3.6.112.148 - IPInfo

Basic Info

City: Mumbai

Region: Maharashtra

Country: India

Internet Service Provider: Amazon Data Services India

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH/22 MH Probe, BF, Hack -	2020-01-15 18:24:43
attack	Unauthorized connection attempt detected from IP address 3.6.112.148 to port 2220 [J]	2020-01-14 07:03:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.6.112.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48248
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.6.112.148.			IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011301 1800 900 604800 86400

;; Query time: 140 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 07:03:36 CST 2020
;; MSG SIZE  rcvd: 115

Host info

148.112.6.3.in-addr.arpa domain name pointer ec2-3-6-112-148.ap-south-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.112.6.3.in-addr.arpa	name = ec2-3-6-112-148.ap-south-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.109.62	attack	\[2019-12-12 01:03:30\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-12T01:03:30.657-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="372301148585359005",SessionID="0x7f0fb447f838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.62/53041",ACLName="no_extension_match" \[2019-12-12 01:03:36\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-12T01:03:36.043-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="481201148323235001",SessionID="0x7f0fb4987948",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.62/49504",ACLName="no_extension_match" \[2019-12-12 01:03:38\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-12T01:03:38.174-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="590401148413828004",SessionID="0x7f0fb4ca4128",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.62/53221",ACLNam	2019-12-12 14:25:04
203.156.125.195	attackspambots	$f2bV_matches	2019-12-12 14:18:32
104.236.142.200	attack	Dec 12 06:08:03 web8 sshd\[18171\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.142.200 user=root Dec 12 06:08:06 web8 sshd\[18171\]: Failed password for root from 104.236.142.200 port 58204 ssh2 Dec 12 06:13:39 web8 sshd\[20913\]: Invalid user floris from 104.236.142.200 Dec 12 06:13:39 web8 sshd\[20913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.142.200 Dec 12 06:13:40 web8 sshd\[20913\]: Failed password for invalid user floris from 104.236.142.200 port 37918 ssh2	2019-12-12 14:14:24
193.70.88.213	attack	Dec 11 19:57:14 sachi sshd\[13972\]: Invalid user babasaki from 193.70.88.213 Dec 11 19:57:14 sachi sshd\[13972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.ip-193-70-88.eu Dec 11 19:57:16 sachi sshd\[13972\]: Failed password for invalid user babasaki from 193.70.88.213 port 37314 ssh2 Dec 11 20:02:34 sachi sshd\[14457\]: Invalid user www from 193.70.88.213 Dec 11 20:02:34 sachi sshd\[14457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.ip-193-70-88.eu	2019-12-12 14:28:18
106.13.54.207	attack	2019-12-12T05:46:40.007081shield sshd\[19738\]: Invalid user hancel from 106.13.54.207 port 40634 2019-12-12T05:46:40.011744shield sshd\[19738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.54.207 2019-12-12T05:46:42.163591shield sshd\[19738\]: Failed password for invalid user hancel from 106.13.54.207 port 40634 ssh2 2019-12-12T05:53:01.588244shield sshd\[22265\]: Invalid user kpkp from 106.13.54.207 port 40796 2019-12-12T05:53:01.591596shield sshd\[22265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.54.207	2019-12-12 14:07:49
165.227.46.221	attack	$f2bV_matches	2019-12-12 14:41:34
27.76.141.109	attack	Unauthorized connection attempt detected from IP address 27.76.141.109 to port 445	2019-12-12 14:22:59
182.72.199.177	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 12-12-2019 04:55:10.	2019-12-12 14:04:45
106.13.118.216	attackbots	Dec 11 22:32:12 eola sshd[29151]: Invalid user feltman from 106.13.118.216 port 49538 Dec 11 22:32:12 eola sshd[29151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.118.216 Dec 11 22:32:14 eola sshd[29151]: Failed password for invalid user feltman from 106.13.118.216 port 49538 ssh2 Dec 11 22:32:14 eola sshd[29151]: Received disconnect from 106.13.118.216 port 49538:11: Bye Bye [preauth] Dec 11 22:32:14 eola sshd[29151]: Disconnected from 106.13.118.216 port 49538 [preauth] Dec 11 22:51:06 eola sshd[29636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.118.216 user=mysql Dec 11 22:51:08 eola sshd[29636]: Failed password for mysql from 106.13.118.216 port 48526 ssh2 Dec 11 22:51:08 eola sshd[29636]: Received disconnect from 106.13.118.216 port 48526:11: Bye Bye [preauth] Dec 11 22:51:08 eola sshd[29636]: Disconnected from 106.13.118.216 port 48526 [preauth] Dec 11 22:56:4........ -------------------------------	2019-12-12 13:59:54
95.38.219.204	attackspam	Unauthorized connection attempt detected from IP address 95.38.219.204 to port 445	2019-12-12 14:02:48
142.93.198.152	attackspambots	$f2bV_matches	2019-12-12 14:22:34
120.59.249.237	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 12-12-2019 04:55:09.	2019-12-12 14:07:21
121.164.122.134	attackbots	Dec 12 06:39:12 * sshd[30137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.164.122.134 Dec 12 06:39:15 * sshd[30137]: Failed password for invalid user test from 121.164.122.134 port 60062 ssh2	2019-12-12 14:17:00
75.80.193.222	attack	$f2bV_matches	2019-12-12 14:19:33
59.10.5.156	attackbots	$f2bV_matches	2019-12-12 14:47:27

Recently Reported IPs

189.239.90.226	204.147.22.166	99.198.165.25	185.216.140.250
69.6.231.225	213.214.201.149	216.3.171.232	151.58.177.66
200.69.150.74	180.206.68.191	163.47.17.68	76.107.136.57
84.164.55.12	78.215.242.97	52.190.11.89	162.181.105.58
82.158.10.24	46.73.152.30	87.135.86.186	86.56.84.85