13.249.120.71 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	ET INFO TLS Handshake Failure - port: 7407 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:50:50

Comments on same subnet:

IP	Type	Details	Datetime
13.249.120.65	attackbots	ET INFO TLS Handshake Failure - port: 1992 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:51:26
13.249.120.102	attackbots	ET INFO TLS Handshake Failure - port: 59165 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:50:27
13.249.120.108	attack	ET INFO TLS Handshake Failure - port: 64353 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:49:56

Type

Details

Datetime

13.249.120.65

attackbots

ET INFO TLS Handshake Failure - port: 1992 proto: TCP cat: Potentially Bad Traffic

2020-06-21 07:51:26

13.249.120.102

attackbots

ET INFO TLS Handshake Failure - port: 59165 proto: TCP cat: Potentially Bad Traffic

2020-06-21 07:50:27

13.249.120.108

attack

ET INFO TLS Handshake Failure - port: 64353 proto: TCP cat: Potentially Bad Traffic

2020-06-21 07:49:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.249.120.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17165
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.249.120.71.			IN	A

;; AUTHORITY SECTION:
.			315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062001 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 21 07:50:44 CST 2020
;; MSG SIZE  rcvd: 117

Host info

71.120.249.13.in-addr.arpa domain name pointer server-13-249-120-71.atl51.r.cloudfront.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
71.120.249.13.in-addr.arpa	name = server-13-249-120-71.atl51.r.cloudfront.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.18.125	attackbots	Oct 8 16:42:37 abendstille sshd\[1559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Oct 8 16:42:38 abendstille sshd\[1559\]: Failed password for root from 106.12.18.125 port 34410 ssh2 Oct 8 16:47:15 abendstille sshd\[5851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root Oct 8 16:47:17 abendstille sshd\[5851\]: Failed password for root from 106.12.18.125 port 40710 ssh2 Oct 8 16:52:18 abendstille sshd\[10635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.125 user=root ...	2020-10-08 22:53:44
201.71.159.248	attackbots	Unauthorized connection attempt from IP address 201.71.159.248 on Port 445(SMB)	2020-10-08 22:58:07
14.102.74.99	attackspam	(sshd) Failed SSH login from 14.102.74.99 (IN/India/National Capital Territory of Delhi/Delhi/-/[AS18002 AS Number for Interdomain Routing]): 10 in the last 3600 secs	2020-10-08 22:31:50
203.192.219.7	attack	"fail2ban match"	2020-10-08 22:52:10
182.71.180.130	attackspambots	Unauthorized connection attempt from IP address 182.71.180.130 on Port 445(SMB)	2020-10-08 22:42:34
103.254.73.98	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-08 23:04:25
179.108.20.116	attackbotsspam	can 179.108.20.116 [08/Oct/2020:03:41:11 "-" "POST /xmlrpc.php 200 593 179.108.20.116 [08/Oct/2020:03:41:22 "-" "POST /xmlrpc.php 200 593 179.108.20.116 [08/Oct/2020:03:41:30 "-" "POST /xmlrpc.php 403 422	2020-10-08 22:32:27
24.36.51.196	attackbots	Unauthorised access (Oct 7) SRC=24.36.51.196 LEN=44 TTL=49 ID=33513 TCP DPT=23 WINDOW=53505 SYN	2020-10-08 22:39:42
3.17.145.115	attackbots	mue-Direct access to plugin not allowed	2020-10-08 22:41:31
86.57.219.98	attack	Unauthorized connection attempt from IP address 86.57.219.98 on Port 445(SMB)	2020-10-08 22:47:08
93.115.144.246	attackbots	Unauthorized connection attempt from IP address 93.115.144.246 on Port 445(SMB)	2020-10-08 22:36:00
103.110.84.196	attackbotsspam	(sshd) Failed SSH login from 103.110.84.196 (VN/Vietnam/-): 5 in the last 3600 secs	2020-10-08 22:33:02
192.241.218.199	attackbots	TCP (SYN) 192.241.218.199:48980 -> port 139, len 40	2020-10-08 22:38:05
185.174.195.130	attackbots	Found on CINS badguys / proto=6 . srcport=34735 . dstport=80 HTTP . (3217)	2020-10-08 22:33:53
139.198.121.63	attackbotsspam	Oct 8 10:40:08 vserver sshd\[28831\]: Failed password for root from 139.198.121.63 port 40971 ssh2Oct 8 10:42:09 vserver sshd\[28858\]: Failed password for root from 139.198.121.63 port 57813 ssh2Oct 8 10:44:12 vserver sshd\[28873\]: Failed password for root from 139.198.121.63 port 46495 ssh2Oct 8 10:46:12 vserver sshd\[28902\]: Failed password for root from 139.198.121.63 port 35046 ssh2 ...	2020-10-08 23:04:08

Recently Reported IPs

254.245.206.11	69.194.134.49	54.57.245.164	247.223.77.17
222.99.203.225	63.179.218.128	241.157.250.210	189.152.144.11
110.122.70.188	48.22.91.240	21.233.141.159	4.37.32.45
16.155.9.196	63.177.230.206	85.108.9.148	86.202.104.77
96.80.109.30	181.132.51.189	181.230.163.127	176.170.30.248