3.0.145.126 - IPInfo

Basic Info

City: Singapore

Region: unknown

Country: Singapore

Internet Service Provider: Amazon Data Services Singapore

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 23 (telnet)	2020-05-14 06:21:55

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.0.145.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40850
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.0.145.126.			IN	A

;; AUTHORITY SECTION:
.			470	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051302 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 06:21:52 CST 2020
;; MSG SIZE  rcvd: 115

Host info

126.145.0.3.in-addr.arpa domain name pointer ec2-3-0-145-126.ap-southeast-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
126.145.0.3.in-addr.arpa	name = ec2-3-0-145-126.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.71.171.164	attackspam	2019-07-04 07:34:19 H=([103.71.171.164]) [103.71.171.164]:24160 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=103.71.171.164) 2019-07-04 07:34:19 unexpected disconnection while reading SMTP command from ([103.71.171.164]) [103.71.171.164]:24160 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-04 07:45:34 H=([103.71.171.164]) [103.71.171.164]:54683 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=103.71.171.164) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.71.171.164	2019-07-04 19:49:01
178.133.106.71	attackspambots	2019-07-04 06:54:51 H=(178-133-106-71.mobile.vf-ua.net) [178.133.106.71]:3206 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=178.133.106.71) 2019-07-04 06:54:51 unexpected disconnection while reading SMTP command from (178-133-106-71.mobile.vf-ua.net) [178.133.106.71]:3206 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-07-04 07:43:34 H=(178-133-106-71.mobile.vf-ua.net) [178.133.106.71]:41901 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=178.133.106.71) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.133.106.71	2019-07-04 19:34:04
222.252.20.231	attackbots	Jul 4 11:38:00 tanzim-HP-Z238-Microtower-Workstation sshd\[25875\]: Invalid user dircreate from 222.252.20.231 Jul 4 11:38:00 tanzim-HP-Z238-Microtower-Workstation sshd\[25875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.20.231 Jul 4 11:38:02 tanzim-HP-Z238-Microtower-Workstation sshd\[25875\]: Failed password for invalid user dircreate from 222.252.20.231 port 57047 ssh2 ...	2019-07-04 19:46:41
34.80.248.171	attackbotsspam	Jul 4 13:07:45 rpi sshd[10823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.248.171 Jul 4 13:07:47 rpi sshd[10823]: Failed password for invalid user halflife from 34.80.248.171 port 55772 ssh2	2019-07-04 19:13:08
51.158.68.133	attackbotsspam	51.158.68.133 - - [04/Jul/2019:02:08:45 -0400] "GET /?page=products&action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&manufacturerID=127&productID=9050Z-TSS&linkID=8215&duplicate=0 HTTP/1.1" 200 17261 "https://californiafaucetsupply.com/?page=products&action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&manufacturerID=127&productID=9050Z-TSS&linkID=8215&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-07-04 19:22:56
191.184.203.71	attackbots	$f2bV_matches	2019-07-04 19:16:02
66.115.168.210	attackbotsspam	Reported by AbuseIPDB proxy server.	2019-07-04 19:07:57
125.212.254.144	attackspambots	Jul 4 12:57:33 bouncer sshd\[7756\]: Invalid user shell from 125.212.254.144 port 40304 Jul 4 12:57:33 bouncer sshd\[7756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.212.254.144 Jul 4 12:57:35 bouncer sshd\[7756\]: Failed password for invalid user shell from 125.212.254.144 port 40304 ssh2 ...	2019-07-04 19:31:50
213.230.114.145	attackbotsspam	2019-07-04 05:53:42 H=(145.64.uzpak.uz) [213.230.114.145]:25482 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=213.230.114.145) 2019-07-04 05:53:42 unexpected disconnection while reading SMTP command from (145.64.uzpak.uz) [213.230.114.145]:25482 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-07-04 07:45:57 H=(145.64.uzpak.uz) [213.230.114.145]:52974 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=213.230.114.145) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=213.230.114.145	2019-07-04 19:50:45
107.170.172.23	attackspambots	Jul 4 09:58:29 MK-Soft-VM4 sshd\[21105\]: Invalid user pvm from 107.170.172.23 port 57031 Jul 4 09:58:29 MK-Soft-VM4 sshd\[21105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.172.23 Jul 4 09:58:31 MK-Soft-VM4 sshd\[21105\]: Failed password for invalid user pvm from 107.170.172.23 port 57031 ssh2 ...	2019-07-04 19:25:40
65.181.124.115	attackspam	Automatic report - Web App Attack	2019-07-04 19:42:45
134.209.166.121	attack	scan z	2019-07-04 19:03:12
122.168.53.189	attack	2019-07-04 07:41:41 unexpected disconnection while reading SMTP command from (abts-mp-dynamic-189.53.168.122.airtelbroadband.in) [122.168.53.189]:29454 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-04 07:42:58 unexpected disconnection while reading SMTP command from (abts-mp-dynamic-189.53.168.122.airtelbroadband.in) [122.168.53.189]:21873 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-07-04 07:43:21 unexpected disconnection while reading SMTP command from (abts-mp-dynamic-189.53.168.122.airtelbroadband.in) [122.168.53.189]:38387 I=[10.100.18.20]:25 (error: Connection reset by peer) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=122.168.53.189	2019-07-04 19:32:36
45.81.148.180	attackbotsspam	#25948 - [45.81.148.180] Closing connection (IP banned) #25948 - [45.81.148.180] Closing connection (IP banned) #25948 - [45.81.148.180] Closing connection (IP banned) #25948 - [45.81.148.180] Closing connection (IP banned) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.81.148.180	2019-07-04 19:00:52
36.74.75.31	attackspambots	Tried sshing with brute force.	2019-07-04 19:34:21

Recently Reported IPs

210.5.151.231	2.92.105.244	137.139.127.236	109.83.233.194
194.86.196.77	224.33.97.149	128.0.60.68	52.39.177.248
184.170.69.210	86.69.217.132	82.107.141.36	126.58.58.104
71.219.175.55	183.207.96.50	67.168.198.240	171.100.155.171
213.126.167.73	194.60.254.242	79.25.194.14	31.243.188.80