.134	attackbotsspam	Aug 5 00:50:26 ws12vmsma01 sshd[58184]: Failed password for root from 148.70.77.134 port 54140 ssh2 Aug 5 00:53:39 ws12vmsma01 sshd[58611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 user=root Aug 5 00:53:41 ws12vmsma01 sshd[58611]: Failed password for root from 148.70.77.134 port 35214 ssh2 ...	2020-08-05 13:23:34
148.70.77.134	attackbots	Jul 26 07:30:44 vps647732 sshd[572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 Jul 26 07:30:46 vps647732 sshd[572]: Failed password for invalid user apache from 148.70.77.134 port 47722 ssh2 ...	2020-07-26 14:45:57
148.70.77.134	attackspambots	Jul 7 22:06:38 vps sshd[207943]: Failed password for invalid user emely from 148.70.77.134 port 39284 ssh2 Jul 7 22:10:48 vps sshd[232903]: Invalid user terence from 148.70.77.134 port 36046 Jul 7 22:10:48 vps sshd[232903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 Jul 7 22:10:49 vps sshd[232903]: Failed password for invalid user terence from 148.70.77.134 port 36046 ssh2 Jul 7 22:15:03 vps sshd[253801]: Invalid user admin from 148.70.77.134 port 32802 ...	2020-07-08 04:17:43
148.70.77.134	attackbots	2020-06-25T14:18:35.249224randservbullet-proofcloud-66.localdomain sshd[31003]: Invalid user rtm from 148.70.77.134 port 44522 2020-06-25T14:18:35.253621randservbullet-proofcloud-66.localdomain sshd[31003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 2020-06-25T14:18:35.249224randservbullet-proofcloud-66.localdomain sshd[31003]: Invalid user rtm from 148.70.77.134 port 44522 2020-06-25T14:18:37.549669randservbullet-proofcloud-66.localdomain sshd[31003]: Failed password for invalid user rtm from 148.70.77.134 port 44522 ssh2 ...	2020-06-26 02:30:19
148.70.77.134	attackspambots	Jun 21 17:24:32 tuxlinux sshd[61537]: Invalid user wch from 148.70.77.134 port 38584 Jun 21 17:24:32 tuxlinux sshd[61537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 Jun 21 17:24:32 tuxlinux sshd[61537]: Invalid user wch from 148.70.77.134 port 38584 Jun 21 17:24:32 tuxlinux sshd[61537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 Jun 21 17:24:32 tuxlinux sshd[61537]: Invalid user wch from 148.70.77.134 port 38584 Jun 21 17:24:32 tuxlinux sshd[61537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 Jun 21 17:24:34 tuxlinux sshd[61537]: Failed password for invalid user wch from 148.70.77.134 port 38584 ssh2 ...	2020-06-22 01:08:55
148.70.77.134	attack	Bruteforce detected by fail2ban	2020-06-16 01:20:41
148.70.77.134	attackspam	Jun 15 00:10:36 electroncash sshd[2283]: Failed password for invalid user ntt from 148.70.77.134 port 46270 ssh2 Jun 15 00:13:49 electroncash sshd[3201]: Invalid user hadoop from 148.70.77.134 port 59288 Jun 15 00:13:49 electroncash sshd[3201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 Jun 15 00:13:49 electroncash sshd[3201]: Invalid user hadoop from 148.70.77.134 port 59288 Jun 15 00:13:50 electroncash sshd[3201]: Failed password for invalid user hadoop from 148.70.77.134 port 59288 ssh2 ...	2020-06-15 06:42:43
148.70.72.242	attackbotsspam	Invalid user webuser from 148.70.72.242 port 36244	2020-06-14 13:04:05
148.70.77.134	attack	Jun 6 21:48:56 scw-6657dc sshd[19952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 user=root Jun 6 21:48:56 scw-6657dc sshd[19952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 user=root Jun 6 21:48:59 scw-6657dc sshd[19952]: Failed password for root from 148.70.77.134 port 42824 ssh2 ...	2020-06-07 06:30:43
148.70.72.242	attackbotsspam	Jun 6 14:44:43 vps647732 sshd[26396]: Failed password for root from 148.70.72.242 port 49356 ssh2 ...	2020-06-06 22:09:27
148.70.72.242	attackspambots	sshd: Failed password for invalid user .... from 148.70.72.242 port 50302 ssh2 (2 attempts)	2020-05-29 03:55:18
148.70.77.134	attackspambots	May 28 15:04:48 ns382633 sshd\[1025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 user=root May 28 15:04:50 ns382633 sshd\[1025\]: Failed password for root from 148.70.77.134 port 51664 ssh2 May 28 15:09:28 ns382633 sshd\[2001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 user=root May 28 15:09:30 ns382633 sshd\[2001\]: Failed password for root from 148.70.77.134 port 45104 ssh2 May 28 15:14:14 ns382633 sshd\[2960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.77.134 user=root	2020-05-28 22:26:51
148.70.77.134	attack	May 27 23:54:56 h2829583 sshd[16973]: Failed password for root from 148.70.77.134 port 57902 ssh2	2020-05-28 06:24:29
148.70.72.242	attackbots	May 22 21:31:48 santamaria sshd\[9371\]: Invalid user xhe from 148.70.72.242 May 22 21:31:48 santamaria sshd\[9371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.72.242 May 22 21:31:50 santamaria sshd\[9371\]: Failed password for invalid user xhe from 148.70.72.242 port 40384 ssh2 ...	2020-05-23 03:33:12
148.70.72.242	attackspambots	May 8 23:57:46 firewall sshd[3744]: Invalid user odoo from 148.70.72.242 May 8 23:57:48 firewall sshd[3744]: Failed password for invalid user odoo from 148.70.72.242 port 57788 ssh2 May 8 23:59:48 firewall sshd[3782]: Invalid user support from 148.70.72.242 ...	2020-05-09 16:39:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.70.7.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55641
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.70.7.149.			IN	A

;; AUTHORITY SECTION:
.			343	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010600 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 06 23:28:26 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 149.7.70.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.7.70.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.22.45.29	attackspam	08/01/2019-23:28:36.742872 81.22.45.29 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82	2019-08-02 12:34:20
201.33.41.125	attackspambots	SMTP-sasl brute force ...	2019-08-02 12:32:11
185.208.208.144	attackspambots	08/01/2019-22:12:19.488976 185.208.208.144 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-08-02 11:41:45
198.108.67.43	attackbotsspam	" "	2019-08-02 11:37:07
87.98.147.104	attackbotsspam	Aug 1 19:20:11 debian sshd\[31657\]: Invalid user adcuser from 87.98.147.104 port 57240 Aug 1 19:20:11 debian sshd\[31657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.98.147.104 Aug 1 19:20:13 debian sshd\[31657\]: Failed password for invalid user adcuser from 87.98.147.104 port 57240 ssh2 ...	2019-08-02 11:39:57
220.178.237.16	attackbots	firewall-block, port(s): 23/tcp	2019-08-02 11:36:11
111.249.13.40	attack	Honeypot attack, port: 445, PTR: 111-249-13-40.dynamic-ip.hinet.net.	2019-08-02 11:43:46
125.227.164.62	attack	Aug 2 06:24:13 vps647732 sshd[8257]: Failed password for root from 125.227.164.62 port 39896 ssh2 Aug 2 06:28:53 vps647732 sshd[8601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.164.62 ...	2019-08-02 12:39:07
192.237.159.187	attackspam	Aug 2 01:34:43 elektron postfix/smtpd\[4128\]: NOQUEUE: reject: RCPT from unknown\[192.237.159.187\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[192.237.159.187\]\; from=\ to=\ proto=ESMTP helo=\ Aug 2 01:49:54 elektron postfix/smtpd\[1421\]: NOQUEUE: reject: RCPT from unknown\[192.237.159.187\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[192.237.159.187\]\; from=\ to=\ proto=ESMTP helo=\ Aug 2 02:19:48 elektron postfix/smtpd\[7767\]: NOQUEUE: reject: RCPT from unknown\[192.237.159.187\]: 450 4.7.1 Client host rejected: cannot find your hostname, \[192.237.159.187\]\; from=\ to=\ proto=ESMTP helo=\	2019-08-02 12:24:34
45.64.11.3	attackspam	Aug 2 05:45:51 eventyay sshd[11282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.64.11.3 Aug 2 05:45:53 eventyay sshd[11282]: Failed password for invalid user professor from 45.64.11.3 port 59714 ssh2 Aug 2 05:51:11 eventyay sshd[12510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.64.11.3 ...	2019-08-02 12:25:38
164.132.8.94	attack	SSH Brute Force, server-1 sshd[10086]: Failed password for root from 164.132.8.94 port 39600 ssh2	2019-08-02 11:54:39
173.248.226.64	attack	firewall-block, port(s): 445/tcp	2019-08-02 11:42:39
152.136.36.250	attackbots	Aug 2 06:39:32 server sshd\[15285\]: Invalid user ges from 152.136.36.250 port 1140 Aug 2 06:39:32 server sshd\[15285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.36.250 Aug 2 06:39:34 server sshd\[15285\]: Failed password for invalid user ges from 152.136.36.250 port 1140 ssh2 Aug 2 06:44:59 server sshd\[7963\]: Invalid user porsche from 152.136.36.250 port 51638 Aug 2 06:44:59 server sshd\[7963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.36.250	2019-08-02 12:37:06
185.234.216.95	attack	Aug 2 05:12:45 relay postfix/smtpd\[4440\]: warning: unknown\[185.234.216.95\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 2 05:13:36 relay postfix/smtpd\[3122\]: warning: unknown\[185.234.216.95\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 2 05:18:54 relay postfix/smtpd\[4440\]: warning: unknown\[185.234.216.95\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 2 05:19:46 relay postfix/smtpd\[21561\]: warning: unknown\[185.234.216.95\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 2 05:25:05 relay postfix/smtpd\[29154\]: warning: unknown\[185.234.216.95\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-02 11:41:10
196.52.43.85	attackspambots	5910/tcp 6379/tcp 3333/tcp... [2019-06-01/08-01]53pkt,37pt.(tcp),4pt.(udp),1tp.(icmp)	2019-08-02 12:45:30

Recently Reported IPs

139.5.242.223	75.216.151.111	225.128.135.173	139.219.8.185
201.178.157.171	43.51.57.235	134.230.224.138	223.59.61.32
31.225.0.167	19.198.87.61	50.106.38.111	43.131.126.91
252.14.107.213	204.240.221.135	181.44.56.205	93.246.187.13
49.235.187.153	173.21.127.120	216.67.3.240	190.110.212.195