3.6.112.148 - IPInfo

Basic Info

City: Mumbai

Region: Maharashtra

Country: India

Internet Service Provider: Amazon Data Services India

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH/22 MH Probe, BF, Hack -	2020-01-15 18:24:43
attack	Unauthorized connection attempt detected from IP address 3.6.112.148 to port 2220 [J]	2020-01-14 07:03:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.6.112.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48248
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.6.112.148.			IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011301 1800 900 604800 86400

;; Query time: 140 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 07:03:36 CST 2020
;; MSG SIZE  rcvd: 115

Host info

148.112.6.3.in-addr.arpa domain name pointer ec2-3-6-112-148.ap-south-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.112.6.3.in-addr.arpa	name = ec2-3-6-112-148.ap-south-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.124.139.161	attackspambots	Triggered by Fail2Ban at Ares web server	2020-08-13 00:33:47
193.107.75.42	attackbotsspam	Aug 12 03:12:50 web9 sshd\[9450\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.107.75.42 user=root Aug 12 03:12:52 web9 sshd\[9450\]: Failed password for root from 193.107.75.42 port 59468 ssh2 Aug 12 03:16:53 web9 sshd\[9963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.107.75.42 user=root Aug 12 03:16:55 web9 sshd\[9963\]: Failed password for root from 193.107.75.42 port 41674 ssh2 Aug 12 03:20:58 web9 sshd\[10477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.107.75.42 user=root	2020-08-13 00:25:05
81.213.166.175	attack	Automatic report - Banned IP Access	2020-08-13 00:10:48
184.174.8.11	attackspam	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2020-08-13 00:30:36
218.78.54.80	attackbots	Failed password for root from 218.78.54.80 port 35778 ssh2	2020-08-13 00:05:25
180.76.141.81	attackspambots	Lines containing failures of 180.76.141.81 Aug 12 15:16:31 ntop sshd[22232]: User r.r from 180.76.141.81 not allowed because not listed in AllowUsers Aug 12 15:16:31 ntop sshd[22232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.141.81 user=r.r Aug 12 15:16:33 ntop sshd[22232]: Failed password for invalid user r.r from 180.76.141.81 port 58296 ssh2 Aug 12 15:16:36 ntop sshd[22232]: Received disconnect from 180.76.141.81 port 58296:11: Bye Bye [preauth] Aug 12 15:16:36 ntop sshd[22232]: Disconnected from invalid user r.r 180.76.141.81 port 58296 [preauth] Aug 12 15:21:25 ntop sshd[22987]: User r.r from 180.76.141.81 not allowed because not listed in AllowUsers Aug 12 15:21:25 ntop sshd[22987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.141.81 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=180.76.141.81	2020-08-13 00:08:52
45.129.33.15	attackspambots	firewall-block, port(s): 46102/tcp	2020-08-13 00:31:10
180.76.54.86	attack	Fail2Ban - SSH Bruteforce Attempt	2020-08-13 00:28:04
103.28.114.101	attackspambots	Brute-force attempt banned	2020-08-13 00:22:15
67.219.22.242	attack	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2020-08-13 00:19:07
185.175.93.27	attackspam	Port scan: Attack repeated for 24 hours	2020-08-13 00:20:11
103.142.25.30	attackspam	SSH/22 MH Probe, BF, Hack -	2020-08-12 23:57:25
45.129.33.16	attackspam	port	2020-08-13 00:29:58
77.81.166.107	attackbots	Automatic report - Port Scan Attack	2020-08-13 00:06:04
49.235.213.170	attackbots	Brute-force attempt banned	2020-08-12 23:55:48

Recently Reported IPs

189.239.90.226	204.147.22.166	99.198.165.25	185.216.140.250
69.6.231.225	213.214.201.149	216.3.171.232	151.58.177.66
200.69.150.74	180.206.68.191	163.47.17.68	76.107.136.57
84.164.55.12	78.215.242.97	52.190.11.89	162.181.105.58
82.158.10.24	46.73.152.30	87.135.86.186	86.56.84.85