13.57.252.112 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Blocked range because of multiple attacks in the past. @ 2019-07-30T12:10:47+02:00.	2019-08-02 05:07:18

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.57.252.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25008
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.57.252.112.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 02 05:07:13 CST 2019
;; MSG SIZE  rcvd: 117

Host info

112.252.57.13.in-addr.arpa domain name pointer ec2-13-57-252-112.us-west-1.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
112.252.57.13.in-addr.arpa	name = ec2-13-57-252-112.us-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.170.226.247	attack	Jun 29 13:35:46 vps sshd[993537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.170.226.247 user=root Jun 29 13:35:49 vps sshd[993537]: Failed password for root from 187.170.226.247 port 59022 ssh2 Jun 29 13:42:48 vps sshd[1029007]: Invalid user papa from 187.170.226.247 port 43054 Jun 29 13:42:48 vps sshd[1029007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.170.226.247 Jun 29 13:42:50 vps sshd[1029007]: Failed password for invalid user papa from 187.170.226.247 port 43054 ssh2 ...	2020-06-30 02:38:12
87.251.74.109	attack	Scanned 237 unique addresses for 203 unique TCP ports in 24 hours	2020-06-30 02:28:26
141.98.81.6	attackspam	2020-06-29T17:02:24.789073dmca.cloudsearch.cf sshd[3588]: Invalid user 1234 from 141.98.81.6 port 7682 2020-06-29T17:02:24.793934dmca.cloudsearch.cf sshd[3588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.6 2020-06-29T17:02:24.789073dmca.cloudsearch.cf sshd[3588]: Invalid user 1234 from 141.98.81.6 port 7682 2020-06-29T17:02:26.966387dmca.cloudsearch.cf sshd[3588]: Failed password for invalid user 1234 from 141.98.81.6 port 7682 ssh2 2020-06-29T17:02:39.255523dmca.cloudsearch.cf sshd[3656]: Invalid user user from 141.98.81.6 port 14608 2020-06-29T17:02:39.261069dmca.cloudsearch.cf sshd[3656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.6 2020-06-29T17:02:39.255523dmca.cloudsearch.cf sshd[3656]: Invalid user user from 141.98.81.6 port 14608 2020-06-29T17:02:41.162162dmca.cloudsearch.cf sshd[3656]: Failed password for invalid user user from 141.98.81.6 port 14608 ssh2 ...	2020-06-30 02:18:20
141.98.81.42	attackbots	nft/Honeypot/22/73e86	2020-06-30 02:18:02
210.5.85.150	attackbotsspam	Jun 29 17:55:56 ns381471 sshd[7850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.5.85.150 Jun 29 17:55:58 ns381471 sshd[7850]: Failed password for invalid user management from 210.5.85.150 port 48510 ssh2	2020-06-30 02:51:18
106.46.163.126	attack	2020-06-29 13:01:38,027 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:38 2020-06-29 13:01:38,028 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:38 2020-06-29 13:01:38,738 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:38 2020-06-29 13:01:38,739 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:38 2020-06-29 13:01:39,714 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:39 2020-06-29 13:01:39,715 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:39 2020-06-29 13:01:41,500 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:41 2020-06-29 13:01:41,512 fail2ban.filter [2207]: INFO [plesk-postfix] Found 106.46.163.126 - 2020-06-29 13:01:41 ........ -------------------------------	2020-06-30 02:21:40
58.56.32.238	attack	Jun 29 17:37:34 hosting sshd[6941]: Invalid user Qwerty1 from 58.56.32.238 port 6893 ...	2020-06-30 02:25:23
218.75.211.14	attack	Jun 29 11:55:41 rush sshd[13723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.211.14 Jun 29 11:55:43 rush sshd[13723]: Failed password for invalid user admin from 218.75.211.14 port 43794 ssh2 Jun 29 12:03:44 rush sshd[13822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.211.14 ...	2020-06-30 02:26:12
202.168.205.181	attackbots	SSH BruteForce Attack	2020-06-30 02:37:49
177.74.62.65	attackspambots	Lines containing failures of 177.74.62.65 Jun 29 13:01:29 MAKserver06 sshd[30801]: Did not receive identification string from 177.74.62.65 port 28150 Jun 29 13:01:32 MAKserver06 sshd[30803]: Invalid user guest from 177.74.62.65 port 7387 Jun 29 13:01:33 MAKserver06 sshd[30803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.74.62.65 Jun 29 13:01:35 MAKserver06 sshd[30803]: Failed password for invalid user guest from 177.74.62.65 port 7387 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.74.62.65	2020-06-30 02:51:38
188.162.41.251	attack	1593428869 - 06/29/2020 13:07:49 Host: 188.162.41.251/188.162.41.251 Port: 445 TCP Blocked	2020-06-30 02:21:04
217.148.212.142	attackbotsspam	Invalid user radware from 217.148.212.142 port 53330	2020-06-30 02:54:44
220.142.174.210	attackbotsspam	1593428837 - 06/29/2020 13:07:17 Host: 220.142.174.210/220.142.174.210 Port: 23 TCP Blocked	2020-06-30 02:45:20
212.129.57.201	attack	Jun 29 09:51:36 Tower sshd[3825]: refused connect from 120.131.3.144 (120.131.3.144) Jun 29 14:16:33 Tower sshd[3825]: Connection from 212.129.57.201 port 55374 on 192.168.10.220 port 22 rdomain "" Jun 29 14:16:38 Tower sshd[3825]: Invalid user hub from 212.129.57.201 port 55374 Jun 29 14:16:38 Tower sshd[3825]: error: Could not get shadow information for NOUSER Jun 29 14:16:38 Tower sshd[3825]: Failed password for invalid user hub from 212.129.57.201 port 55374 ssh2 Jun 29 14:16:38 Tower sshd[3825]: Received disconnect from 212.129.57.201 port 55374:11: Bye Bye [preauth] Jun 29 14:16:38 Tower sshd[3825]: Disconnected from invalid user hub 212.129.57.201 port 55374 [preauth]	2020-06-30 02:19:14
14.143.3.30	attack	$f2bV_matches	2020-06-30 02:43:54

Recently Reported IPs

188.165.192.220	112.50.200.122	212.91.125.90	36.73.138.158
2001:41d0:403:1652::	95.28.191.147	207.180.234.126	29.148.140.117
22.191.7.194	68.196.49.242	195.24.205.214	190.220.231.221
86.250.4.100	117.93.52.214	66.249.64.77	105.154.111.96
212.92.121.177	114.242.187.61	116.72.92.254	103.82.235.10