IP address

Search at other sites:

.00013.56.207.61ec2-13-56-207-61.us-west-1.compute.amazonaws.com

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de SSH

13.56.207.61 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2024-09-16 22:05:05.418000
Was present on blacklist at: 2024-09-15 04:05, 2024-09-15 10:05, 2024-09-15 16:05, 2024-09-15 22:05, 2024-09-16 04:05, 2024-09-16 10:05, 2024-09-16 16:05, 2024-09-16 22:05

Warden events (2)

2024-09-15

IntrusionUserCompromise (node.40929a): 1

2024-09-11

IntrusionUserCompromise (node.40929a): 1

Origin AS

AS16509 - AMAZON-02

BGP Prefix

13.56.0.0/16

geo

United States, San Jose

🕑 America/Los_Angeles

hostname

ec2-13-56-207-61.us-west-1.compute.amazonaws.com

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

13.56.0.0 - 13.59.255.255

last_activity

2024-09-15 23:26:21.632000

last_warden_event

2024-09-15 23:26:21.632000

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 2379, 4064, 6668, 8010, 11000, 18553, 27017, 50070

Tags: eol-product, database, self-signed, honeypot, cloud, compromised

CPEs: cpe:/a:atlassian:confluence, cpe:/a:jquery:jquery:3.5.1, cpe:/a:f5:nginx, cpe:/a:openssl:openssl:1.0.2k-fips, cpe:/a:oracle:jre

ts_added

2024-09-12 04:01:08.372000

ts_last_update

2024-09-29 04:01:11.098000

Warden event timeline

DShield event timeline

Presence on blacklists