3.6.11.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
3.6.113.138	attack	Unauthorized connection attempt from IP address 3.6.113.138 on Port 3389(RDP)	2020-04-01 12:49:42
3.6.113.138	attackbots	2020-03-20T17:53:40Z - RDP login failed multiple times. (3.6.113.138)	2020-03-21 06:03:24
3.6.112.148	attackbots	SSH/22 MH Probe, BF, Hack -	2020-01-15 18:24:43
3.6.112.148	attack	Unauthorized connection attempt detected from IP address 3.6.112.148 to port 2220 [J]	2020-01-14 07:03:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.6.11.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26980
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.6.11.138.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024040402 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 05 12:51:34 CST 2024
;; MSG SIZE  rcvd: 103

Host info

138.11.6.3.in-addr.arpa domain name pointer ec2-3-6-11-138.ap-south-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.11.6.3.in-addr.arpa	name = ec2-3-6-11-138.ap-south-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.15.158	attackbots	Jan 8 07:10:45 MK-Soft-VM4 sshd[19290]: Failed password for root from 222.186.15.158 port 13065 ssh2 Jan 8 07:10:48 MK-Soft-VM4 sshd[19290]: Failed password for root from 222.186.15.158 port 13065 ssh2 ...	2020-01-08 14:18:18
41.92.40.105	attackspam	41.92.40.105 - - \[08/Jan/2020:05:54:53 +0100\] "POST //xmlrpc.php HTTP/1.0" 200 109544 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36" 41.92.40.105 - - \[08/Jan/2020:05:54:58 +0100\] "POST //xmlrpc.php HTTP/1.0" 200 109544 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36" 41.92.40.105 - - \[08/Jan/2020:05:55:00 +0100\] "POST //xmlrpc.php HTTP/1.0" 200 855 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36"	2020-01-08 14:28:16
123.148.146.163	attackbots	xmlrpc attack	2020-01-08 14:28:54
118.100.49.236	attackspambots	Lines containing failures of 118.100.49.236 Jan 7 06:39:27 jarvis sshd[8580]: Invalid user cdh from 118.100.49.236 port 60690 Jan 7 06:39:27 jarvis sshd[8580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.100.49.236 Jan 7 06:39:29 jarvis sshd[8580]: Failed password for invalid user cdh from 118.100.49.236 port 60690 ssh2 Jan 7 06:39:30 jarvis sshd[8580]: Received disconnect from 118.100.49.236 port 60690:11: Bye Bye [preauth] Jan 7 06:39:30 jarvis sshd[8580]: Disconnected from invalid user cdh 118.100.49.236 port 60690 [preauth] Jan 7 07:06:27 jarvis sshd[11358]: Invalid user bbz from 118.100.49.236 port 42892 Jan 7 07:06:27 jarvis sshd[11358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.100.49.236 Jan 7 07:06:30 jarvis sshd[11358]: Failed password for invalid user bbz from 118.100.49.236 port 42892 ssh2 Jan 7 07:06:32 jarvis sshd[11358]: Received disconnect from 118........ ------------------------------	2020-01-08 14:48:28
183.98.32.5	attack	Jan 8 06:53:46 legacy sshd[30829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.98.32.5 Jan 8 06:53:48 legacy sshd[30829]: Failed password for invalid user odroid from 183.98.32.5 port 52656 ssh2 Jan 8 06:57:48 legacy sshd[31058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.98.32.5 ...	2020-01-08 14:09:33
112.85.42.188	attackspambots	01/08/2020-01:15:11.148075 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-08 14:16:15
185.164.255.34	attackspam	01/07/2020-23:54:36.243168 185.164.255.34 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-08 14:47:10
159.203.201.89	attackspam	Unauthorized connection attempt detected from IP address 159.203.201.89 to port 9200	2020-01-08 14:27:57
119.205.235.251	attackbotsspam	Jan 8 01:00:43 www sshd\[30829\]: Invalid user john from 119.205.235.251 Jan 8 01:03:33 www sshd\[31024\]: Invalid user scaner from 119.205.235.251 ...	2020-01-08 14:44:39
222.186.175.217	attackspambots	Jan 8 07:29:53 dcd-gentoo sshd[11171]: User root from 222.186.175.217 not allowed because none of user's groups are listed in AllowGroups Jan 8 07:29:55 dcd-gentoo sshd[11171]: error: PAM: Authentication failure for illegal user root from 222.186.175.217 Jan 8 07:29:53 dcd-gentoo sshd[11171]: User root from 222.186.175.217 not allowed because none of user's groups are listed in AllowGroups Jan 8 07:29:55 dcd-gentoo sshd[11171]: error: PAM: Authentication failure for illegal user root from 222.186.175.217 Jan 8 07:29:53 dcd-gentoo sshd[11171]: User root from 222.186.175.217 not allowed because none of user's groups are listed in AllowGroups Jan 8 07:29:55 dcd-gentoo sshd[11171]: error: PAM: Authentication failure for illegal user root from 222.186.175.217 Jan 8 07:29:55 dcd-gentoo sshd[11171]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.217 port 59610 ssh2 ...	2020-01-08 14:48:10
218.92.0.198	attackbotsspam	Jan 8 07:54:56 amit sshd\[1320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.198 user=root Jan 8 07:54:58 amit sshd\[1320\]: Failed password for root from 218.92.0.198 port 24816 ssh2 Jan 8 07:55:01 amit sshd\[1320\]: Failed password for root from 218.92.0.198 port 24816 ssh2 ...	2020-01-08 14:57:14
93.186.148.7	attack	TCP Port Scanning	2020-01-08 14:13:38
79.177.2.142	attackbots	Unauthorized connection attempt detected from IP address 79.177.2.142 to port 23 [J]	2020-01-08 14:26:45
154.0.168.66	attackspam	WordPress wp-login brute force :: 154.0.168.66 0.128 BYPASS [08/Jan/2020:04:54:25 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2100 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-08 14:55:30
218.92.0.168	attackspambots	Jan 7 19:57:22 hanapaa sshd\[30241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Jan 7 19:57:23 hanapaa sshd\[30241\]: Failed password for root from 218.92.0.168 port 19806 ssh2 Jan 7 19:57:33 hanapaa sshd\[30241\]: Failed password for root from 218.92.0.168 port 19806 ssh2 Jan 7 19:57:35 hanapaa sshd\[30241\]: Failed password for root from 218.92.0.168 port 19806 ssh2 Jan 7 19:57:40 hanapaa sshd\[30282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root	2020-01-08 14:05:12

Recently Reported IPs

3.1.222.54	3.7.10.214	3.7.10.163	3.7.10.244
3.7.11.88	3.7.11.212	3.8.2.137	3.8.45.209
3.8.31.234	3.8.94.219	2.57.77.212	2.57.77.182
2.57.77.216	3.1.222.82	2.57.77.130	2.57.77.150
2.57.77.126	2.57.77.141	1.117.219.121	2.57.77.121