3.12.45.0 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Feb 2 07:07:28 [munged] sshd[2995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.12.45.0	2020-02-02 18:16:38
attack	Unauthorized connection attempt detected from IP address 3.12.45.0 to port 2220 [J]	2020-01-27 21:46:11

Type

Details

Datetime

attackspam

Feb  2 07:07:28 [munged] sshd[2995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.12.45.0

2020-02-02 18:16:38

attack

Unauthorized connection attempt detected from IP address 3.12.45.0 to port 2220 [J]

2020-01-27 21:46:11

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.12.45.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44502
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.12.45.0.			IN	A

;; AUTHORITY SECTION:
.			244	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012700 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 21:46:07 CST 2020
;; MSG SIZE  rcvd: 113

Host info

0.45.12.3.in-addr.arpa domain name pointer ec2-3-12-45-0.us-east-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
0.45.12.3.in-addr.arpa	name = ec2-3-12-45-0.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.1.130	attack	Aug 21 01:01:50 debian sshd\[28244\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.130 user=root Aug 21 01:01:52 debian sshd\[28244\]: Failed password for root from 218.92.1.130 port 24839 ssh2 ...	2019-08-21 08:10:38
45.77.172.184	attackspam	Aug 20 19:55:31 [munged] sshd[12760]: Invalid user clock from 45.77.172.184 port 34332 Aug 20 19:55:31 [munged] sshd[12760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.77.172.184	2019-08-21 07:53:47
185.125.216.16	attack	Aug 20 07:19:16 PiServer sshd[4495]: Invalid user logcheck-82.25.201.216 from 185.125.216.16 Aug 20 07:19:18 PiServer sshd[4495]: Failed password for invalid user logcheck-82.25.201.216 from 185.125.216.16 port 52270 ssh2 Aug 20 19:17:01 PiServer sshd[27994]: Invalid user 123 from 185.125.216.16 Aug 20 19:17:03 PiServer sshd[27994]: Failed password for invalid user 123 from 185.125.216.16 port 52786 ssh2 Aug 20 19:17:07 PiServer sshd[28015]: Invalid user Admin from 185.125.216.16 Aug 20 19:17:10 PiServer sshd[28015]: Failed password for invalid user Admin from 185.125.216.16 port 53806 ssh2 Aug 20 19:17:14 PiServer sshd[28020]: Invalid user RPM from 185.125.216.16 Aug 20 19:17:17 PiServer sshd[28020]: Failed password for invalid user RPM from 185.125.216.16 port 54392 ssh2 Aug 20 19:52:39 PiServer sshd[29168]: Invalid user admin from 185.125.216.16 Aug 20 19:52:41 PiServer sshd[29168]: Failed password for invalid user admin from 185.125.216.16 port 46068 ssh2 Aug 20 19:5........ ------------------------------	2019-08-21 08:29:35
173.249.58.234	attackbots	RDP Bruteforce	2019-08-21 08:11:36
106.12.42.110	attackbots	Aug 20 18:50:05 [munged] sshd[32081]: Invalid user oraprod from 106.12.42.110 port 48572 Aug 20 18:50:05 [munged] sshd[32081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.42.110	2019-08-21 08:21:20
138.68.165.102	attack	Aug 20 09:12:20 lcdev sshd\[17477\]: Invalid user redmine from 138.68.165.102 Aug 20 09:12:20 lcdev sshd\[17477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Aug 20 09:12:22 lcdev sshd\[17477\]: Failed password for invalid user redmine from 138.68.165.102 port 56600 ssh2 Aug 20 09:17:44 lcdev sshd\[17927\]: Invalid user exam from 138.68.165.102 Aug 20 09:17:44 lcdev sshd\[17927\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-08-21 08:11:57
194.158.36.162	attack	Syn flood / slowloris	2019-08-21 07:54:39
51.68.70.175	attackbotsspam	Aug 21 00:07:19 Ubuntu-1404-trusty-64-minimal sshd\[20739\]: Invalid user info3 from 51.68.70.175 Aug 21 00:07:19 Ubuntu-1404-trusty-64-minimal sshd\[20739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.70.175 Aug 21 00:07:21 Ubuntu-1404-trusty-64-minimal sshd\[20739\]: Failed password for invalid user info3 from 51.68.70.175 port 48580 ssh2 Aug 21 00:25:52 Ubuntu-1404-trusty-64-minimal sshd\[3138\]: Invalid user asdfg from 51.68.70.175 Aug 21 00:25:52 Ubuntu-1404-trusty-64-minimal sshd\[3138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.70.175	2019-08-21 08:09:12
78.175.140.103	attackbotsspam	Automatic report - Port Scan Attack	2019-08-21 07:49:26
103.225.99.36	attack	Aug 21 01:01:05 mail sshd\[17729\]: Failed password for invalid user stanley from 103.225.99.36 port 14087 ssh2 Aug 21 01:20:17 mail sshd\[18220\]: Invalid user jacob from 103.225.99.36 port 24360 Aug 21 01:20:17 mail sshd\[18220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.225.99.36 ...	2019-08-21 08:30:52
192.42.116.16	attack	Automated report - ssh fail2ban: Aug 21 00:35:18 wrong password, user=root, port=49596, ssh2 Aug 21 00:35:21 wrong password, user=root, port=49596, ssh2 Aug 21 00:35:25 wrong password, user=root, port=49596, ssh2 Aug 21 00:35:28 wrong password, user=root, port=49596, ssh2	2019-08-21 08:20:04
198.108.66.161	attackbots	22/tcp 623/tcp 8081/tcp... [2019-06-20/08-20]5pkt,4pt.(tcp)	2019-08-21 08:00:01
94.191.3.23	attack	Aug 20 15:37:14 hcbbdb sshd\[21799\]: Invalid user admin4 from 94.191.3.23 Aug 20 15:37:14 hcbbdb sshd\[21799\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.3.23 Aug 20 15:37:16 hcbbdb sshd\[21799\]: Failed password for invalid user admin4 from 94.191.3.23 port 60294 ssh2 Aug 20 15:43:50 hcbbdb sshd\[22533\]: Invalid user beta from 94.191.3.23 Aug 20 15:43:50 hcbbdb sshd\[22533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.3.23	2019-08-21 07:57:51
128.106.195.126	attackbotsspam	Aug 20 23:25:39 sshgateway sshd\[2147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.106.195.126 user=root Aug 20 23:25:41 sshgateway sshd\[2147\]: Failed password for root from 128.106.195.126 port 59453 ssh2 Aug 20 23:29:16 sshgateway sshd\[2161\]: Invalid user anton from 128.106.195.126	2019-08-21 08:03:07
104.131.113.106	attackbotsspam	Invalid user test from 104.131.113.106 port 58770	2019-08-21 07:52:51

Recently Reported IPs

41.65.112.50	101.53.102.213	84.42.47.163	189.175.163.71
183.129.211.18	77.179.184.69	200.60.145.230	185.39.163.69
219.95.75.225	49.144.67.86	192.99.210.172	103.19.59.2
139.59.20.94	109.99.168.234	139.180.192.108	40.122.55.174
164.47.122.28	199.71.188.9	109.203.205.66	91.203.193.251