3.21.30.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	May 4 02:19:34 mail sshd[8605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.21.30.58 user=r.r May 4 02:19:35 mail sshd[8605]: Failed password for r.r from 3.21.30.58 port 33846 ssh2 May 4 02:19:35 mail sshd[8605]: Received disconnect from 3.21.30.58 port 33846:11: Bye Bye [preauth] May 4 02:19:35 mail sshd[8605]: Disconnected from 3.21.30.58 port 33846 [preauth] May 4 02:30:43 mail sshd[8700]: Connection closed by 3.21.30.58 port 46450 [preauth] May 4 02:38:57 mail sshd[8757]: Connection closed by 3.21.30.58 port 40776 [preauth] May 4 02:45:15 mail sshd[8871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.21.30.58 user=r.r May 4 02:45:18 mail sshd[8871]: Failed password for r.r from 3.21.30.58 port 35090 ssh2 May 4 02:45:18 mail sshd[8871]: Received disconnect from 3.21.30.58 port 35090:11: Bye Bye [preauth] May 4 02:45:18 mail sshd[8871]: Disconnected from 3.21.30.58 p........ -------------------------------	2020-05-05 05:08:27

Type

Details

Datetime

attackbotsspam

May  4 02:19:34 mail sshd[8605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.21.30.58  user=r.r
May  4 02:19:35 mail sshd[8605]: Failed password for r.r from 3.21.30.58 port 33846 ssh2
May  4 02:19:35 mail sshd[8605]: Received disconnect from 3.21.30.58 port 33846:11: Bye Bye [preauth]
May  4 02:19:35 mail sshd[8605]: Disconnected from 3.21.30.58 port 33846 [preauth]
May  4 02:30:43 mail sshd[8700]: Connection closed by 3.21.30.58 port 46450 [preauth]
May  4 02:38:57 mail sshd[8757]: Connection closed by 3.21.30.58 port 40776 [preauth]
May  4 02:45:15 mail sshd[8871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=3.21.30.58  user=r.r
May  4 02:45:18 mail sshd[8871]: Failed password for r.r from 3.21.30.58 port 35090 ssh2
May  4 02:45:18 mail sshd[8871]: Received disconnect from 3.21.30.58 port 35090:11: Bye Bye [preauth]
May  4 02:45:18 mail sshd[8871]: Disconnected from 3.21.30.58 p........
-------------------------------

2020-05-05 05:08:27

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.21.30.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41811
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.21.30.58.			IN	A

;; AUTHORITY SECTION:
.			507	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050402 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 05:08:24 CST 2020
;; MSG SIZE  rcvd: 114

Host info

58.30.21.3.in-addr.arpa domain name pointer ec2-3-21-30-58.us-east-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.30.21.3.in-addr.arpa	name = ec2-3-21-30-58.us-east-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.248	attack	2020-10-07T15:21:00.071458snf-827550 sshd[25427]: Failed password for root from 218.92.0.248 port 11462 ssh2 2020-10-07T15:21:04.065768snf-827550 sshd[25427]: Failed password for root from 218.92.0.248 port 11462 ssh2 2020-10-07T15:21:07.622852snf-827550 sshd[25427]: Failed password for root from 218.92.0.248 port 11462 ssh2 ...	2020-10-07 20:21:56
192.241.236.169	attackspambots	404 NOT FOUND	2020-10-07 20:46:54
141.98.81.141	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-07T12:17:50Z	2020-10-07 20:33:39
222.186.42.7	attack	Oct 7 12:33:31 localhost sshd[48780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Oct 7 12:33:33 localhost sshd[48780]: Failed password for root from 222.186.42.7 port 31159 ssh2 Oct 7 12:33:36 localhost sshd[48780]: Failed password for root from 222.186.42.7 port 31159 ssh2 Oct 7 12:33:31 localhost sshd[48780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Oct 7 12:33:33 localhost sshd[48780]: Failed password for root from 222.186.42.7 port 31159 ssh2 Oct 7 12:33:36 localhost sshd[48780]: Failed password for root from 222.186.42.7 port 31159 ssh2 Oct 7 12:33:31 localhost sshd[48780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Oct 7 12:33:33 localhost sshd[48780]: Failed password for root from 222.186.42.7 port 31159 ssh2 Oct 7 12:33:36 localhost sshd[48780]: Failed password fo ...	2020-10-07 20:39:58
151.115.37.105	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-07 20:27:42
120.194.194.86	attack	TCP (SYN) 120.194.194.86:43312 -> port 1433, len 44	2020-10-07 20:12:34
198.12.153.39	attack	17 attempts against mh-modsecurity-ban on sonic	2020-10-07 20:46:28
115.79.138.163	attackbots	Oct 6 22:21:26 web1 sshd\[22566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.79.138.163 user=root Oct 6 22:21:28 web1 sshd\[22566\]: Failed password for root from 115.79.138.163 port 43213 ssh2 Oct 6 22:24:12 web1 sshd\[22812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.79.138.163 user=root Oct 6 22:24:13 web1 sshd\[22812\]: Failed password for root from 115.79.138.163 port 50597 ssh2 Oct 6 22:27:05 web1 sshd\[23086\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.79.138.163 user=root	2020-10-07 20:18:34
112.85.42.181	attackbotsspam	2020-10-07T14:21:46.962071centos sshd[3317]: Failed password for root from 112.85.42.181 port 22334 ssh2 2020-10-07T14:21:51.272056centos sshd[3317]: Failed password for root from 112.85.42.181 port 22334 ssh2 2020-10-07T14:21:56.684040centos sshd[3317]: Failed password for root from 112.85.42.181 port 22334 ssh2 ...	2020-10-07 20:36:59
154.120.230.250	attack	Unauthorized connection attempt from IP address 154.120.230.250 on Port 445(SMB)	2020-10-07 20:23:57
192.35.168.227	attack	TCP (SYN) 192.35.168.227:52358 -> port 9367, len 44	2020-10-07 20:14:56
222.186.15.115	attackspam	Oct 7 08:15:12 ny01 sshd[20636]: Failed password for root from 222.186.15.115 port 60106 ssh2 Oct 7 08:15:52 ny01 sshd[20715]: Failed password for root from 222.186.15.115 port 34218 ssh2 Oct 7 08:15:55 ny01 sshd[20715]: Failed password for root from 222.186.15.115 port 34218 ssh2	2020-10-07 20:22:43
95.217.228.120	attackbots	scrapers as usual from Hetzner.de	2020-10-07 20:24:15
180.76.148.87	attackbotsspam	Oct 7 12:27:01 roki-contabo sshd\[2851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root Oct 7 12:27:04 roki-contabo sshd\[2851\]: Failed password for root from 180.76.148.87 port 34267 ssh2 Oct 7 13:03:45 roki-contabo sshd\[4165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root Oct 7 13:03:47 roki-contabo sshd\[4165\]: Failed password for root from 180.76.148.87 port 41187 ssh2 Oct 7 13:08:04 roki-contabo sshd\[4279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.148.87 user=root ...	2020-10-07 20:41:48
236.253.88.46	attack	Hi	2020-10-07 20:49:38

Recently Reported IPs

251.4.50.226	34.80.176.16	120.72.86.4	218.73.130.85
159.69.121.51	181.73.22.85	220.67.128.185	77.42.73.204
121.239.0.24	115.238.97.2	92.39.218.17	184.75.211.141
189.210.193.109	104.211.10.188	106.83.137.172	151.19.6.187
210.74.11.172	72.100.129.30	118.89.116.13	80.169.112.191