13.49.145.182 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Sweden

Internet Service Provider: Amazon Data Services Sweden

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: ec2-13-49-145-182.eu-north-1.compute.amazonaws.com.	2020-10-05 01:29:58
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: ec2-13-49-145-182.eu-north-1.compute.amazonaws.com.	2020-10-04 17:13:10

Type

Details

Datetime

attackspambots

SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: ec2-13-49-145-182.eu-north-1.compute.amazonaws.com.

2020-10-05 01:29:58

attack

SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: ec2-13-49-145-182.eu-north-1.compute.amazonaws.com.

2020-10-04 17:13:10

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.49.145.182
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30863
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.49.145.182.			IN	A

;; AUTHORITY SECTION:
.			505	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100301 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 04 17:13:01 CST 2020
;; MSG SIZE  rcvd: 117

Host info

182.145.49.13.in-addr.arpa domain name pointer ec2-13-49-145-182.eu-north-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
182.145.49.13.in-addr.arpa	name = ec2-13-49-145-182.eu-north-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
13.229.168.91	spambotsattackproxynormal	username and password	2020-08-09 04:33:42
193.112.43.52	attack	Aug 3 10:56:04 our-server-hostname sshd[18627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.43.52 user=r.r Aug 3 10:56:07 our-server-hostname sshd[18627]: Failed password for r.r from 193.112.43.52 port 45606 ssh2 Aug 3 11:19:44 our-server-hostname sshd[24593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.43.52 user=r.r Aug 3 11:19:46 our-server-hostname sshd[24593]: Failed password for r.r from 193.112.43.52 port 59136 ssh2 Aug 3 11:38:10 our-server-hostname sshd[28787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.43.52 user=r.r Aug 3 11:38:12 our-server-hostname sshd[28787]: Failed password for r.r from 193.112.43.52 port 51318 ssh2 Aug 3 11:44:20 our-server-hostname sshd[31189]: Invalid user dqwkqk7417 from 193.112.43.52 Aug 3 11:44:20 our-server-hostname sshd[31189]: pam_unix(sshd:auth): authentication ........ -------------------------------	2020-08-09 04:10:51
13.229.168.91	spambotsattackproxynormal	username and password	2020-08-09 04:33:26
198.50.177.42	attackbots	Aug 8 16:11:58 roki-contabo sshd\[9407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.177.42 user=root Aug 8 16:12:00 roki-contabo sshd\[9407\]: Failed password for root from 198.50.177.42 port 38538 ssh2 Aug 8 16:28:43 roki-contabo sshd\[9847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.177.42 user=root Aug 8 16:28:46 roki-contabo sshd\[9847\]: Failed password for root from 198.50.177.42 port 58240 ssh2 Aug 8 16:35:49 roki-contabo sshd\[10032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.177.42 user=root ...	2020-08-09 04:08:54
69.158.207.141	attack	Aug 8 19:09:05 itv-usvr-01 sshd[12285]: Invalid user node from 69.158.207.141	2020-08-09 04:03:38
183.103.115.2	attackbots	Automatic report - Banned IP Access	2020-08-09 04:22:06
101.93.102.45	attackbots	Aug 9 03:24:43 webhost01 sshd[18673]: Failed password for root from 101.93.102.45 port 51933 ssh2 ...	2020-08-09 04:32:27
212.70.149.35	attackbots	2020-08-08 23:28:24 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data $set_id=roland@org.ua$2020-08-08 23:28:42 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data $set_id=arnold@org.ua$2020-08-08 23:29:01 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data $set_id=harvey@org.ua$ ...	2020-08-09 04:30:52
192.240.123.49	attack	Aug 7 00:17:56 hidden sshd[27587]: Failed password for hidden from 192.240.123.49 port 45433 ssh2 Aug 7 00:31:21 hidden sshd[32177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.240.123.49 user=root Aug 7 00:31:24 hidden sshd[32177]: Failed password for hidden from 192.240.123.49 port 57534 ssh2	2020-08-09 04:14:23
188.23.201.117	attack	$f2bV_matches	2020-08-09 04:19:04
187.141.128.42	attack	Aug 8 20:40:33 rocket sshd[28653]: Failed password for root from 187.141.128.42 port 51196 ssh2 Aug 8 20:44:04 rocket sshd[28997]: Failed password for root from 187.141.128.42 port 51378 ssh2 ...	2020-08-09 04:04:26
52.254.85.5	attack	Multiple SSH authentication failures from 52.254.85.5	2020-08-09 04:28:12
1.226.12.132	attackspambots	Lines containing failures of 1.226.12.132 Aug 8 05:32:59 ntop sshd[5454]: User r.r from 1.226.12.132 not allowed because not listed in AllowUsers Aug 8 05:32:59 ntop sshd[5454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.226.12.132 user=r.r Aug 8 05:33:01 ntop sshd[5454]: Failed password for invalid user r.r from 1.226.12.132 port 39098 ssh2 Aug 8 05:33:03 ntop sshd[5454]: Received disconnect from 1.226.12.132 port 39098:11: Bye Bye [preauth] Aug 8 05:33:03 ntop sshd[5454]: Disconnected from invalid user r.r 1.226.12.132 port 39098 [preauth] Aug 8 05:42:01 ntop sshd[6230]: User r.r from 1.226.12.132 not allowed because not listed in AllowUsers Aug 8 05:42:01 ntop sshd[6230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.226.12.132 user=r.r Aug 8 05:42:02 ntop sshd[6230]: Failed password for invalid user r.r from 1.226.12.132 port 36108 ssh2 Aug 8 05:42:03 ntop sshd[6230]........ ------------------------------	2020-08-09 04:24:31
51.83.68.213	attack	Failed password for root from 51.83.68.213 port 40384 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.ip-51-83-68.eu user=root Failed password for root from 51.83.68.213 port 50322 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.ip-51-83-68.eu user=root Failed password for root from 51.83.68.213 port 60248 ssh2	2020-08-09 04:15:40
2.187.36.143	attackspam	TCP (SYN) 2.187.36.143:39558 -> port 9530, len 44	2020-08-09 04:03:55

Recently Reported IPs

51.75.32.143	103.131.71.161	95.9.95.222	12.135.145.207
62.4.25.125	63.164.31.193	200.93.50.91	122.115.52.2
45.145.185.34	209.141.40.182	226.88.154.230	138.146.25.2
248.96.255.219	134.35.14.14	36.91.70.146	217.245.134.153
195.235.87.144	21.76.185.4	109.216.177.193	167.101.86.8