193.112.138.148

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	TCP (SYN) 193.112.138.148:55523 -> port 14186, len 44	2020-09-14 22:43:23
attackbots	ssh intrusion attempt	2020-09-14 14:34:53
attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-14 06:32:05
attackbots	Invalid user indra from 193.112.138.148 port 36350	2020-08-28 06:23:00
attackbotsspam	2020-08-12T03:50:22.616356vps1033 sshd[23857]: Failed password for root from 193.112.138.148 port 34102 ssh2 2020-08-12T03:52:37.245675vps1033 sshd[28439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 user=root 2020-08-12T03:52:38.814330vps1033 sshd[28439]: Failed password for root from 193.112.138.148 port 56486 ssh2 2020-08-12T03:54:46.779042vps1033 sshd[650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 user=root 2020-08-12T03:54:48.722969vps1033 sshd[650]: Failed password for root from 193.112.138.148 port 50638 ssh2 ...	2020-08-12 12:32:47
attackbotsspam	2020-08-11T12:00:46.399790shield sshd\[3540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 user=root 2020-08-11T12:00:48.289504shield sshd\[3540\]: Failed password for root from 193.112.138.148 port 44130 ssh2 2020-08-11T12:02:31.720739shield sshd\[3699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 user=root 2020-08-11T12:02:33.690876shield sshd\[3699\]: Failed password for root from 193.112.138.148 port 33362 ssh2 2020-08-11T12:04:22.726968shield sshd\[3852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 user=root	2020-08-11 20:14:58
attackbotsspam	Aug 10 14:21:21 ajax sshd[1125]: Failed password for root from 193.112.138.148 port 34636 ssh2	2020-08-10 22:11:10
attackbotsspam	Unauthorized connection attempt detected from IP address 193.112.138.148 to port 5587	2020-08-08 17:31:37
attackbots	Port Scan ...	2020-07-31 17:29:12
attack	20 attempts against mh-ssh on echoip	2020-07-30 05:44:25
attackspam	2020-07-19T17:20:15.560061morrigan.ad5gb.com sshd[1979948]: Invalid user test from 193.112.138.148 port 54862 2020-07-19T17:20:17.155269morrigan.ad5gb.com sshd[1979948]: Failed password for invalid user test from 193.112.138.148 port 54862 ssh2	2020-07-20 07:15:43
attackspam	Jul 17 22:59:38 vps-51d81928 sshd[34900]: Invalid user xwj from 193.112.138.148 port 46082 Jul 17 22:59:38 vps-51d81928 sshd[34900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 Jul 17 22:59:38 vps-51d81928 sshd[34900]: Invalid user xwj from 193.112.138.148 port 46082 Jul 17 22:59:40 vps-51d81928 sshd[34900]: Failed password for invalid user xwj from 193.112.138.148 port 46082 ssh2 Jul 17 23:04:22 vps-51d81928 sshd[35007]: Invalid user bruno from 193.112.138.148 port 58728 ...	2020-07-18 07:11:58
attackspambots	srv02 SSH BruteForce Attacks 22 ..	2020-07-11 19:58:39
attack	2020-07-09T17:19:07.366354v22018076590370373 sshd[29288]: Invalid user liupeng from 193.112.138.148 port 56910 2020-07-09T17:19:07.372043v22018076590370373 sshd[29288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.138.148 2020-07-09T17:19:07.366354v22018076590370373 sshd[29288]: Invalid user liupeng from 193.112.138.148 port 56910 2020-07-09T17:19:08.957929v22018076590370373 sshd[29288]: Failed password for invalid user liupeng from 193.112.138.148 port 56910 ssh2 2020-07-09T17:21:31.630206v22018076590370373 sshd[26398]: Invalid user riverwin from 193.112.138.148 port 49562 ...	2020-07-09 23:50:36
attackspambots	SSH brute force	2020-07-08 09:16:45
attackbots	Brute force attempt	2020-06-02 17:06:25
attackbotsspam	$f2bV_matches	2020-05-26 14:21:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.112.138.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20365
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.112.138.148.		IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052600 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 26 14:21:34 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 148.138.112.193.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.138.112.193.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.114.252.23	attackbotsspam	Oct 14 11:05:03 firewall sshd[21441]: Failed password for root from 201.114.252.23 port 45918 ssh2 Oct 14 11:09:50 firewall sshd[21626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.114.252.23 user=root Oct 14 11:09:52 firewall sshd[21626]: Failed password for root from 201.114.252.23 port 55744 ssh2 ...	2019-10-15 00:18:28
203.155.29.221	attack	Lines containing failures of 203.155.29.221 Oct 14 13:39:02 shared11 sshd[3084]: Invalid user aw from 203.155.29.221 port 44952 Oct 14 13:39:02 shared11 sshd[3084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.155.29.221 Oct 14 13:39:04 shared11 sshd[3084]: Failed password for invalid user aw from 203.155.29.221 port 44952 ssh2 Oct 14 13:39:04 shared11 sshd[3084]: Received disconnect from 203.155.29.221 port 44952:11: Bye Bye [preauth] Oct 14 13:39:04 shared11 sshd[3084]: Disconnected from invalid user aw 203.155.29.221 port 44952 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=203.155.29.221	2019-10-15 00:17:04
138.68.4.8	attackspam	2019-10-14T12:00:14.784406shield sshd\[23415\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 user=root 2019-10-14T12:00:16.956361shield sshd\[23415\]: Failed password for root from 138.68.4.8 port 57244 ssh2 2019-10-14T12:04:05.672661shield sshd\[23749\]: Invalid user git from 138.68.4.8 port 40006 2019-10-14T12:04:05.676981shield sshd\[23749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 2019-10-14T12:04:07.894198shield sshd\[23749\]: Failed password for invalid user git from 138.68.4.8 port 40006 ssh2	2019-10-15 00:11:08
89.35.57.214	attack	Oct 14 16:35:45 v22018076622670303 sshd\[13796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.35.57.214 user=root Oct 14 16:35:47 v22018076622670303 sshd\[13796\]: Failed password for root from 89.35.57.214 port 59872 ssh2 Oct 14 16:43:43 v22018076622670303 sshd\[13927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.35.57.214 user=root ...	2019-10-15 00:34:18
110.74.222.145	attackbots	Automatic report - XMLRPC Attack	2019-10-14 23:59:29
119.29.162.17	attack	Oct 14 11:59:38 plusreed sshd[26478]: Invalid user mediagoblin from 119.29.162.17 ...	2019-10-15 00:02:07
188.131.179.87	attack	Oct 14 13:42:35 SilenceServices sshd[30330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.179.87 Oct 14 13:42:37 SilenceServices sshd[30330]: Failed password for invalid user !QAZ2wsx3edc from 188.131.179.87 port 62395 ssh2 Oct 14 13:47:49 SilenceServices sshd[31772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.179.87	2019-10-15 00:31:04
218.206.233.198	attackbotsspam	Oct 14 14:52:01 ncomp postfix/smtpd[27587]: warning: unknown[218.206.233.198]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 14:52:10 ncomp postfix/smtpd[27587]: warning: unknown[218.206.233.198]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 14:52:25 ncomp postfix/smtpd[27587]: warning: unknown[218.206.233.198]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-14 23:58:41
110.172.144.242	attackbots	Telnet/23 MH Probe, BF, Hack -	2019-10-15 00:26:52
94.191.108.176	attackspam	2019-10-14T15:44:15.695388stark.klein-stark.info sshd\[11473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.108.176 user=root 2019-10-14T15:44:17.647342stark.klein-stark.info sshd\[11473\]: Failed password for root from 94.191.108.176 port 49650 ssh2 2019-10-14T16:13:08.675595stark.klein-stark.info sshd\[13568\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.108.176 user=root ...	2019-10-15 00:21:34
114.242.169.37	attackspam	Oct 14 01:59:15 friendsofhawaii sshd\[17708\]: Invalid user Contrasena12 from 114.242.169.37 Oct 14 01:59:15 friendsofhawaii sshd\[17708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.242.169.37 Oct 14 01:59:17 friendsofhawaii sshd\[17708\]: Failed password for invalid user Contrasena12 from 114.242.169.37 port 47280 ssh2 Oct 14 02:03:53 friendsofhawaii sshd\[18033\]: Invalid user Welcome@2015 from 114.242.169.37 Oct 14 02:03:53 friendsofhawaii sshd\[18033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.242.169.37	2019-10-15 00:36:10
106.12.98.168	attack	Oct 14 15:31:06 markkoudstaal sshd[4151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.98.168 Oct 14 15:31:08 markkoudstaal sshd[4151]: Failed password for invalid user cinstall from 106.12.98.168 port 41578 ssh2 Oct 14 15:34:46 markkoudstaal sshd[4433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.98.168	2019-10-15 00:29:25
175.139.242.49	attackbotsspam	Oct 14 11:00:19 plusreed sshd[13468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.139.242.49 user=root Oct 14 11:00:21 plusreed sshd[13468]: Failed password for root from 175.139.242.49 port 13110 ssh2 ...	2019-10-15 00:20:29
51.38.238.165	attack	Oct 14 15:50:02 venus sshd\[3957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.238.165 user=root Oct 14 15:50:04 venus sshd\[3957\]: Failed password for root from 51.38.238.165 port 39312 ssh2 Oct 14 15:54:05 venus sshd\[4027\]: Invalid user test2 from 51.38.238.165 port 51160 ...	2019-10-14 23:58:18
125.68.57.101	attackbots	Unauthorised access (Oct 14) SRC=125.68.57.101 LEN=40 TOS=0x10 PREC=0x40 TTL=241 ID=51441 TCP DPT=445 WINDOW=1024 SYN	2019-10-15 00:31:53

Recently Reported IPs

43.254.115.127	203.90.16.223	91.137.99.234	248.51.126.153
122.236.185.216	197.50.135.189	159.89.48.63	84.215.146.57
45.4.145.3	175.96.150.92	158.27.251.67	152.66.23.45
16.172.63.74	80.197.23.237	177.72.11.36	53.64.240.155
10.195.24.206	77.144.54.224	160.161.104.96	248.207.36.220