3.21.143.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Apr 17 19:28:03 tdfoods sshd\[21980\]: Invalid user ii from 3.21.143.45 Apr 17 19:28:03 tdfoods sshd\[21980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-21-143-45.us-east-2.compute.amazonaws.com Apr 17 19:28:05 tdfoods sshd\[21980\]: Failed password for invalid user ii from 3.21.143.45 port 40474 ssh2 Apr 17 19:34:52 tdfoods sshd\[22376\]: Invalid user nn from 3.21.143.45 Apr 17 19:34:52 tdfoods sshd\[22376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-21-143-45.us-east-2.compute.amazonaws.com	2020-04-18 15:00:50

Type

Details

Datetime

attackspam

Apr 17 19:28:03 tdfoods sshd\[21980\]: Invalid user ii from 3.21.143.45
Apr 17 19:28:03 tdfoods sshd\[21980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-21-143-45.us-east-2.compute.amazonaws.com
Apr 17 19:28:05 tdfoods sshd\[21980\]: Failed password for invalid user ii from 3.21.143.45 port 40474 ssh2
Apr 17 19:34:52 tdfoods sshd\[22376\]: Invalid user nn from 3.21.143.45
Apr 17 19:34:52 tdfoods sshd\[22376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-21-143-45.us-east-2.compute.amazonaws.com

2020-04-18 15:00:50

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.21.143.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10606
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.21.143.45.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041800 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 15:00:46 CST 2020
;; MSG SIZE  rcvd: 115

Host info

45.143.21.3.in-addr.arpa domain name pointer ec2-3-21-143-45.us-east-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.143.21.3.in-addr.arpa	name = ec2-3-21-143-45.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.0.29.147	attack	SSHD unauthorised connection attempt (b)	2020-04-19 08:02:13
80.211.24.117	attackspam	Apr 19 06:08:20 host5 sshd[22038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.24.117 user=root Apr 19 06:08:21 host5 sshd[22038]: Failed password for root from 80.211.24.117 port 54974 ssh2 ...	2020-04-19 12:08:48
171.100.57.50	attack	IMAP/SMTP Authentication Failure	2020-04-19 12:02:52
112.164.220.196	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-19 08:17:15
41.32.153.99	attack	DATE:2020-04-18 22:18:26, IP:41.32.153.99, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-04-19 08:13:34
94.139.182.64	attackbotsspam	SMB Server BruteForce Attack	2020-04-19 08:19:23
142.93.251.1	attack	Apr 19 02:04:21 [host] sshd[30504]: pam_unix(sshd: Apr 19 02:04:24 [host] sshd[30504]: Failed passwor Apr 19 02:09:13 [host] sshd[30919]: pam_unix(sshd:	2020-04-19 08:11:02
201.216.239.241	attackbotsspam	$f2bV_matches	2020-04-19 12:11:29
113.190.233.163	attack	Dovecot Invalid User Login Attempt.	2020-04-19 12:00:55
185.50.149.4	attackspam	Apr 19 06:00:40 relay postfix/smtpd\[22289\]: warning: unknown\[185.50.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 19 06:00:58 relay postfix/smtpd\[22289\]: warning: unknown\[185.50.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 19 06:02:35 relay postfix/smtpd\[18350\]: warning: unknown\[185.50.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 19 06:02:54 relay postfix/smtpd\[18350\]: warning: unknown\[185.50.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 19 06:03:24 relay postfix/smtpd\[26019\]: warning: unknown\[185.50.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-19 12:07:38
139.59.36.23	attackbotsspam	SSH Brute-Force. Ports scanning.	2020-04-19 08:14:36
178.165.72.177	attack	Apr 18 03:16:30 XXX sshd[3991]: Invalid user user from 178.165.72.177 port 51528	2020-04-19 08:07:30
212.83.183.57	attack	$f2bV_matches	2020-04-19 12:11:04
122.15.72.202	attack	Apr 19 00:37:03 vserver sshd\[3630\]: Invalid user testing from 122.15.72.202Apr 19 00:37:05 vserver sshd\[3630\]: Failed password for invalid user testing from 122.15.72.202 port 6566 ssh2Apr 19 00:40:53 vserver sshd\[3733\]: Invalid user postgres from 122.15.72.202Apr 19 00:40:55 vserver sshd\[3733\]: Failed password for invalid user postgres from 122.15.72.202 port 17422 ssh2 ...	2020-04-19 08:20:24
190.196.248.3	attack	Automatic report - Port Scan Attack	2020-04-19 12:05:57

Recently Reported IPs

185.36.72.157	6.233.82.182	60.59.48.10	242.17.126.43
45.87.151.197	203.238.189.44	163.109.117.102	209.93.255.165
210.179.36.189	183.131.84.141	240.90.106.226	49.233.141.58
82.19.173.98	210.61.153.24	182.50.132.103	123.16.244.88
63.83.73.187	5.180.138.253	62.234.151.121	210.112.27.51