13.124.153.64 - IPInfo

Basic Info

City: Incheon

Region: Incheon

Country: South Korea

Internet Service Provider: AWS Asia Pacific (Seoul) Region

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5412f78e9b10a14c \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: KR \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Safari/605.1.15 \| CF_DC: ICN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:54:01

Type

Details

Datetime

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5412f78e9b10a14c | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: KR | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Safari/605.1.15 | CF_DC: ICN. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:54:01

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.124.153.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6073
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.124.153.64.			IN	A

;; AUTHORITY SECTION:
.			266	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 02:53:58 CST 2019
;; MSG SIZE  rcvd: 117

Host info

64.153.124.13.in-addr.arpa domain name pointer ec2-13-124-153-64.ap-northeast-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
64.153.124.13.in-addr.arpa	name = ec2-13-124-153-64.ap-northeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.98.193	attackbots	bruteforce detected	2020-10-05 22:20:32
182.112.50.135	attack	SSH login attempts.	2020-10-05 22:36:40
122.51.10.222	attackbotsspam	Oct 5 10:03:33 lanister sshd[3967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.10.222 user=root Oct 5 10:03:35 lanister sshd[3967]: Failed password for root from 122.51.10.222 port 40990 ssh2 Oct 5 10:06:18 lanister sshd[4012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.10.222 user=root Oct 5 10:06:20 lanister sshd[4012]: Failed password for root from 122.51.10.222 port 40936 ssh2	2020-10-05 22:21:55
220.86.37.149	attackspambots	TCP (SYN) 220.86.37.149:38433 -> port 23, len 40	2020-10-05 22:39:42
210.245.89.247	attack	Found on CINS badguys / proto=6 . srcport=53269 . dstport=8443 . (2274)	2020-10-05 22:01:27
82.23.78.27	attackbots	Email rejected due to spam filtering	2020-10-05 22:02:38
31.181.127.23	attack	445/tcp 445/tcp [2020-10-04]2pkt	2020-10-05 22:21:12
201.163.1.66	attack	SSH brute-force attack detected from [201.163.1.66]	2020-10-05 22:12:34
124.156.103.155	attack	Oct 5 15:20:48 DAAP sshd[16375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.103.155 user=root Oct 5 15:20:50 DAAP sshd[16375]: Failed password for root from 124.156.103.155 port 50378 ssh2 Oct 5 15:26:35 DAAP sshd[16441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.103.155 user=root Oct 5 15:26:36 DAAP sshd[16441]: Failed password for root from 124.156.103.155 port 56064 ssh2 Oct 5 15:28:01 DAAP sshd[16462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.103.155 user=root Oct 5 15:28:03 DAAP sshd[16462]: Failed password for root from 124.156.103.155 port 49258 ssh2 ...	2020-10-05 22:40:56
163.27.176.178	attackbots	2020-10-05 08:36:41.553454-0500 localhost screensharingd[93897]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 163.27.176.178 :: Type: VNC DES	2020-10-05 22:14:28
182.176.167.172	attackbots	Unauthorised access (Oct 4) SRC=182.176.167.172 LEN=40 TOS=0x10 PREC=0x40 TTL=53 ID=3635 TCP DPT=23 WINDOW=1970 SYN	2020-10-05 22:09:49
218.92.0.249	attackspam	Oct 5 16:09:52 abendstille sshd\[11253\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.249 user=root Oct 5 16:09:54 abendstille sshd\[11253\]: Failed password for root from 218.92.0.249 port 48093 ssh2 Oct 5 16:09:58 abendstille sshd\[11253\]: Failed password for root from 218.92.0.249 port 48093 ssh2 Oct 5 16:13:44 abendstille sshd\[15923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.249 user=root Oct 5 16:13:46 abendstille sshd\[15923\]: Failed password for root from 218.92.0.249 port 47278 ssh2 ...	2020-10-05 22:36:20
178.164.190.69	attackspam	5555/tcp [2020-10-04]1pkt	2020-10-05 22:40:42
58.87.78.80	attackspambots	prod11 ...	2020-10-05 22:03:48
112.85.42.117	attackspambots	sshd: Failed password for .... from 112.85.42.117 port 12234 ssh2 (6 attempts)	2020-10-05 22:12:53

Recently Reported IPs

140.147.194.112	222.94.195.60	13.94.136.19	221.13.12.16
31.26.136.24	221.11.4.157	144.228.168.35	86.149.123.109
39.50.68.158	219.77.212.157	90.120.6.7	64.41.85.111
87.145.200.172	195.236.233.71	182.245.7.29	188.89.6.122
54.251.10.98	182.138.158.157	69.171.197.238	182.88.78.241