3.6.112.148 - IPInfo

Basic Info

City: Mumbai

Region: Maharashtra

Country: India

Internet Service Provider: Amazon Data Services India

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH/22 MH Probe, BF, Hack -	2020-01-15 18:24:43
attack	Unauthorized connection attempt detected from IP address 3.6.112.148 to port 2220 [J]	2020-01-14 07:03:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.6.112.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48248
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.6.112.148.			IN	A

;; AUTHORITY SECTION:
.			484	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011301 1800 900 604800 86400

;; Query time: 140 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 07:03:36 CST 2020
;; MSG SIZE  rcvd: 115

Host info

148.112.6.3.in-addr.arpa domain name pointer ec2-3-6-112-148.ap-south-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.112.6.3.in-addr.arpa	name = ec2-3-6-112-148.ap-south-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.250.138.118	attack	Apr 29 15:06:13 v22018086721571380 sshd[29169]: Failed password for invalid user rhc from 61.250.138.118 port 38940 ssh2	2020-04-29 21:55:19
159.89.110.45	attack	WordPress login Brute force / Web App Attack on client site.	2020-04-29 22:06:04
185.143.74.93	attackspambots	Apr 29 21:27:05 bacztwo courieresmtpd[12913]: error,relay=::ffff:185.143.74.93,msg="535 Authentication failed.",cmd: AUTH LOGIN lp1@idv.tw Apr 29 21:29:14 bacztwo courieresmtpd[26415]: error,relay=::ffff:185.143.74.93,msg="535 Authentication failed.",cmd: AUTH LOGIN emmanuel@idv.tw Apr 29 21:31:22 bacztwo courieresmtpd[11080]: error,relay=::ffff:185.143.74.93,msg="535 Authentication failed.",cmd: AUTH LOGIN reservation@idv.tw Apr 29 21:33:30 bacztwo courieresmtpd[25778]: error,relay=::ffff:185.143.74.93,msg="535 Authentication failed.",cmd: AUTH LOGIN test20@idv.tw Apr 29 21:35:37 bacztwo courieresmtpd[9435]: error,relay=::ffff:185.143.74.93,msg="535 Authentication failed.",cmd: AUTH LOGIN vps12@idv.tw ...	2020-04-29 21:38:08
13.92.102.213	attack	Apr 29 15:13:59 host sshd[26589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.102.213 user=root Apr 29 15:14:01 host sshd[26589]: Failed password for root from 13.92.102.213 port 35690 ssh2 ...	2020-04-29 21:33:58
134.122.73.4	attackspambots	Lines containing failures of 134.122.73.4 Apr 29 07:40:38 box sshd[12990]: Did not receive identification string from 134.122.73.4 port 44256 Apr 29 07:41:56 box sshd[12991]: Did not receive identification string from 134.122.73.4 port 46478 Apr 29 07:42:42 box sshd[12994]: Invalid user ftpuser from 134.122.73.4 port 33056 Apr 29 07:42:42 box sshd[12994]: Received disconnect from 134.122.73.4 port 33056:11: Normal Shutdown, Thank you for playing [preauth] Apr 29 07:42:42 box sshd[12994]: Disconnected from invalid user ftpuser 134.122.73.4 port 33056 [preauth] Apr 29 07:43:25 box sshd[13007]: Invalid user ghostname from 134.122.73.4 port 47626 Apr 29 07:43:25 box sshd[13007]: Received disconnect from 134.122.73.4 port 47626:11: Normal Shutdown, Thank you for playing [preauth] Apr 29 07:43:25 box sshd[13007]: Disconnected from invalid user ghostname 134.122.73.4 port 47626 [preauth] Apr 29 07:44:09 box sshd[13010]: Invalid user oracle from 134.122.73.4 port 33966 Apr 29 07........ ------------------------------	2020-04-29 22:00:38
141.98.9.161	attack	Apr 29 10:36:01 firewall sshd[3998]: Invalid user admin from 141.98.9.161 Apr 29 10:36:04 firewall sshd[3998]: Failed password for invalid user admin from 141.98.9.161 port 39413 ssh2 Apr 29 10:36:37 firewall sshd[4048]: Invalid user ubnt from 141.98.9.161 ...	2020-04-29 21:45:04
157.32.150.215	attackbots	Apr 29 13:31:07 ntop sshd[8310]: Invalid user ubnt from 157.32.150.215 port 51131 Apr 29 13:31:08 ntop sshd[8310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.32.150.215 Apr 29 13:31:10 ntop sshd[8310]: Failed password for invalid user ubnt from 157.32.150.215 port 51131 ssh2 Apr 29 13:31:10 ntop sshd[8310]: Connection closed by invalid user ubnt 157.32.150.215 port 51131 [preauth] Apr 29 13:34:08 ntop sshd[9424]: Invalid user ubnt from 157.32.150.215 port 56329 Apr 29 13:34:08 ntop sshd[9424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.32.150.215 Apr 29 13:34:10 ntop sshd[9424]: Failed password for invalid user ubnt from 157.32.150.215 port 56329 ssh2 Apr 29 13:34:12 ntop sshd[9424]: Connection closed by invalid user ubnt 157.32.150.215 port 56329 [preauth] Apr 29 13:37:11 ntop sshd[10811]: Invalid user ubnt from 157.32.150.215 port 61642 Apr 29 13:37:11 ntop sshd[10811]:........ -------------------------------	2020-04-29 22:07:31
122.224.217.45	attackbotsspam	Apr 29 13:52:22 hell sshd[31315]: Failed password for root from 122.224.217.45 port 58374 ssh2 ...	2020-04-29 21:43:39
67.205.171.223	attackbots	2020-04-29T08:39:34.737923sorsha.thespaminator.com sshd[28465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.171.223 user=root 2020-04-29T08:39:36.840124sorsha.thespaminator.com sshd[28465]: Failed password for root from 67.205.171.223 port 54762 ssh2 ...	2020-04-29 21:45:33
176.122.190.40	attackbotsspam	Apr 29 14:29:11 PorscheCustomer sshd[27824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.122.190.40 Apr 29 14:29:12 PorscheCustomer sshd[27824]: Failed password for invalid user va from 176.122.190.40 port 52048 ssh2 Apr 29 14:37:52 PorscheCustomer sshd[28224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.122.190.40 ...	2020-04-29 21:28:10
222.186.175.148	attackspambots	Apr 29 15:21:50 pve1 sshd[376]: Failed password for root from 222.186.175.148 port 56560 ssh2 Apr 29 15:21:54 pve1 sshd[376]: Failed password for root from 222.186.175.148 port 56560 ssh2 ...	2020-04-29 21:34:31
222.186.173.226	attackspambots	Apr 29 15:47:19 home sshd[22711]: Failed password for root from 222.186.173.226 port 3386 ssh2 Apr 29 15:47:34 home sshd[22711]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 3386 ssh2 [preauth] Apr 29 15:47:45 home sshd[22760]: Failed password for root from 222.186.173.226 port 40278 ssh2 ...	2020-04-29 21:48:50
170.79.87.132	attackbotsspam	Lines containing failures of 170.79.87.132 Apr 29 13:43:40 shared10 sshd[1309]: Invalid user jenkins from 170.79.87.132 port 57488 Apr 29 13:43:40 shared10 sshd[1309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.79.87.132 Apr 29 13:43:41 shared10 sshd[1309]: Failed password for invalid user jenkins from 170.79.87.132 port 57488 ssh2 Apr 29 13:43:42 shared10 sshd[1309]: Received disconnect from 170.79.87.132 port 57488:11: Bye Bye [preauth] Apr 29 13:43:42 shared10 sshd[1309]: Disconnected from invalid user jenkins 170.79.87.132 port 57488 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=170.79.87.132	2020-04-29 21:54:52
145.129.46.7	attackbots	Unauthorized connection attempt from IP address 145.129.46.7 on Port 445(SMB)	2020-04-29 21:44:33
15.206.48.200	attackbotsspam	Apr 28 23:50:14 * sshd[20858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=15.206.48.200 user=r.r Apr 28 23:50:16 * sshd[20858]: Failed password for r.r from 15.206.48.200 port 38778 ssh2 Apr 28 23:50:16 * sshd[20858]: Received disconnect from 15.206.48.200 port 38778:11: Bye Bye [preauth] Apr 28 23:50:16 * sshd[20858]: Disconnected from 15.206.48.200 port 38778 [preauth] Apr 28 23:59:55 * sshd[20909]: Invalid user taro from 15.206.48.200 port 37738 Apr 28 23:59:55 * sshd[20909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=15.206.48.200 Apr 28 23:59:57 * sshd[20909]: Failed password for invalid user taro from 15.206.48.200 port 37738 ssh2 Apr 28 23:59:58 * sshd[20909]: Received disconnect from 15.206.48.200 port 37738:11: Bye Bye [preauth] Apr 28 23:59:58 * sshd[20909]: Disconnected from 15.206.48.200 port 37738 [preauth] Apr 29 00:04:00 * sshd[21120]: Invalid us........ -------------------------------	2020-04-29 21:32:14

Recently Reported IPs

189.239.90.226	204.147.22.166	99.198.165.25	185.216.140.250
69.6.231.225	213.214.201.149	216.3.171.232	151.58.177.66
200.69.150.74	180.206.68.191	163.47.17.68	76.107.136.57
84.164.55.12	78.215.242.97	52.190.11.89	162.181.105.58
82.158.10.24	46.73.152.30	87.135.86.186	86.56.84.85