54.205.13.1 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.205.13.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50061
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.205.13.1.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090100 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 14:13:28 CST 2020
;; MSG SIZE  rcvd: 115

Host info

1.13.205.54.in-addr.arpa domain name pointer ec2-54-205-13-1.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.13.205.54.in-addr.arpa	name = ec2-54-205-13-1.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.37.83	attackspam	Port scan: Attack repeated for 24 hours	2020-03-31 16:38:01
89.159.142.235	attack	$f2bV_matches	2020-03-31 17:18:29
159.203.241.101	attackbots	xmlrpc attack	2020-03-31 17:10:57
138.197.186.199	attack	Mar 31 10:18:53 amit sshd\[12589\]: Invalid user xm from 138.197.186.199 Mar 31 10:18:53 amit sshd\[12589\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.186.199 Mar 31 10:18:55 amit sshd\[12589\]: Failed password for invalid user xm from 138.197.186.199 port 55572 ssh2 ...	2020-03-31 17:13:55
198.20.99.130	attack	Unauthorized connection attempt detected from IP address 198.20.99.130 to port 3838	2020-03-31 16:49:33
94.102.56.215	attackbots	94.102.56.215 was recorded 22 times by 12 hosts attempting to connect to the following ports: 2049,2152. Incident counter (4h, 24h, all-time): 22, 133, 9331	2020-03-31 16:56:40
139.59.161.78	attackspam	Mar 31 07:17:37 master sshd[11601]: Failed password for root from 139.59.161.78 port 54010 ssh2 Mar 31 07:24:18 master sshd[11623]: Failed password for root from 139.59.161.78 port 47900 ssh2 Mar 31 07:27:48 master sshd[11639]: Failed password for root from 139.59.161.78 port 61083 ssh2 Mar 31 07:31:33 master sshd[11670]: Failed password for root from 139.59.161.78 port 19105 ssh2 Mar 31 07:35:13 master sshd[11690]: Failed password for root from 139.59.161.78 port 32214 ssh2 Mar 31 07:38:59 master sshd[11712]: Failed password for root from 139.59.161.78 port 45315 ssh2 Mar 31 07:42:39 master sshd[11730]: Failed password for root from 139.59.161.78 port 58414 ssh2 Mar 31 07:46:10 master sshd[11761]: Failed password for root from 139.59.161.78 port 16564 ssh2 Mar 31 07:49:50 master sshd[11783]: Failed password for invalid user weixiaoxian from 139.59.161.78 port 29733 ssh2 Mar 31 07:53:22 master sshd[11805]: Failed password for invalid user admin from 139.59.161.78 port 42880 ssh2	2020-03-31 17:19:40
151.101.207.50	attackbotsspam	port	2020-03-31 17:13:05
180.168.141.246	attack	Mar 31 08:47:33 *** sshd[8957]: User root from 180.168.141.246 not allowed because not listed in AllowUsers	2020-03-31 17:10:42
112.90.197.66	attackspam	firewall-block, port(s): 6379/tcp	2020-03-31 16:35:21
116.255.174.165	attack	Mar 31 03:44:53 dallas01 sshd[3653]: Failed password for root from 116.255.174.165 port 56941 ssh2 Mar 31 03:50:37 dallas01 sshd[4697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.174.165 Mar 31 03:50:38 dallas01 sshd[4697]: Failed password for invalid user xc from 116.255.174.165 port 56438 ssh2	2020-03-31 17:21:39
185.176.27.42	attackspambots	Mar 31 10:44:16 debian-2gb-nbg1-2 kernel: \[7903309.817944\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=62027 PROTO=TCP SPT=53073 DPT=2462 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-31 16:51:06
80.82.77.139	attackbots	Unauthorized connection attempt detected from IP address 80.82.77.139 to port 37	2020-03-31 16:40:24
2601:589:4480:a5a0:7dd7:9a45:d088:7653	attack	IP address logged by my Netflix account after the individual hacked into and locked me out of my account. Individual also changed my account settings to the most expensive plan, which allows multiple people (profiles) to watch, and several profiles were added. The name on my account was changed to "Juan". I contacted Netflix to have my account restored, so I was able to see the various IP addresses used. I will report all of them as well.	2020-03-31 17:14:40
51.38.213.132	attack	ssh brute force	2020-03-31 17:16:16

Recently Reported IPs

178.62.219.196	17.164.138.99	92.154.110.8	42.40.215.56
186.167.250.226	162.142.125.33	46.183.132.63	45.165.214.241
185.81.157.132	96.3.82.185	46.21.212.134	145.249.252.41
220.7.159.138	68.12.76.11	206.116.150.226	88.230.97.239
38.94.106.245	104.80.206.74	163.207.148.51	107.11.194.200