3.0.55.246 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Data Services Singapore

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2019-07-28T17:05:21.478309abusebot-8.cloudsearch.cf sshd\[31940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-0-55-246.ap-southeast-1.compute.amazonaws.com user=root	2019-07-29 03:49:18

Type

Details

Datetime

attackbots

2019-07-28T17:05:21.478309abusebot-8.cloudsearch.cf sshd\[31940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-0-55-246.ap-southeast-1.compute.amazonaws.com  user=root

2019-07-29 03:49:18

Comments on same subnet:

IP	Type	Details	Datetime
3.0.55.227	attackbotsspam	2019-07-26T00:32:25.509255abusebot-8.cloudsearch.cf sshd\[13798\]: Invalid user test from 3.0.55.227 port 37332	2019-07-26 09:03:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.0.55.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9196
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.0.55.246.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 03:49:13 CST 2019
;; MSG SIZE  rcvd: 114

Host info

246.55.0.3.in-addr.arpa domain name pointer ec2-3-0-55-246.ap-southeast-1.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
246.55.0.3.in-addr.arpa	name = ec2-3-0-55-246.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.41	attack	Aug 14 23:32:52 melroy-server sshd[1855]: Failed password for root from 222.186.180.41 port 12316 ssh2 Aug 14 23:32:56 melroy-server sshd[1855]: Failed password for root from 222.186.180.41 port 12316 ssh2 ...	2020-08-15 05:36:58
106.51.153.99	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-15 05:47:35
218.92.0.219	attackspambots	2020-08-14T23:20:01.606011vps751288.ovh.net sshd\[945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.219 user=root 2020-08-14T23:20:03.655809vps751288.ovh.net sshd\[945\]: Failed password for root from 218.92.0.219 port 13923 ssh2 2020-08-14T23:20:05.576410vps751288.ovh.net sshd\[945\]: Failed password for root from 218.92.0.219 port 13923 ssh2 2020-08-14T23:20:08.098807vps751288.ovh.net sshd\[945\]: Failed password for root from 218.92.0.219 port 13923 ssh2 2020-08-14T23:20:10.249422vps751288.ovh.net sshd\[947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.219 user=root	2020-08-15 05:20:20
150.109.147.46	attackbotsspam	Aug 13 22:27:53 v26 sshd[25415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.147.46 user=r.r Aug 13 22:27:55 v26 sshd[25415]: Failed password for r.r from 150.109.147.46 port 41496 ssh2 Aug 13 22:27:55 v26 sshd[25415]: Received disconnect from 150.109.147.46 port 41496:11: Bye Bye [preauth] Aug 13 22:27:55 v26 sshd[25415]: Disconnected from 150.109.147.46 port 41496 [preauth] Aug 13 22:42:06 v26 sshd[27101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.147.46 user=r.r Aug 13 22:42:08 v26 sshd[27101]: Failed password for r.r from 150.109.147.46 port 50102 ssh2 Aug 13 22:42:08 v26 sshd[27101]: Received disconnect from 150.109.147.46 port 50102:11: Bye Bye [preauth] Aug 13 22:42:08 v26 sshd[27101]: Disconnected from 150.109.147.46 port 50102 [preauth] Aug 13 22:46:05 v26 sshd[27553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost........ -------------------------------	2020-08-15 05:33:51
128.14.236.157	attackbots	Aug 14 22:43:37 vpn01 sshd[26382]: Failed password for root from 128.14.236.157 port 57578 ssh2 ...	2020-08-15 05:40:31
138.68.253.149	attackbotsspam	Aug 14 22:35:58 myvps sshd[11407]: Failed password for root from 138.68.253.149 port 52616 ssh2 Aug 14 22:44:51 myvps sshd[16915]: Failed password for root from 138.68.253.149 port 37468 ssh2 ...	2020-08-15 05:16:47
13.235.64.185	attackbotsspam	User agent spoofing, Page: /.git/HEAD, by Amazon Technologies Inc.	2020-08-15 05:26:42
209.17.97.82	attack	port scan and connect, tcp 110 (pop3)	2020-08-15 05:25:12
176.114.238.33	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-15 05:17:10
45.119.212.105	attack	Aug 14 21:22:41 django-0 sshd[32400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.119.212.105 Aug 14 21:22:41 django-0 sshd[32400]: Invalid user admin from 45.119.212.105 Aug 14 21:22:42 django-0 sshd[32400]: Failed password for invalid user admin from 45.119.212.105 port 46782 ssh2 ...	2020-08-15 05:22:45
222.186.31.83	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-15 05:19:36
41.79.192.218	attackspambots	Aug 14 23:18:56 mout sshd[20402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.79.192.218 user=root Aug 14 23:18:58 mout sshd[20402]: Failed password for root from 41.79.192.218 port 56476 ssh2	2020-08-15 05:30:24
178.154.200.127	attackbotsspam	\[Fri Aug 14 22:44:04.529308 2020\] \[access_compat:error\] \[pid 27760:tid 140226840188672\] \[client 178.154.200.127:56728\] AH01797: client denied by server configuration: /web/auskunft-vom-anwalt/www/htdocs_cms/robots.txt \[Fri Aug 14 22:44:04.584122 2020\] \[access_compat:error\] \[pid 27760:tid 140226924115712\] \[client 178.154.200.127:56748\] AH01797: client denied by server configuration: /web/auskunft-vom-anwalt/www/htdocs_cms/robots.txt \[Fri Aug 14 22:44:08.336727 2020\] \[access_compat:error\] \[pid 27760:tid 140226773047040\] \[client 178.154.200.127:56748\] AH01797: client denied by server configuration: /web/auskunft-vom-anwalt/www/htdocs_cms/ ...	2020-08-15 05:32:31
183.166.170.131	attackspambots	Aug 14 23:14:00 srv01 postfix/smtpd\[9015\]: warning: unknown\[183.166.170.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 23:17:26 srv01 postfix/smtpd\[18222\]: warning: unknown\[183.166.170.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 23:24:18 srv01 postfix/smtpd\[6846\]: warning: unknown\[183.166.170.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 23:27:45 srv01 postfix/smtpd\[21881\]: warning: unknown\[183.166.170.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 14 23:31:12 srv01 postfix/smtpd\[18222\]: warning: unknown\[183.166.170.131\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-15 05:42:37
114.67.171.58	attackspam	reported through recidive - multiple failed attempts(SSH)	2020-08-15 05:40:49

Recently Reported IPs

189.89.211.88	200.50.29.196	59.14.96.244	66.45.248.246
188.166.43.213	106.13.89.144	149.202.88.21	114.232.43.170
101.109.250.123	41.136.189.49	122.172.27.65	27.254.172.148
85.107.89.118	54.88.164.214	178.238.228.96	142.11.222.85
49.67.111.124	13.124.80.251	197.50.120.94	183.129.150.2