203.148.20.162

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: DYXNET of Shenzhen Communication Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 11 17:37:59 vpn01 sshd[17151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 Oct 11 17:38:02 vpn01 sshd[17151]: Failed password for invalid user agrafena from 203.148.20.162 port 42126 ssh2 ...	2020-10-12 01:06:48
attack	Oct 11 10:50:25 h2646465 sshd[25677]: Invalid user test from 203.148.20.162 Oct 11 10:50:25 h2646465 sshd[25677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 Oct 11 10:50:25 h2646465 sshd[25677]: Invalid user test from 203.148.20.162 Oct 11 10:50:28 h2646465 sshd[25677]: Failed password for invalid user test from 203.148.20.162 port 50480 ssh2 Oct 11 10:56:28 h2646465 sshd[26286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 user=root Oct 11 10:56:30 h2646465 sshd[26286]: Failed password for root from 203.148.20.162 port 49802 ssh2 Oct 11 10:58:52 h2646465 sshd[26356]: Invalid user tecmint from 203.148.20.162 Oct 11 10:58:53 h2646465 sshd[26356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 Oct 11 10:58:52 h2646465 sshd[26356]: Invalid user tecmint from 203.148.20.162 Oct 11 10:58:54 h2646465 sshd[26356]: Failed password for invalid use	2020-10-11 16:59:23
attackspambots	Oct 10 16:51:57 pixelmemory sshd[4037976]: Invalid user paraccel from 203.148.20.162 port 53348 Oct 10 16:51:57 pixelmemory sshd[4037976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 Oct 10 16:51:57 pixelmemory sshd[4037976]: Invalid user paraccel from 203.148.20.162 port 53348 Oct 10 16:51:58 pixelmemory sshd[4037976]: Failed password for invalid user paraccel from 203.148.20.162 port 53348 ssh2 Oct 10 16:54:13 pixelmemory sshd[4045990]: Invalid user helpdesk from 203.148.20.162 port 59664 ...	2020-10-11 10:19:50
attack	Sep 29 15:06:47 ip-172-31-16-56 sshd\[32750\]: Invalid user ian1 from 203.148.20.162\ Sep 29 15:06:49 ip-172-31-16-56 sshd\[32750\]: Failed password for invalid user ian1 from 203.148.20.162 port 47090 ssh2\ Sep 29 15:09:36 ip-172-31-16-56 sshd\[364\]: Invalid user manager from 203.148.20.162\ Sep 29 15:09:38 ip-172-31-16-56 sshd\[364\]: Failed password for invalid user manager from 203.148.20.162 port 46670 ssh2\ Sep 29 15:12:27 ip-172-31-16-56 sshd\[389\]: Invalid user internet1 from 203.148.20.162\	2020-09-30 00:31:29
attackbotsspam	Sep 16 12:26:51 melroy-server sshd[4351]: Failed password for root from 203.148.20.162 port 38374 ssh2 ...	2020-09-17 00:25:11
attackbots	Sep 16 10:07:59 plg sshd[22489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 Sep 16 10:08:01 plg sshd[22489]: Failed password for invalid user jhapzvpn from 203.148.20.162 port 44426 ssh2 Sep 16 10:10:01 plg sshd[22575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 Sep 16 10:10:03 plg sshd[22575]: Failed password for invalid user butter from 203.148.20.162 port 40998 ssh2 Sep 16 10:12:00 plg sshd[22633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.162 user=root Sep 16 10:12:02 plg sshd[22633]: Failed password for invalid user root from 203.148.20.162 port 37562 ssh2 ...	2020-09-16 16:41:17

Comments on same subnet:

IP	Type	Details	Datetime
203.148.20.254	attackbots	2020-08-14T17:35:33.9706241495-001 sshd[37739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.254 user=root 2020-08-14T17:35:36.6371881495-001 sshd[37739]: Failed password for root from 203.148.20.254 port 53065 ssh2 2020-08-14T17:39:40.5733761495-001 sshd[37914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.254 user=root 2020-08-14T17:39:42.8135691495-001 sshd[37914]: Failed password for root from 203.148.20.254 port 57911 ssh2 2020-08-14T17:43:51.0626521495-001 sshd[38126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.254 user=root 2020-08-14T17:43:53.4281391495-001 sshd[38126]: Failed password for root from 203.148.20.254 port 34526 ssh2 ...	2020-08-15 07:05:29
203.148.20.254	attackspambots	fail2ban -- 203.148.20.254 ...	2020-07-23 16:57:02
203.148.20.254	attackspambots	2020-06-27T10:51:28.576425hostname sshd[13761]: Invalid user web from 203.148.20.254 port 50161 2020-06-27T10:51:30.796783hostname sshd[13761]: Failed password for invalid user web from 203.148.20.254 port 50161 ssh2 2020-06-27T10:54:41.499645hostname sshd[16071]: Invalid user marilia from 203.148.20.254 port 42540 ...	2020-06-27 13:54:46
203.148.20.254	attackspambots	Invalid user tomcat from 203.148.20.254 port 60793	2020-06-15 15:31:05
203.148.20.254	attack	May 21 10:28:33 Host-KLAX-C sshd[13745]: Disconnected from invalid user mvl 203.148.20.254 port 56280 [preauth] ...	2020-05-22 03:54:11
203.148.20.254	attack	Invalid user oliver from 203.148.20.254 port 39726	2020-05-16 07:54:47
203.148.20.254	attackspambots	prod3 ...	2020-05-05 08:34:32
203.148.20.254	attackspam	Apr 19 14:57:31 Enigma sshd[29151]: Failed password for root from 203.148.20.254 port 45035 ssh2 Apr 19 15:02:28 Enigma sshd[29659]: Invalid user test from 203.148.20.254 port 46101 Apr 19 15:02:28 Enigma sshd[29659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.254 Apr 19 15:02:28 Enigma sshd[29659]: Invalid user test from 203.148.20.254 port 46101 Apr 19 15:02:29 Enigma sshd[29659]: Failed password for invalid user test from 203.148.20.254 port 46101 ssh2	2020-04-19 23:21:57
203.148.20.254	attackbotsspam	2020-03-28T12:37:02.398615abusebot-6.cloudsearch.cf sshd[17308]: Invalid user cxd from 203.148.20.254 port 45953 2020-03-28T12:37:02.410843abusebot-6.cloudsearch.cf sshd[17308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.254 2020-03-28T12:37:02.398615abusebot-6.cloudsearch.cf sshd[17308]: Invalid user cxd from 203.148.20.254 port 45953 2020-03-28T12:37:03.758237abusebot-6.cloudsearch.cf sshd[17308]: Failed password for invalid user cxd from 203.148.20.254 port 45953 ssh2 2020-03-28T12:41:43.552046abusebot-6.cloudsearch.cf sshd[17587]: Invalid user stn from 203.148.20.254 port 42218 2020-03-28T12:41:43.561207abusebot-6.cloudsearch.cf sshd[17587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.20.254 2020-03-28T12:41:43.552046abusebot-6.cloudsearch.cf sshd[17587]: Invalid user stn from 203.148.20.254 port 42218 2020-03-28T12:41:45.485626abusebot-6.cloudsearch.cf sshd[17587]: Failed pa ...	2020-03-29 00:51:58
203.148.20.254	attackbots	Mar 25 23:28:45 plex sshd[11553]: Invalid user jerry from 203.148.20.254 port 44148	2020-03-26 06:35:24
203.148.20.254	attackbots	3x Failed Password	2020-03-24 15:14:47
203.148.20.254	attackbots	$f2bV_matches	2020-03-03 13:40:34
203.148.207.18	attackspam	Port probing on unauthorized port 3389	2020-02-27 14:28:57
203.148.20.254	attack	$f2bV_matches	2020-02-27 05:33:02
203.148.20.254	attack	Invalid user david from 203.148.20.254 port 54576	2020-02-26 07:27:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.148.20.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7536
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.148.20.162.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091600 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 16 16:41:13 CST 2020
;; MSG SIZE  rcvd: 118

Host info

162.20.148.203.in-addr.arpa domain name pointer static-ip-162-20-148-203.rev.dyxnet.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
162.20.148.203.in-addr.arpa	name = static-ip-162-20-148-203.rev.dyxnet.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.122.16.19	attackbotsspam	Port scan(s) denied	2020-05-05 16:10:33
106.13.26.62	attack	$f2bV_matches	2020-05-05 15:55:13
190.121.64.218	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-05-05 16:23:24
142.93.247.221	attackbots	k+ssh-bruteforce	2020-05-05 15:49:17
115.231.158.146	attackbots	CPHulk brute force detection (a)	2020-05-05 16:11:49
222.186.190.14	attack	2020-05-05T09:58:32.769497centos sshd[8465]: Failed password for root from 222.186.190.14 port 47830 ssh2 2020-05-05T09:58:35.433173centos sshd[8465]: Failed password for root from 222.186.190.14 port 47830 ssh2 2020-05-05T09:58:39.617462centos sshd[8465]: Failed password for root from 222.186.190.14 port 47830 ssh2 ...	2020-05-05 15:59:35
129.192.71.74	attackbots	May 5 09:21:45 vpn01 sshd[23685]: Failed password for root from 129.192.71.74 port 48638 ssh2 ...	2020-05-05 16:10:50
79.124.62.70	attack	May 5 09:51:19 debian-2gb-nbg1-2 kernel: \[10923975.305182\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=79.124.62.70 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=33671 PROTO=TCP SPT=48521 DPT=5023 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-05 15:56:16
171.220.243.192	attackspambots	k+ssh-bruteforce	2020-05-05 15:45:12
49.12.79.65	attackspambots	May 5 04:40:42 legacy sshd[21409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.79.65 May 5 04:40:45 legacy sshd[21409]: Failed password for invalid user reinaldo from 49.12.79.65 port 52740 ssh2 May 5 04:44:59 legacy sshd[21636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.12.79.65 ...	2020-05-05 15:50:01
66.206.3.50	attackbotsspam	May 4 13:37:36 mxgate1 postfix/postscreen[28240]: CONNECT from [66.206.3.50]:59284 to [176.31.12.44]:25 May 4 13:37:42 mxgate1 postfix/postscreen[28240]: PASS NEW [66.206.3.50]:59284 May 4 13:37:47 mxgate1 postfix/smtpd[28245]: connect from 66-206-3-50.static.hvvc.us[66.206.3.50] May x@x May 4 13:37:50 mxgate1 postfix/smtpd[28245]: disconnect from 66-206-3-50.static.hvvc.us[66.206.3.50] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 eclipset=1 quhostname=1 commands=6/8 May 4 13:54:38 mxgate1 postfix/postscreen[28651]: CONNECT from [66.206.3.50]:56662 to [176.31.12.44]:25 May 4 13:54:38 mxgate1 postfix/postscreen[28651]: PASS OLD [66.206.3.50]:56662 May 4 13:54:38 mxgate1 postfix/smtpd[28652]: connect from 66-206-3-50.static.hvvc.us[66.206.3.50] May 4 13:54:42 mxgate1 postfix/smtpd[28652]: AA216A01B8: client=66-206-3-50.static.hvvc.us[66.206.3.50] May 4 13:54:42 mxgate1 postfix/smtpd[28652]: disconnect from 66-206-3-50.static.hvvc.us[66.206.3.50] ehlo=2 starttls=1 m........ -------------------------------	2020-05-05 15:58:26
185.175.93.24	attackspambots	May 5 09:19:47 debian-2gb-nbg1-2 kernel: \[10922083.206859\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.24 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=65495 PROTO=TCP SPT=49062 DPT=5904 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-05 16:05:19
158.69.113.13	attackbotsspam	[05/May/2020:09:19:46 +0200] Web-Request: "GET /wp-content/plugins/apikey/apikey.php", User-Agent: "python-requests/2.23.0"	2020-05-05 16:20:29
180.249.181.96	attackspam	1588640763 - 05/05/2020 03:06:03 Host: 180.249.181.96/180.249.181.96 Port: 445 TCP Blocked	2020-05-05 16:02:48
185.202.1.222	attackspam	scan r	2020-05-05 16:12:19

Recently Reported IPs

206.189.177.112	248.197.253.10	166.124.95.176	30.82.16.193
54.67.61.43	176.251.140.51	252.195.202.136	123.227.13.253
3.87.196.39	162.140.192.57	218.126.43.231	184.244.57.127
116.211.63.97	169.222.15.216	50.150.158.116	176.213.109.2
214.14.204.140	103.85.144.35	225.57.154.66	189.64.232.77