3.149.101.39 - IPInfo

Basic Info

City: Columbus

Region: Ohio

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.149.101.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19493
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.149.101.39.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030300 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 03 13:51:34 CST 2022
;; MSG SIZE  rcvd: 105

Host info

39.101.149.3.in-addr.arpa domain name pointer ec2-3-149-101-39.us-east-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
39.101.149.3.in-addr.arpa	name = ec2-3-149-101-39.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.89.50.148	attackspam	159.89.50.148 - - \[07/Aug/2020:15:20:42 +0200\] "POST /wp-login.php HTTP/1.0" 200 6462 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 159.89.50.148 - - \[07/Aug/2020:15:20:49 +0200\] "POST /wp-login.php HTTP/1.0" 200 6431 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 159.89.50.148 - - \[07/Aug/2020:15:20:55 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-08-07 23:01:46
180.76.167.78	attackspambots	k+ssh-bruteforce	2020-08-07 22:42:45
125.82.219.69	attackbotsspam	Telnet Server BruteForce Attack	2020-08-07 22:57:44
176.98.219.144	attackbots	Automatic report - Port Scan Attack	2020-08-07 23:01:20
27.156.119.179	attackspambots	Aug 6 15:37:12 our-server-hostname sshd[29032]: reveeclipse mapping checking getaddrinfo for 179.119.156.27.broad.fz.fj.dynamic.163data.com.cn [27.156.119.179] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 6 15:37:12 our-server-hostname sshd[29032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.156.119.179 user=r.r Aug 6 15:37:15 our-server-hostname sshd[29032]: Failed password for r.r from 27.156.119.179 port 51996 ssh2 Aug 6 15:40:00 our-server-hostname sshd[29796]: reveeclipse mapping checking getaddrinfo for 179.119.156.27.broad.fz.fj.dynamic.163data.com.cn [27.156.119.179] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 6 15:40:00 our-server-hostname sshd[29796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.156.119.179 user=r.r Aug 6 15:40:02 our-server-hostname sshd[29796]: Failed password for r.r from 27.156.119.179 port 48608 ssh2 Aug 6 15:40:57 our-server-hostname sshd[30075]:........ -------------------------------	2020-08-07 22:39:30
138.99.216.147	attackbots	138.99.216.147 - - [07/Aug/2020:06:50:18 -0400] "GET /403.shtml HTTP/1.1"	2020-08-07 22:54:31
212.81.58.179	attackbots	$f2bV_matches	2020-08-07 22:49:09
37.211.146.110	attackspambots	Trying ports that it shouldn't be.	2020-08-07 22:48:51
213.166.73.17	attack	[FriAug0714:05:59.9525562020][:error][pid5825:tid139903400621824][client213.166.73.17:43015][client213.166.73.17]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?i$$\?:\\\\\\\\x5c\\|\(\?:%\(\?:2\(\?:5\(\?:2f\\|5c$\\|F\\|f\)\\|c$\?:0%\(\?:9v\\|af$\\|1\)\\|u$\?:221[56]\\|002f$\\|2$\?:F\\|F$\\|e0??\\|1u\\|5c\)\\|\\\\\\\\/\)\)$\?:%\(\?:2\(\?:\(\?:52$\?e\\|E\)\\|$\?:e0%8\\|c$0?\\|u$\?:002e\\|2024$\\|2$\?:E\\|E$\)\\|\\\\\\\\.\){2}$\?:\\\\\\\\x5c\\|\(\?:%\(\?:2\(\?:5\(\?:2f\\|5c$\\|F\\|f\)\\|c$\?:0%\(\?:9v\\|af$\\|1\)\\|..."atARGS:file.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"198"][id"340007"][rev"47"][msg"Atomicorp.comWAFRules:GenericPathRecursiondenied"][data"/../\,ARGS:file"][severity"CRITICAL"][hostname"appalti-contratti.ch"][uri"/wp-content/plugins/db-backup/download.php"][unique_id"Xy1Dp8ORMJ9rBuORKRvdLAAAAMw"][FriAug0714:06:04.5502172020][:error][pid9433:tid139903400621824][client213.166.73.17:41231][client213.166.73.17]ModSecurity:Accessdeniedwithcode	2020-08-07 22:45:01
192.35.168.237	attackspam	TCP (SYN) 192.35.168.237:3175 -> port 12491, len 44	2020-08-07 22:34:07
94.25.181.154	attack	Brute force attempt	2020-08-07 22:18:37
164.132.38.166	attack	164.132.38.166 - - [07/Aug/2020:13:06:12 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.38.166 - - [07/Aug/2020:13:06:13 +0100] "POST /wp-login.php HTTP/1.1" 200 1953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.38.166 - - [07/Aug/2020:13:06:13 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-07 22:30:09
189.141.248.32	attack	Automatic report - Port Scan Attack	2020-08-07 22:20:21
45.129.33.14	attackbotsspam	08/07/2020-10:35:19.262042 45.129.33.14 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-07 22:47:39
61.177.172.54	attack	Aug 7 15:54:48 nextcloud sshd\[12248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.54 user=root Aug 7 15:54:50 nextcloud sshd\[12248\]: Failed password for root from 61.177.172.54 port 27074 ssh2 Aug 7 15:55:03 nextcloud sshd\[12248\]: Failed password for root from 61.177.172.54 port 27074 ssh2	2020-08-07 22:19:10

Recently Reported IPs

20.187.25.252	26.85.17.163	69.208.5.9	161.118.196.29
24.135.7.6	178.60.24.89	23.66.97.11	137.168.1.211
78.127.65.22	2.46.50.111	121.39.18.183	196.192.39.4
9.71.101.200	41.6.0.251	83.34.254.158	235.11.252.170
50.77.62.152	105.89.172.172	152.88.178.128	117.181.155.44