3.16.42.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	mue-Direct access to plugin not allowed	2020-08-02 06:43:09

Comments on same subnet:

IP	Type	Details	Datetime
3.16.42.140	attack	mue-0 : Trying access unauthorized files=>/images/jdownloads/screenshots/update.php()	2020-07-22 07:00:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.16.42.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.16.42.11.			IN	A

;; AUTHORITY SECTION:
.			249	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080101 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 02 06:43:06 CST 2020
;; MSG SIZE  rcvd: 114

Host info

11.42.16.3.in-addr.arpa domain name pointer ec2-3-16-42-11.us-east-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.42.16.3.in-addr.arpa	name = ec2-3-16-42-11.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.251.82.92	attackspambots	Aug 9 21:46:34 debian sshd\[20487\]: Invalid user r00t from 198.251.82.92 port 59198 Aug 9 21:46:34 debian sshd\[20487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.251.82.92 ...	2019-08-10 04:48:43
51.255.35.41	attackbotsspam	Automatic report - Banned IP Access	2019-08-10 04:39:36
173.212.232.230	attackbots	Aug 9 19:37:19 vtv3 sshd\[31391\]: Invalid user ubuntu from 173.212.232.230 port 50466 Aug 9 19:37:19 vtv3 sshd\[31391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.232.230 Aug 9 19:37:21 vtv3 sshd\[31391\]: Failed password for invalid user ubuntu from 173.212.232.230 port 50466 ssh2 Aug 9 19:41:37 vtv3 sshd\[1141\]: Invalid user sowmya from 173.212.232.230 port 46384 Aug 9 19:41:37 vtv3 sshd\[1141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.232.230 Aug 9 19:52:37 vtv3 sshd\[6342\]: Invalid user sz from 173.212.232.230 port 38918 Aug 9 19:52:37 vtv3 sshd\[6342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.232.230 Aug 9 19:52:39 vtv3 sshd\[6342\]: Failed password for invalid user sz from 173.212.232.230 port 38918 ssh2 Aug 9 19:56:52 vtv3 sshd\[8336\]: Invalid user ph from 173.212.232.230 port 34270 Aug 9 19:56:52 vtv3 sshd\[8336\]:	2019-08-10 04:33:58
203.160.132.4	attackspam	2019-08-09T20:17:06.870441abusebot-8.cloudsearch.cf sshd\[18300\]: Invalid user dream from 203.160.132.4 port 33770	2019-08-10 04:41:25
51.252.158.143	attackspambots	" "	2019-08-10 05:06:23
188.166.246.46	attackspam	2019-08-09T19:32:58.807813stark.klein-stark.info sshd\[5388\]: Invalid user smbuser from 188.166.246.46 port 59242 2019-08-09T19:32:58.811472stark.klein-stark.info sshd\[5388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=komutodev.aptmi.com 2019-08-09T19:33:00.200446stark.klein-stark.info sshd\[5388\]: Failed password for invalid user smbuser from 188.166.246.46 port 59242 ssh2 ...	2019-08-10 04:50:23
58.210.238.114	attack	Aug 9 19:33:09 mout sshd[16610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.210.238.114 user=root Aug 9 19:33:11 mout sshd[16610]: Failed password for root from 58.210.238.114 port 35510 ssh2	2019-08-10 04:39:07
106.13.33.181	attack	Aug 9 21:30:28 mail sshd\[29257\]: Failed password for invalid user mini from 106.13.33.181 port 45420 ssh2 Aug 9 21:47:02 mail sshd\[29532\]: Invalid user brz from 106.13.33.181 port 36346 Aug 9 21:47:02 mail sshd\[29532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.33.181 ...	2019-08-10 04:54:21
134.209.84.42	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 05:09:24
134.73.129.170	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 04:53:15
14.244.82.219	attack	Automatic report - Port Scan Attack	2019-08-10 05:06:44
91.211.244.152	attack	Aug 9 23:35:46 www sshd\[33092\]: Invalid user suporte from 91.211.244.152 Aug 9 23:35:46 www sshd\[33092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.211.244.152 Aug 9 23:35:47 www sshd\[33092\]: Failed password for invalid user suporte from 91.211.244.152 port 54228 ssh2 ...	2019-08-10 04:43:12
112.85.42.194	attack	Aug 9 22:23:32 dcd-gentoo sshd[32030]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Aug 9 22:23:35 dcd-gentoo sshd[32030]: error: PAM: Authentication failure for illegal user root from 112.85.42.194 Aug 9 22:23:32 dcd-gentoo sshd[32030]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Aug 9 22:23:35 dcd-gentoo sshd[32030]: error: PAM: Authentication failure for illegal user root from 112.85.42.194 Aug 9 22:23:32 dcd-gentoo sshd[32030]: User root from 112.85.42.194 not allowed because none of user's groups are listed in AllowGroups Aug 9 22:23:35 dcd-gentoo sshd[32030]: error: PAM: Authentication failure for illegal user root from 112.85.42.194 Aug 9 22:23:35 dcd-gentoo sshd[32030]: Failed keyboard-interactive/pam for invalid user root from 112.85.42.194 port 52595 ssh2 ...	2019-08-10 04:41:02
95.138.228.28	attackbots	2019-08-09 12:33:31 H=(default.ptr.selena4u.ru) [95.138.228.28]:53602 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-08-09 12:33:32 H=(default.ptr.selena4u.ru) [95.138.228.28]:53602 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/95.138.228.28) 2019-08-09 12:33:33 H=(default.ptr.selena4u.ru) [95.138.228.28]:53602 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/95.138.228.28) ...	2019-08-10 04:23:38
173.164.173.36	attack	Invalid user ssh-user from 173.164.173.36 port 40374 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.164.173.36 Failed password for invalid user ssh-user from 173.164.173.36 port 40374 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.164.173.36 user=root Failed password for root from 173.164.173.36 port 34082 ssh2	2019-08-10 05:08:10

Recently Reported IPs

194.139.215.133	170.199.4.27	59.233.77.247	32.26.172.240
198.148.123.162	27.89.31.74	80.109.71.178	143.224.7.145
34.251.130.198	168.194.167.240	41.146.235.38	116.235.163.120
167.78.187.160	223.149.108.155	102.229.199.34	109.237.111.109
132.183.64.115	134.143.15.255	24.123.167.56	121.96.186.141