13.49.44.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Sweden

Internet Service Provider: Amazon Data Services Sweden

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Trolling for resource vulnerabilities	2020-08-17 18:59:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.49.44.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4166
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.49.44.92.			IN	A

;; AUTHORITY SECTION:
.			371	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081700 1800 900 604800 86400

;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 17 18:59:32 CST 2020
;; MSG SIZE  rcvd: 115

Host info

92.44.49.13.in-addr.arpa domain name pointer ec2-13-49-44-92.eu-north-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
92.44.49.13.in-addr.arpa	name = ec2-13-49-44-92.eu-north-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.66.236.62	attack	SASL Brute Force	2019-08-10 03:54:53
81.22.45.252	attack	Port scan: Attack repeated for 24 hours	2019-08-10 03:36:48
67.222.106.185	attackspambots	Aug 9 19:35:17 mintao sshd\[22311\]: Address 67.222.106.185 maps to web4.airpush.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!\ Aug 9 19:35:17 mintao sshd\[22311\]: Invalid user db2das from 67.222.106.185\	2019-08-10 03:30:19
95.130.9.90	attackbotsspam	Aug 9 22:58:59 srv-4 sshd\[32535\]: Invalid user amx from 95.130.9.90 Aug 9 22:58:59 srv-4 sshd\[32535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.130.9.90 Aug 9 22:59:01 srv-4 sshd\[32535\]: Failed password for invalid user amx from 95.130.9.90 port 34932 ssh2 ...	2019-08-10 04:09:58
138.121.62.63	attackspam	Brute force SMTP login attempted. ...	2019-08-10 04:09:33
138.197.147.233	attack	Aug 9 19:50:38 icinga sshd[20420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.147.233 Aug 9 19:50:40 icinga sshd[20420]: Failed password for invalid user slackware from 138.197.147.233 port 59020 ssh2 ...	2019-08-10 03:37:23
5.26.250.185	attackbotsspam	Aug 9 22:42:22 yabzik sshd[10600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.26.250.185 Aug 9 22:42:24 yabzik sshd[10600]: Failed password for invalid user silentios from 5.26.250.185 port 33950 ssh2 Aug 9 22:47:09 yabzik sshd[12071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.26.250.185	2019-08-10 04:04:40
116.62.247.38	attack	20 attempts against mh-ssh on hill.magehost.pro	2019-08-10 03:42:23
110.249.212.46	attack	116x Blocked Connections on two of our networks and 7 different IPs focusing on 27 specific ports - (Focused Probe began 29Jul on multiple of our networks and is documented daily. Ports of interest are: 80, 81, 443, 803, 3128, 3328, 5555, 8000, 8080, 8081, 8085, 8090, 8118, 8123, 8888, 8989, 9000, 9090, 9191, 9797, 9999, 10102, 11223, 18186, 34599, 37564, & 55555)	2019-08-10 04:05:37
112.85.42.227	attack	Aug 9 14:15:16 aat-srv002 sshd[17687]: Failed password for root from 112.85.42.227 port 64548 ssh2 Aug 9 14:30:52 aat-srv002 sshd[18023]: Failed password for root from 112.85.42.227 port 26203 ssh2 Aug 9 14:31:38 aat-srv002 sshd[18037]: Failed password for root from 112.85.42.227 port 11982 ssh2 ...	2019-08-10 03:37:45
138.197.152.113	attackspambots	2019-08-09T19:20:21.571054abusebot-2.cloudsearch.cf sshd\[23716\]: Invalid user kaitlyn from 138.197.152.113 port 38240	2019-08-10 03:34:52
36.27.30.141	attack	Aug 9 19:00:00 mxgate1 postfix/postscreen[16813]: CONNECT from [36.27.30.141]:49593 to [176.31.12.44]:25 Aug 9 19:00:00 mxgate1 postfix/dnsblog[16864]: addr 36.27.30.141 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 9 19:00:00 mxgate1 postfix/dnsblog[16863]: addr 36.27.30.141 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 9 19:00:00 mxgate1 postfix/dnsblog[16876]: addr 36.27.30.141 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Aug 9 19:00:00 mxgate1 postfix/dnsblog[16866]: addr 36.27.30.141 listed by domain bl.spamcop.net as 127.0.0.2 Aug 9 19:00:00 mxgate1 postfix/dnsblog[16865]: addr 36.27.30.141 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 9 19:00:06 mxgate1 postfix/postscreen[16813]: DNSBL rank 6 for [36.27.30.141]:49593 Aug x@x Aug 9 19:00:07 mxgate1 postfix/postscreen[16813]: DISCONNECT [36.27.30.141]:49593 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=36.27.30.141	2019-08-10 03:28:00
129.204.67.235	attackspambots	Aug 9 19:47:19 *** sshd[28522]: Invalid user 123 from 129.204.67.235	2019-08-10 03:58:00
138.197.142.181	attackspam	Aug 9 18:54:24 *** sshd[16177]: User root from 138.197.142.181 not allowed because not listed in AllowUsers	2019-08-10 03:43:22
115.73.219.208	attack	Probing for vulnerable services	2019-08-10 03:59:14

Recently Reported IPs

112.220.80.74	13.229.205.246	171.103.166.50	176.248.14.220
93.93.46.180	88.238.11.120	34.96.229.175	117.30.223.144
54.162.134.87	51.178.136.157	34.201.223.234	186.139.183.56
155.138.150.47	148.223.224.67	59.153.241.134	59.153.235.216
61.132.226.5	35.241.102.85	35.184.191.19	217.172.107.138