13.55.207.90 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Australia

Internet Service Provider: Amazon Corporate Services Pty Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 13.55.207.90 to port 80 [T]	2020-02-01 21:40:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.55.207.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28508
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.55.207.90.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020101 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 01 21:40:11 CST 2020
;; MSG SIZE  rcvd: 116

Host info

90.207.55.13.in-addr.arpa domain name pointer ec2-13-55-207-90.ap-southeast-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
90.207.55.13.in-addr.arpa	name = ec2-13-55-207-90.ap-southeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.241.37.146	attack	Apr 14 11:34:22 our-server-hostname postfix/smtpd[3564]: connect from unknown[91.241.37.146] Apr x@x Apr 14 11:34:25 our-server-hostname postfix/smtpd[3564]: disconnect from unknown[91.241.37.146] Apr 14 12:55:09 our-server-hostname postfix/smtpd[15945]: connect from unknown[91.241.37.146] Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=91.241.37.146	2020-04-14 18:33:19
139.199.45.83	attackbots	Apr 14 11:59:46 DAAP sshd[11821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Apr 14 11:59:48 DAAP sshd[11821]: Failed password for root from 139.199.45.83 port 40578 ssh2 Apr 14 12:03:05 DAAP sshd[11871]: Invalid user hollings from 139.199.45.83 port 50604 Apr 14 12:03:06 DAAP sshd[11871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Apr 14 12:03:05 DAAP sshd[11871]: Invalid user hollings from 139.199.45.83 port 50604 Apr 14 12:03:07 DAAP sshd[11871]: Failed password for invalid user hollings from 139.199.45.83 port 50604 ssh2 ...	2020-04-14 18:49:10
110.77.238.148	attackspambots	1586837461 - 04/14/2020 06:11:01 Host: 110.77.238.148/110.77.238.148 Port: 445 TCP Blocked	2020-04-14 19:02:31
171.103.43.70	attack	Dovecot Invalid User Login Attempt.	2020-04-14 18:53:08
213.160.143.146	attackspambots	Apr 14 11:46:10 server sshd[15504]: Failed password for invalid user nagios from 213.160.143.146 port 8171 ssh2 Apr 14 11:50:30 server sshd[18531]: Failed password for root from 213.160.143.146 port 30193 ssh2 Apr 14 11:53:17 server sshd[20480]: Failed password for root from 213.160.143.146 port 56407 ssh2	2020-04-14 18:27:09
2.193.38.165	attackbots	Tried to find non-existing directory/file on the server	2020-04-14 18:48:45
104.238.94.60	attack	104.238.94.60 - - [14/Apr/2020:06:36:49 +0200] "POST /wp-login.php HTTP/1.0" 200 2504 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.238.94.60 - - [14/Apr/2020:06:36:51 +0200] "POST /wp-login.php HTTP/1.0" 200 2485 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-04-14 18:56:05
82.6.141.117	attack	2020-04-14T09:47:06.115845abusebot-8.cloudsearch.cf sshd[14785]: Invalid user mysql from 82.6.141.117 port 49036 2020-04-14T09:47:06.125426abusebot-8.cloudsearch.cf sshd[14785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpc69062-oxfd26-2-0-cust372.4-3.cable.virginm.net 2020-04-14T09:47:06.115845abusebot-8.cloudsearch.cf sshd[14785]: Invalid user mysql from 82.6.141.117 port 49036 2020-04-14T09:47:08.401841abusebot-8.cloudsearch.cf sshd[14785]: Failed password for invalid user mysql from 82.6.141.117 port 49036 ssh2 2020-04-14T09:51:50.645475abusebot-8.cloudsearch.cf sshd[15065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpc69062-oxfd26-2-0-cust372.4-3.cable.virginm.net user=root 2020-04-14T09:51:52.578144abusebot-8.cloudsearch.cf sshd[15065]: Failed password for root from 82.6.141.117 port 41482 ssh2 2020-04-14T09:55:33.882946abusebot-8.cloudsearch.cf sshd[15386]: pam_unix(sshd:auth): authentic ...	2020-04-14 18:26:37
182.61.178.66	attackspambots	Lines containing failures of 182.61.178.66 Apr 13 23:19:27 penfold postfix/smtpd[10508]: connect from unknown[182.61.178.66] Apr x@x Apr 13 23:19:29 penfold postfix/smtpd[10508]: disconnect from unknown[182.61.178.66] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Apr 13 23:19:34 penfold postfix/smtpd[11203]: connect from unknown[182.61.178.66] Apr x@x Apr 13 23:19:35 penfold postfix/smtpd[11203]: disconnect from unknown[182.61.178.66] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Apr 13 23:19:43 penfold postfix/smtpd[11205]: connect from unknown[182.61.178.66] Apr x@x Apr 13 23:19:44 penfold postfix/smtpd[11205]: disconnect from unknown[182.61.178.66] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Apr 13 23:19:48 penfold postfix/smtpd[11191]: connect from unknown[182.61.178.66] Apr x@x Apr 13 23:19:49 penfold postfix/smtpd[11191]: disconnect from unknown[182.61.178.66] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Apr 13 23:19:53 penfold postfix/smtpd[9043]: c........ ------------------------------	2020-04-14 18:52:45
119.96.172.174	attackspam	Apr 14 07:15:01 our-server-hostname postfix/smtpd[20944]: connect from unknown[119.96.172.174] Apr x@x Apr 14 07:15:03 our-server-hostname postfix/smtpd[20944]: disconnect from unknown[119.96.172.174] Apr 14 12:18:44 our-server-hostname postfix/smtpd[14495]: connect from unknown[119.96.172.174] Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=119.96.172.174	2020-04-14 18:27:30
177.125.207.191	attackspambots	Apr 14 13:30:08 our-server-hostname postfix/smtpd[27064]: connect from unknown[177.125.207.191] Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.125.207.191	2020-04-14 19:00:18
159.192.97.9	attackspam	$f2bV_matches	2020-04-14 18:32:25
49.247.214.61	attack	Bruteforce detected by fail2ban	2020-04-14 18:58:18
218.92.0.173	attack	04/14/2020-06:54:38.960953 218.92.0.173 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-14 19:05:08
222.186.42.137	attack	Unauthorized connection attempt detected from IP address 222.186.42.137 to port 22 [T]	2020-04-14 18:58:38

Recently Reported IPs

144.216.53.76	24.165.252.252	133.96.24.228	2607:f298:5:103f::90e:b4df
211.118.2.158	237.167.3.34	220.58.90.10	95.140.93.37
220.130.149.48	178.15.253.140	177.91.173.103	96.32.99.1
222.147.127.191	155.129.50.50	144.140.13.72	251.32.163.209
73.0.4.215	89.2.44.88	9.41.188.206	160.202.145.38