13.249.120.102

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	ET INFO TLS Handshake Failure - port: 59165 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:50:27

Comments on same subnet:

IP	Type	Details	Datetime
13.249.120.65	attackbots	ET INFO TLS Handshake Failure - port: 1992 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:51:26
13.249.120.71	attackbotsspam	ET INFO TLS Handshake Failure - port: 7407 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:50:50
13.249.120.108	attack	ET INFO TLS Handshake Failure - port: 64353 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:49:56

Type

Details

Datetime

13.249.120.65

attackbots

ET INFO TLS Handshake Failure - port: 1992 proto: TCP cat: Potentially Bad Traffic

2020-06-21 07:51:26

13.249.120.71

attackbotsspam

ET INFO TLS Handshake Failure - port: 7407 proto: TCP cat: Potentially Bad Traffic

2020-06-21 07:50:50

13.249.120.108

attack

ET INFO TLS Handshake Failure - port: 64353 proto: TCP cat: Potentially Bad Traffic

2020-06-21 07:49:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.249.120.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47378
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.249.120.102.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062001 1800 900 604800 86400

;; Query time: 78 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 21 07:50:24 CST 2020
;; MSG SIZE  rcvd: 118

Host info

102.120.249.13.in-addr.arpa domain name pointer server-13-249-120-102.atl51.r.cloudfront.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
102.120.249.13.in-addr.arpa	name = server-13-249-120-102.atl51.r.cloudfront.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.36.220.145	attackbots	Invalid user xiaoshengchang from 89.36.220.145 port 50839	2020-03-11 09:13:16
2.183.189.162	attack	Unauthorized connection attempt detected from IP address 2.183.189.162 to port 1433	2020-03-11 09:16:22
125.91.32.157	attackbots	Mar 11 03:53:58 server sshd\[1461\]: Invalid user cpanelrrdtool from 125.91.32.157 Mar 11 03:53:58 server sshd\[1461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.32.157 Mar 11 03:53:59 server sshd\[1461\]: Failed password for invalid user cpanelrrdtool from 125.91.32.157 port 50187 ssh2 Mar 11 04:15:15 server sshd\[7465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.32.157 user=root Mar 11 04:15:17 server sshd\[7465\]: Failed password for root from 125.91.32.157 port 43854 ssh2 ...	2020-03-11 09:30:03
212.95.137.51	attackspambots	Mar 11 03:41:49 hosting sshd[20241]: Invalid user tinkerware from 212.95.137.51 port 33786 ...	2020-03-11 09:15:58
89.44.43.163	attack	Mar 10 20:09:05 www sshd\[52702\]: Invalid user pi from 89.44.43.163 Mar 10 20:09:05 www sshd\[52702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.44.43.163 Mar 10 20:09:05 www sshd\[52704\]: Invalid user pi from 89.44.43.163 ...	2020-03-11 09:26:50
42.113.128.124	attackbots	Unauthorized connection attempt detected from IP address 42.113.128.124 to port 445	2020-03-11 09:17:51
187.189.234.239	attackspam	failed_logins	2020-03-11 09:03:40
198.98.50.192	attack	Mar 11 00:32:16 areeb-Workstation sshd[31795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.98.50.192 Mar 11 00:32:18 areeb-Workstation sshd[31795]: Failed password for invalid user daniela from 198.98.50.192 port 59456 ssh2 ...	2020-03-11 09:30:33
62.234.74.29	attackbots	SSH Invalid Login	2020-03-11 09:06:58
200.209.174.76	attackbotsspam	Mar 10 22:16:53 eventyay sshd[5128]: Failed password for root from 200.209.174.76 port 50350 ssh2 Mar 10 22:19:15 eventyay sshd[5156]: Failed password for root from 200.209.174.76 port 38180 ssh2 ...	2020-03-11 09:01:41
185.202.1.164	attack	SSH-BruteForce	2020-03-11 09:10:21
153.126.142.248	attackbots	Mar 10 13:58:01 mockhub sshd[14725]: Failed password for root from 153.126.142.248 port 59610 ssh2 ...	2020-03-11 09:33:06
186.7.107.111	attackbotsspam	(sshd) Failed SSH login from 186.7.107.111 (DO/Dominican Republic/Provincia de Azua/Azua/111.107.7.186.f.dyn.claro.net.do/[AS6400 Compañía Dominicana de Teléfonos, C. por A. - CODETEL]): 1 in the last 3600 secs	2020-03-11 09:02:10
51.178.55.87	attack	Mar 10 13:42:24 hpm sshd\[11251\]: Invalid user timesheet from 51.178.55.87 Mar 10 13:42:24 hpm sshd\[11251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.ip-51-178-55.eu Mar 10 13:42:26 hpm sshd\[11251\]: Failed password for invalid user timesheet from 51.178.55.87 port 58666 ssh2 Mar 10 13:47:54 hpm sshd\[11725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.ip-51-178-55.eu user=daemon Mar 10 13:47:57 hpm sshd\[11725\]: Failed password for daemon from 51.178.55.87 port 52024 ssh2	2020-03-11 09:24:41
54.38.139.210	attackbotsspam	Brute force attempt	2020-03-11 09:11:46

Recently Reported IPs

103.245.120.215	254.245.206.11	69.194.134.49	54.57.245.164
247.223.77.17	222.99.203.225	63.179.218.128	241.157.250.210
189.152.144.11	110.122.70.188	48.22.91.240	21.233.141.159
4.37.32.45	16.155.9.196	63.177.230.206	85.108.9.148
86.202.104.77	96.80.109.30	181.132.51.189	181.230.163.127