203.148.8.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: DYXNET of Shenzhen Communication Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts.	2020-06-14 16:43:21
attack	$f2bV_matches	2020-02-27 05:29:58
attackspam	Jan 27 05:56:13 sshd[25171]: Failed password for invalid user web from 203.148.8.6 port 40663 ssh2	2020-01-27 13:41:48
attackspam	2020-01-17T16:09:57.555446shield sshd\[32717\]: Invalid user viridiana from 203.148.8.6 port 60821 2020-01-17T16:09:57.561103shield sshd\[32717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.8.6 2020-01-17T16:09:59.748726shield sshd\[32717\]: Failed password for invalid user viridiana from 203.148.8.6 port 60821 ssh2 2020-01-17T16:12:08.128525shield sshd\[1402\]: Invalid user testuser from 203.148.8.6 port 39003 2020-01-17T16:12:08.138062shield sshd\[1402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.8.6	2020-01-18 01:38:43
attackbots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.8.6 user=root Failed password for root from 203.148.8.6 port 52054 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.8.6 user=root Failed password for root from 203.148.8.6 port 42928 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.8.6 user=root	2019-11-10 07:40:23
attackbots	Nov 5 07:27:44 lnxweb62 sshd[16906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.8.6	2019-11-05 16:40:43

Comments on same subnet:

IP	Type	Details	Datetime
203.148.87.154	attack	Lines containing failures of 203.148.87.154 Oct 6 22:28:39 shared05 sshd[1950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.154 user=r.r Oct 6 22:28:40 shared05 sshd[1950]: Failed password for r.r from 203.148.87.154 port 55816 ssh2 Oct 6 22:28:41 shared05 sshd[1950]: Received disconnect from 203.148.87.154 port 55816:11: Bye Bye [preauth] Oct 6 22:28:41 shared05 sshd[1950]: Disconnected from authenticating user r.r 203.148.87.154 port 55816 [preauth] Oct 6 22:35:31 shared05 sshd[5683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.154 user=r.r Oct 6 22:35:33 shared05 sshd[5683]: Failed password for r.r from 203.148.87.154 port 35263 ssh2 Oct 6 22:35:34 shared05 sshd[5683]: Received disconnect from 203.148.87.154 port 35263:11: Bye Bye [preauth] Oct 6 22:35:34 shared05 sshd[5683]: Disconnected from authenticating user r.r 203.148.87.154 port 35263 [preaut........ ------------------------------	2020-10-08 04:18:30
203.148.87.154	attackspambots	Lines containing failures of 203.148.87.154 Oct 6 22:28:39 shared05 sshd[1950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.154 user=r.r Oct 6 22:28:40 shared05 sshd[1950]: Failed password for r.r from 203.148.87.154 port 55816 ssh2 Oct 6 22:28:41 shared05 sshd[1950]: Received disconnect from 203.148.87.154 port 55816:11: Bye Bye [preauth] Oct 6 22:28:41 shared05 sshd[1950]: Disconnected from authenticating user r.r 203.148.87.154 port 55816 [preauth] Oct 6 22:35:31 shared05 sshd[5683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.154 user=r.r Oct 6 22:35:33 shared05 sshd[5683]: Failed password for r.r from 203.148.87.154 port 35263 ssh2 Oct 6 22:35:34 shared05 sshd[5683]: Received disconnect from 203.148.87.154 port 35263:11: Bye Bye [preauth] Oct 6 22:35:34 shared05 sshd[5683]: Disconnected from authenticating user r.r 203.148.87.154 port 35263 [preaut........ ------------------------------	2020-10-07 20:37:35
203.148.87.154	attackspambots	Oct 7 05:55:14 server sshd[13972]: Failed password for root from 203.148.87.154 port 46674 ssh2 Oct 7 05:57:07 server sshd[14981]: Failed password for root from 203.148.87.154 port 56462 ssh2 Oct 7 05:59:02 server sshd[16107]: Failed password for root from 203.148.87.154 port 38023 ssh2	2020-10-07 12:22:56
203.148.87.154	attack	Oct 6 19:48:53 serwer sshd\[12825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.154 user=root Oct 6 19:48:56 serwer sshd\[12825\]: Failed password for root from 203.148.87.154 port 52800 ssh2 Oct 6 19:52:51 serwer sshd\[13257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.154 user=root ...	2020-10-07 03:31:52
203.148.87.154	attackbotsspam	Oct 6 12:49:04 dev0-dcde-rnet sshd[2148]: Failed password for root from 203.148.87.154 port 51012 ssh2 Oct 6 12:51:47 dev0-dcde-rnet sshd[2188]: Failed password for root from 203.148.87.154 port 34856 ssh2	2020-10-06 19:32:51
203.148.87.154	attackbots	SSH/22 MH Probe, BF, Hack -	2020-10-06 03:30:54
203.148.87.154	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-10-05 19:23:55
203.148.87.179	attack	Aug 3 00:49:51 sip sshd[3214]: Failed password for root from 203.148.87.179 port 45410 ssh2 Aug 3 01:01:53 sip sshd[7749]: Failed password for root from 203.148.87.179 port 37462 ssh2	2020-08-05 06:33:05
203.148.87.179	attackspam	SSH Brute-Forcing (server2)	2020-08-02 17:26:26
203.148.85.54	attack	Bad bot/spoofed identity	2020-07-29 16:19:15
203.148.87.179	attack	Jul 19 07:58:15 eventyay sshd[27517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.179 Jul 19 07:58:17 eventyay sshd[27517]: Failed password for invalid user admin from 203.148.87.179 port 55438 ssh2 Jul 19 08:04:08 eventyay sshd[27786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.179 ...	2020-07-19 14:09:07
203.148.87.179	attackbotsspam	Jul 16 16:05:54 mailserver sshd[4825]: Invalid user bass from 203.148.87.179 Jul 16 16:05:54 mailserver sshd[4825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.148.87.179 Jul 16 16:05:56 mailserver sshd[4825]: Failed password for invalid user bass from 203.148.87.179 port 45908 ssh2 Jul 16 16:05:57 mailserver sshd[4825]: Received disconnect from 203.148.87.179 port 45908:11: Bye Bye [preauth] Jul 16 16:05:57 mailserver sshd[4825]: Disconnected from 203.148.87.179 port 45908 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=203.148.87.179	2020-07-19 05:59:13
203.148.87.179	attackbots	SSH Bruteforce attack	2020-07-16 22:48:27
203.148.84.6	attackbots	Unauthorized connection attempt from IP address 203.148.84.6 on Port 445(SMB)	2020-06-23 02:17:48
203.148.85.54	attack	404 NOT FOUND	2020-06-22 17:01:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.148.8.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35209
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.148.8.6.			IN	A

;; AUTHORITY SECTION:
.			495	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110500 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 16:40:39 CST 2019
;; MSG SIZE  rcvd: 115

Host info

6.8.148.203.in-addr.arpa domain name pointer static-ip-6-8-148-203.rev.dyxnet.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.8.148.203.in-addr.arpa	name = static-ip-6-8-148-203.rev.dyxnet.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.237.130.11	attackspam	Jan 4 14:12:01 jane sshd[24009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.237.130.11 Jan 4 14:12:02 jane sshd[24009]: Failed password for invalid user user from 41.237.130.11 port 58665 ssh2 ...	2020-01-05 00:33:48
122.118.46.35	attackbotsspam	SMB Server BruteForce Attack	2020-01-05 00:36:28
89.216.47.154	attack	Unauthorized connection attempt detected from IP address 89.216.47.154 to port 2220 [J]	2020-01-05 00:27:07
219.142.140.2	attackbots	Jan 4 16:32:14 ip-172-31-62-245 sshd\[19294\]: Invalid user qrb from 219.142.140.2\ Jan 4 16:32:16 ip-172-31-62-245 sshd\[19294\]: Failed password for invalid user qrb from 219.142.140.2 port 55579 ssh2\ Jan 4 16:36:30 ip-172-31-62-245 sshd\[19374\]: Invalid user nate from 219.142.140.2\ Jan 4 16:36:32 ip-172-31-62-245 sshd\[19374\]: Failed password for invalid user nate from 219.142.140.2 port 17916 ssh2\ Jan 4 16:40:32 ip-172-31-62-245 sshd\[19500\]: Invalid user tgz from 219.142.140.2\	2020-01-05 00:45:45
222.186.175.161	attackspam	Jan 4 13:07:31 vps46666688 sshd[1551]: Failed password for root from 222.186.175.161 port 19448 ssh2 Jan 4 13:07:45 vps46666688 sshd[1551]: error: maximum authentication attempts exceeded for root from 222.186.175.161 port 19448 ssh2 [preauth] ...	2020-01-05 00:11:56
178.128.217.58	attackspam	Jan 4 17:31:48 host sshd[27916]: Invalid user renato from 178.128.217.58 port 60948 ...	2020-01-05 00:40:46
128.199.253.75	attackspam	[Aegis] @ 2020-01-04 16:07:36 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-01-05 00:34:53
45.56.152.239	attack	Jan 4 20:12:30 itv-usvr-01 sshd[9943]: Invalid user admin from 45.56.152.239 Jan 4 20:12:30 itv-usvr-01 sshd[9943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.56.152.239 Jan 4 20:12:30 itv-usvr-01 sshd[9943]: Invalid user admin from 45.56.152.239 Jan 4 20:12:32 itv-usvr-01 sshd[9943]: Failed password for invalid user admin from 45.56.152.239 port 65091 ssh2 Jan 4 20:12:34 itv-usvr-01 sshd[9945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.56.152.239 user=root Jan 4 20:12:35 itv-usvr-01 sshd[9945]: Failed password for root from 45.56.152.239 port 65374 ssh2	2020-01-05 00:08:17
203.160.57.43	attack	proto=tcp . spt=60851 . dpt=25 . (Found on Dark List de Jan 04) (246)	2020-01-05 00:43:21
189.57.140.10	attack	Jan 4 14:28:02 124388 sshd[3908]: Invalid user qcd from 189.57.140.10 port 45280 Jan 4 14:28:02 124388 sshd[3908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.57.140.10 Jan 4 14:28:02 124388 sshd[3908]: Invalid user qcd from 189.57.140.10 port 45280 Jan 4 14:28:04 124388 sshd[3908]: Failed password for invalid user qcd from 189.57.140.10 port 45280 ssh2 Jan 4 14:30:10 124388 sshd[3928]: Invalid user hadoop from 189.57.140.10 port 54207	2020-01-05 00:21:39
45.136.108.116	attackbotsspam	Jan 4 16:05:55 h2177944 kernel: \[1348943.474177\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=15354 PROTO=TCP SPT=57394 DPT=50105 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:21:04 h2177944 kernel: \[1349852.208495\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40154 PROTO=TCP SPT=57394 DPT=2424 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:21:04 h2177944 kernel: \[1349852.208510\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=40154 PROTO=TCP SPT=57394 DPT=2424 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:29:22 h2177944 kernel: \[1350349.915105\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=41219 PROTO=TCP SPT=57394 DPT=9025 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 16:29:22 h2177944 kernel: \[1350349.915118\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.116 DST=85.214	2020-01-05 00:33:22
185.56.183.37	attackbotsspam	Automatic report - Port Scan Attack	2020-01-05 00:24:48
198.211.123.196	attackbotsspam	Unauthorized connection attempt detected from IP address 198.211.123.196 to port 2220 [J]	2020-01-05 00:39:36
14.232.179.155	attackspambots	1578143547 - 01/04/2020 14:12:27 Host: 14.232.179.155/14.232.179.155 Port: 445 TCP Blocked	2020-01-05 00:19:22
159.192.216.238	attackbotsspam	Unauthorized connection attempt detected from IP address 159.192.216.238 to port 445	2020-01-05 00:47:17

Recently Reported IPs

173.249.2.122	111.125.70.104	187.177.130.238	42.236.10.108
109.93.116.136	5.53.119.250	171.110.82.24	77.68.41.115
2.180.137.235	85.117.235.228	177.42.39.184	5.67.248.243
178.128.243.130	144.91.67.12	240e:cc:1c:9f0f:5050:2e70:ef0:bdb6	60.229.41.31
110.139.126.130	183.129.52.148	173.244.44.43	122.105.97.173