13.55.158.64 - IPInfo

Basic Info

City: Sydney

Region: New South Wales

Country: Australia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.55.158.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5939
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.55.158.64.			IN	A

;; AUTHORITY SECTION:
.			330	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042601 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 07:09:52 CST 2020
;; MSG SIZE  rcvd: 116

Host info

64.158.55.13.in-addr.arpa domain name pointer ec2-13-55-158-64.ap-southeast-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
64.158.55.13.in-addr.arpa	name = ec2-13-55-158-64.ap-southeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
64.227.117.19	attack	[Tue May 05 16:15:10.377860 2020] [:error] [pid 10094:tid 140238167410432] [client 64.227.117.19:27102] [client 64.227.117.19] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XrEungaVaEMUdD3BO9vE@AAAALY"] ...	2020-05-06 00:51:55
113.141.166.197	attack	May 5 13:16:46 ift sshd\[34217\]: Invalid user barun from 113.141.166.197May 5 13:16:48 ift sshd\[34217\]: Failed password for invalid user barun from 113.141.166.197 port 38496 ssh2May 5 13:20:54 ift sshd\[35067\]: Invalid user mzy from 113.141.166.197May 5 13:20:57 ift sshd\[35067\]: Failed password for invalid user mzy from 113.141.166.197 port 32838 ssh2May 5 13:24:22 ift sshd\[35240\]: Failed password for root from 113.141.166.197 port 55398 ssh2 ...	2020-05-06 01:24:52
141.98.81.182	attackspam	05/05/2020-10:08:37.728116 141.98.81.182 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-06 01:23:32
89.154.4.249	attack	May 5 18:09:24 haigwepa sshd[32538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.154.4.249 May 5 18:09:27 haigwepa sshd[32538]: Failed password for invalid user lyt from 89.154.4.249 port 52260 ssh2 ...	2020-05-06 01:13:38
202.29.220.114	attackbotsspam	May 5 15:08:55 localhost sshd\[24688\]: Invalid user production from 202.29.220.114 port 52290 May 5 15:08:55 localhost sshd\[24688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.220.114 May 5 15:08:57 localhost sshd\[24688\]: Failed password for invalid user production from 202.29.220.114 port 52290 ssh2 ...	2020-05-06 01:17:51
113.173.194.253	attack	May 5 11:14:52 vpn01 sshd[26432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.173.194.253 May 5 11:14:55 vpn01 sshd[26432]: Failed password for invalid user admin from 113.173.194.253 port 49815 ssh2 ...	2020-05-06 01:11:02
45.76.183.235	attack	$f2bV_matches	2020-05-06 00:55:17
34.80.252.217	attackspam	Automatic report - XMLRPC Attack	2020-05-06 00:53:49
157.44.118.16	attackspam	Unauthorized connection attempt from IP address 157.44.118.16 on Port 445(SMB)	2020-05-06 00:49:51
103.99.17.100	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-06 01:24:28
51.75.73.211	attackbots	$f2bV_matches	2020-05-06 01:06:49
219.233.79.162	attackspam	2020-05-05T16:43:56.875836upcloud.m0sh1x2.com sshd[2454]: Invalid user emuser from 219.233.79.162 port 64777	2020-05-06 01:34:17
62.171.138.158	attack	$f2bV_matches	2020-05-06 00:57:19
187.12.167.85	attackbots	prod6 ...	2020-05-06 01:01:10
157.230.106.80	attackbotsspam	2020-05-05T19:09:38.904148vps773228.ovh.net sshd[25308]: Failed password for invalid user roberto from 157.230.106.80 port 45542 ssh2 2020-05-05T19:13:37.320699vps773228.ovh.net sshd[25361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.106.80 user=root 2020-05-05T19:13:39.718751vps773228.ovh.net sshd[25361]: Failed password for root from 157.230.106.80 port 57392 ssh2 2020-05-05T19:17:41.009776vps773228.ovh.net sshd[25456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.106.80 user=ftp 2020-05-05T19:17:42.570078vps773228.ovh.net sshd[25456]: Failed password for ftp from 157.230.106.80 port 41016 ssh2 ...	2020-05-06 01:30:24

Recently Reported IPs

166.21.126.168	104.145.82.149	116.203.191.76	67.255.61.36
243.61.139.26	86.102.8.252	82.175.70.251	6.12.224.177
78.0.207.197	91.213.193.231	61.134.205.130	113.161.151.29
119.61.231.73	91.87.16.141	79.198.153.225	185.143.72.58
223.229.134.173	191.87.47.89	66.154.111.169	8.8.228.117