3.115.48.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Japan

Internet Service Provider: Amazon Data Services Japan

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH bruteforce (Triggered fail2ban)	2020-02-12 21:38:37

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.115.48.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25647
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.115.48.1.			IN	A

;; AUTHORITY SECTION:
.			159	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021200 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 21:38:30 CST 2020
;; MSG SIZE  rcvd: 114

Host info

1.48.115.3.in-addr.arpa domain name pointer ec2-3-115-48-1.ap-northeast-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.48.115.3.in-addr.arpa	name = ec2-3-115-48-1.ap-northeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.50.211.156	attackspambots	Unauthorized connection attempt detected from IP address 171.50.211.156 to port 445	2020-01-03 13:28:26
178.62.214.85	attackspambots	Jan 3 10:24:54 areeb-Workstation sshd[11000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.214.85 Jan 3 10:24:56 areeb-Workstation sshd[11000]: Failed password for invalid user azure from 178.62.214.85 port 60604 ssh2 ...	2020-01-03 13:14:45
222.186.175.167	attackbotsspam	Jan 3 06:19:32 host sshd[32240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Jan 3 06:19:34 host sshd[32240]: Failed password for root from 222.186.175.167 port 24590 ssh2 ...	2020-01-03 13:22:12
42.159.132.238	attackspam	Jan 3 05:54:55 pornomens sshd\[28292\]: Invalid user cth from 42.159.132.238 port 51958 Jan 3 05:54:55 pornomens sshd\[28292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.132.238 Jan 3 05:54:58 pornomens sshd\[28292\]: Failed password for invalid user cth from 42.159.132.238 port 51958 ssh2 ...	2020-01-03 13:13:10
162.241.149.130	attackspam	Brute-force attempt banned	2020-01-03 13:15:00
107.170.244.110	attack	Port Scan detected from 107.170.244.110 (US/United States/-). 4 hits in the last 70 seconds	2020-01-03 13:09:32
118.70.67.60	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 04:55:10.	2020-01-03 13:05:24
37.187.248.184	attack	Jan 3 05:54:35 debian-2gb-nbg1-2 kernel: \[286602.959056\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=37.187.248.184 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=1445 PROTO=TCP SPT=50404 DPT=27027 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-03 13:26:29
118.117.30.36	attackbotsspam	Port scan on 1 port(s): 21	2020-01-03 09:32:09
159.65.171.113	attackbots	Jan 3 05:54:55 vmd17057 sshd\[14849\]: Invalid user user from 159.65.171.113 port 37584 Jan 3 05:54:55 vmd17057 sshd\[14849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.171.113 Jan 3 05:54:58 vmd17057 sshd\[14849\]: Failed password for invalid user user from 159.65.171.113 port 37584 ssh2 ...	2020-01-03 13:13:32
116.108.210.156	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-01-03 13:21:29
5.196.67.41	attackspambots	Invalid user guest from 5.196.67.41 port 51552	2020-01-03 13:24:44
79.226.22.105	attack	Jan 3 05:37:29 server sshd[3002]: Failed password for invalid user yarosh from 79.226.22.105 port 33106 ssh2 Jan 3 05:55:16 server sshd[4423]: User postgres from 79.226.22.105 not allowed because not listed in AllowUsers Jan 3 05:55:18 server sshd[4423]: Failed password for invalid user postgres from 79.226.22.105 port 53876 ssh2	2020-01-03 13:00:37
222.186.30.187	attackspambots	Jan 3 05:03:02 localhost sshd\[107176\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.187 user=root Jan 3 05:03:04 localhost sshd\[107176\]: Failed password for root from 222.186.30.187 port 58285 ssh2 Jan 3 05:03:06 localhost sshd\[107176\]: Failed password for root from 222.186.30.187 port 58285 ssh2 Jan 3 05:03:09 localhost sshd\[107176\]: Failed password for root from 222.186.30.187 port 58285 ssh2 Jan 3 05:14:06 localhost sshd\[107527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.187 user=root ...	2020-01-03 13:18:32
72.221.196.151	attackspam	Cluster member 192.168.0.31 (-) said, DENY 72.221.196.151, Reason:[(imapd) Failed IMAP login from 72.221.196.151 (US/United States/-): 1 in the last 3600 secs]	2020-01-03 13:21:48

Recently Reported IPs

125.251.134.235	182.159.7.4	240.113.150.117	186.95.69.107
64.217.218.151	246.233.55.164	161.4.8.229	24.181.121.24
102.28.158.76	46.114.100.253	112.35.127.120	119.37.75.179
91.217.43.219	190.93.53.142	120.138.126.33	120.25.250.178
111.174.7.163	220.133.88.86	88.27.252.26	77.235.116.9