13.48.12.0 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
13.48.123.50	attackbotsspam	Unauthorized connection attempt detected, IP banned.	2020-02-01 13:42:31
13.48.124.150	attack	B: File scanning	2020-02-01 08:01:25
13.48.126.162	attackspam	[FriJan3122:16:12.4454482020][:error][pid12116:tid47392789350144][client13.48.126.162:53860][client13.48.126.162]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group\)\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|\(\\|\^\\|\\\\\\\\.\\\\\\\\.\)/etc/\\|/\\\\\\\\.\(\?:history\\|bash_history\\|sh_history\\|env\)\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"www.sequoiarealestate.ch"][uri"/.env"][unique_id"XjSZHF8UQQXcjZxrK4YNlQAAAY4"][FriJan3122:34:11.3826442020][:error][pid12204:tid47392783046400][client13.48.126.162:56612][client13.48.126.162]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group\)\\|www_\?acl\)\\|global\\\\\\\\.asa\\|htt	2020-02-01 07:10:18

Type

Details

Datetime

13.48.123.50

attackbotsspam

Unauthorized connection attempt detected, IP banned.

2020-02-01 13:42:31

13.48.124.150

attack

B: File scanning

2020-02-01 08:01:25

13.48.126.162

attackspam

[FriJan3122:16:12.4454482020][:error][pid12116:tid47392789350144][client13.48.126.162:53860][client13.48.126.162]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)"atREQUEST_FILENAME.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"www.sequoiarealestate.ch"][uri"/.env"][unique_id"XjSZHF8UQQXcjZxrK4YNlQAAAY4"][FriJan3122:34:11.3826442020][:error][pid12204:tid47392783046400][client13.48.126.162:56612][client13.48.126.162]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|htt

2020-02-01 07:10:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.48.12.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4066
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;13.48.12.0.			IN	A

;; AUTHORITY SECTION:
.			374	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:24:31 CST 2022
;; MSG SIZE  rcvd: 103

Host info

0.12.48.13.in-addr.arpa domain name pointer ec2-13-48-12-0.eu-north-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
0.12.48.13.in-addr.arpa	name = ec2-13-48-12-0.eu-north-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.208	attack	Apr 30 00:12:44 MainVPS sshd[13713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.208 user=root Apr 30 00:12:46 MainVPS sshd[13713]: Failed password for root from 218.92.0.208 port 28972 ssh2 Apr 30 00:13:55 MainVPS sshd[14703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.208 user=root Apr 30 00:13:57 MainVPS sshd[14703]: Failed password for root from 218.92.0.208 port 52854 ssh2 Apr 30 00:13:55 MainVPS sshd[14703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.208 user=root Apr 30 00:13:57 MainVPS sshd[14703]: Failed password for root from 218.92.0.208 port 52854 ssh2 Apr 30 00:14:00 MainVPS sshd[14703]: Failed password for root from 218.92.0.208 port 52854 ssh2 ...	2020-04-30 07:43:53
123.154.16.2	attackbots	too many failed pop/imap login attempts	2020-04-30 07:48:27
91.121.211.59	attackbots	Apr 30 00:31:27 cloud sshd[26286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.211.59 Apr 30 00:31:29 cloud sshd[26286]: Failed password for invalid user zjy from 91.121.211.59 port 44926 ssh2	2020-04-30 08:17:03
87.251.74.246	attackbots	firewall-block, port(s): 7625/tcp, 21671/tcp, 39820/tcp, 58943/tcp	2020-04-30 08:21:53
117.33.158.93	attackspam	Apr 29 22:46:10 cloud sshd[22669]: Failed password for root from 117.33.158.93 port 44100 ssh2	2020-04-30 08:08:22
111.231.141.206	attackspam	CMS (WordPress or Joomla) login attempt.	2020-04-30 07:59:52
106.12.178.246	attack	Apr 30 00:21:22 vps sshd[110850]: Failed password for invalid user cyrus from 106.12.178.246 port 60304 ssh2 Apr 30 00:24:57 vps sshd[125251]: Invalid user wouter from 106.12.178.246 port 54010 Apr 30 00:24:57 vps sshd[125251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.178.246 Apr 30 00:24:59 vps sshd[125251]: Failed password for invalid user wouter from 106.12.178.246 port 54010 ssh2 Apr 30 00:28:30 vps sshd[144393]: Invalid user sir from 106.12.178.246 port 47728 ...	2020-04-30 07:57:43
194.204.194.11	attackspam	Apr 30 01:00:30 sshd\[25288\]: Invalid user ftpuser from 194.204.194.11Apr 30 01:00:32 sshd\[25288\]: Failed password for invalid user ftpuser from 194.204.194.11 port 47032 ssh2 ...	2020-04-30 08:18:21
103.104.123.24	attackspam	(sshd) Failed SSH login from 103.104.123.24 (VN/Vietnam/static-ptr.vndata.vn): 5 in the last 3600 secs	2020-04-30 08:17:22
218.92.0.211	attackbotsspam	2020-04-30T01:14:24.134427sd-86998 sshd[10593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root 2020-04-30T01:14:26.663675sd-86998 sshd[10593]: Failed password for root from 218.92.0.211 port 27052 ssh2 2020-04-30T01:14:28.767975sd-86998 sshd[10593]: Failed password for root from 218.92.0.211 port 27052 ssh2 2020-04-30T01:14:24.134427sd-86998 sshd[10593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root 2020-04-30T01:14:26.663675sd-86998 sshd[10593]: Failed password for root from 218.92.0.211 port 27052 ssh2 2020-04-30T01:14:28.767975sd-86998 sshd[10593]: Failed password for root from 218.92.0.211 port 27052 ssh2 2020-04-30T01:14:24.134427sd-86998 sshd[10593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root 2020-04-30T01:14:26.663675sd-86998 sshd[10593]: Failed password for root from 218.92.0.211 p ...	2020-04-30 08:03:13
89.78.211.78	attack	Apr 29 14:05:56 pixelmemory sshd[26271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.78.211.78 Apr 29 14:05:58 pixelmemory sshd[26271]: Failed password for invalid user abc from 89.78.211.78 port 58426 ssh2 Apr 29 14:17:32 pixelmemory sshd[28841]: Failed password for root from 89.78.211.78 port 33638 ssh2 ...	2020-04-30 07:55:49
47.241.62.238	attackbots	CA_Alibaba.com_<177>1588191090 [1:2403356:56948] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 29 [Classification: Misc Attack] [Priority: 2]: {TCP} 47.241.62.238:44555	2020-04-30 08:17:51
106.13.107.196	attackbotsspam	Apr 30 00:18:04 minden010 sshd[8765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 Apr 30 00:18:06 minden010 sshd[8765]: Failed password for invalid user pom from 106.13.107.196 port 53592 ssh2 Apr 30 00:21:11 minden010 sshd[9802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.196 ...	2020-04-30 07:44:38
79.107.119.133	attackbots	Port probing on unauthorized port 2323	2020-04-30 07:58:06
95.8.30.217	attackspambots	Apr 29 22:11:46 * sshd[1522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.8.30.217 Apr 29 22:11:48 * sshd[1522]: Failed password for invalid user user from 95.8.30.217 port 51032 ssh2	2020-04-30 07:53:17

Recently Reported IPs

13.48.141.142	13.48.159.79	13.48.155.41	13.48.174.242
13.48.189.184	13.48.173.203	13.48.232.145	13.48.72.176
13.48.240.85	13.48.92.235	13.48.53.10	13.48.81.204
13.49.145.245	13.49.166.13	13.49.181.137	13.48.83.212
13.49.195.89	13.49.199.225	13.49.37.190	13.49.71.87