13.52.240.208 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
13.52.240.178	attack	Bruteforce detected by fail2ban	2020-04-28 17:10:21
13.52.240.178	attack	Apr 27 22:04:43 ovpn sshd[18796]: Invalid user manny from 13.52.240.178 Apr 27 22:04:43 ovpn sshd[18796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.52.240.178 Apr 27 22:04:46 ovpn sshd[18796]: Failed password for invalid user manny from 13.52.240.178 port 52676 ssh2 Apr 27 22:04:46 ovpn sshd[18796]: Received disconnect from 13.52.240.178 port 52676:11: Bye Bye [preauth] Apr 27 22:04:46 ovpn sshd[18796]: Disconnected from 13.52.240.178 port 52676 [preauth] Apr 27 22:11:02 ovpn sshd[20395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.52.240.178 user=r.r Apr 27 22:11:05 ovpn sshd[20395]: Failed password for r.r from 13.52.240.178 port 46106 ssh2 Apr 27 22:11:05 ovpn sshd[20395]: Received disconnect from 13.52.240.178 port 46106:11: Bye Bye [preauth] Apr 27 22:11:05 ovpn sshd[20395]: Disconnected from 13.52.240.178 port 46106 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/	2020-04-28 06:10:32

Type

Details

Datetime

13.52.240.178

attack

Bruteforce detected by fail2ban

2020-04-28 17:10:21

13.52.240.178

attack

Apr 27 22:04:43 ovpn sshd[18796]: Invalid user manny from 13.52.240.178
Apr 27 22:04:43 ovpn sshd[18796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.52.240.178
Apr 27 22:04:46 ovpn sshd[18796]: Failed password for invalid user manny from 13.52.240.178 port 52676 ssh2
Apr 27 22:04:46 ovpn sshd[18796]: Received disconnect from 13.52.240.178 port 52676:11: Bye Bye [preauth]
Apr 27 22:04:46 ovpn sshd[18796]: Disconnected from 13.52.240.178 port 52676 [preauth]
Apr 27 22:11:02 ovpn sshd[20395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.52.240.178  user=r.r
Apr 27 22:11:05 ovpn sshd[20395]: Failed password for r.r from 13.52.240.178 port 46106 ssh2
Apr 27 22:11:05 ovpn sshd[20395]: Received disconnect from 13.52.240.178 port 46106:11: Bye Bye [preauth]
Apr 27 22:11:05 ovpn sshd[20395]: Disconnected from 13.52.240.178 port 46106 [preauth]

........
-----------------------------------------------
https://www.blocklist.de/

2020-04-28 06:10:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.52.240.208
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15709
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;13.52.240.208.			IN	A

;; AUTHORITY SECTION:
.			346	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:24:59 CST 2022
;; MSG SIZE  rcvd: 106

Host info

208.240.52.13.in-addr.arpa domain name pointer ec2-13-52-240-208.us-west-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
208.240.52.13.in-addr.arpa	name = ec2-13-52-240-208.us-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
83.97.20.49	attack	Mar 4 12:38:15 debian-2gb-nbg1-2 kernel: \[5581070.001776\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=83.97.20.49 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=38227 DPT=8889 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-04 20:03:58
106.13.96.222	attack	Invalid user update from 106.13.96.222 port 44716	2020-03-04 20:11:18
78.164.214.99	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-04 19:42:51
142.93.39.29	attack	$f2bV_matches	2020-03-04 19:39:23
218.92.0.178	attack	Mar 4 13:11:06 SilenceServices sshd[16373]: Failed password for root from 218.92.0.178 port 54881 ssh2 Mar 4 13:11:20 SilenceServices sshd[16373]: error: maximum authentication attempts exceeded for root from 218.92.0.178 port 54881 ssh2 [preauth] Mar 4 13:11:27 SilenceServices sshd[16477]: Failed password for root from 218.92.0.178 port 15849 ssh2	2020-03-04 20:20:39
115.75.82.50	attackbotsspam	1583297502 - 03/04/2020 05:51:42 Host: 115.75.82.50/115.75.82.50 Port: 445 TCP Blocked	2020-03-04 20:16:14
77.42.119.57	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-04 20:18:44
51.254.123.127	attackspambots	Mar 4 17:38:57 areeb-Workstation sshd[13519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.123.127 Mar 4 17:38:58 areeb-Workstation sshd[13519]: Failed password for invalid user onion from 51.254.123.127 port 45557 ssh2 ...	2020-03-04 20:21:34
150.136.211.71	attackspam	Mar 4 12:24:09 jane sshd[13221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.211.71 Mar 4 12:24:11 jane sshd[13221]: Failed password for invalid user azureuser from 150.136.211.71 port 43846 ssh2 ...	2020-03-04 19:52:20
104.248.153.158	attack	Mar 3 20:15:03 hpm sshd\[22260\]: Invalid user testing from 104.248.153.158 Mar 3 20:15:03 hpm sshd\[22260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.153.158 Mar 3 20:15:05 hpm sshd\[22260\]: Failed password for invalid user testing from 104.248.153.158 port 40690 ssh2 Mar 3 20:20:52 hpm sshd\[22794\]: Invalid user inpre from 104.248.153.158 Mar 3 20:20:52 hpm sshd\[22794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.153.158	2020-03-04 19:38:38
222.186.175.150	attack	k+ssh-bruteforce	2020-03-04 19:46:32
77.42.90.138	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-04 19:55:35
49.235.6.213	attackspambots	Mar 3 19:31:02 tdfoods sshd\[18074\]: Invalid user test from 49.235.6.213 Mar 3 19:31:02 tdfoods sshd\[18074\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.6.213 Mar 3 19:31:04 tdfoods sshd\[18074\]: Failed password for invalid user test from 49.235.6.213 port 54482 ssh2 Mar 3 19:39:17 tdfoods sshd\[18804\]: Invalid user laravel from 49.235.6.213 Mar 3 19:39:17 tdfoods sshd\[18804\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.6.213	2020-03-04 20:06:23
213.32.92.57	attackspambots	Mar 4 06:04:18 ks10 sshd[285890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57 Mar 4 06:04:21 ks10 sshd[285890]: Failed password for invalid user jira from 213.32.92.57 port 57988 ssh2 ...	2020-03-04 20:10:29
106.12.192.107	attackspam	Mar 4 06:57:56 NPSTNNYC01T sshd[19259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.107 Mar 4 06:57:57 NPSTNNYC01T sshd[19259]: Failed password for invalid user jenkins from 106.12.192.107 port 50690 ssh2 Mar 4 07:05:53 NPSTNNYC01T sshd[19810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.107 ...	2020-03-04 20:16:36

Recently Reported IPs

13.52.31.9	13.52.239.70	13.52.40.132	13.52.37.231
13.52.41.140	13.52.47.185	13.52.48.154	13.52.34.165
13.52.51.179	13.52.69.132	13.52.68.41	13.52.84.170
13.52.79.119	13.52.88.245	13.52.95.246	13.52.95.111
13.53.102.118	13.53.149.7	13.53.186.181	13.53.200.232