IP address


.94113.59.91.49ec2-13-59-91-49.us-east-2.compute.amazonaws.com
Shodan(more info)
Passive DNS
Tags: IP in hostname Scanner
IP blacklists
CI Army
13.59.91.49 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2024-10-11 02:50:01.073000
Was present on blacklist at: 2024-09-20 02:50, 2024-09-21 02:50, 2024-09-22 02:50, 2024-09-23 02:50, 2024-09-24 02:50, 2024-09-25 02:50, 2024-09-26 02:50, 2024-09-27 02:50, 2024-09-28 02:50, 2024-09-29 02:50, 2024-09-30 02:50, 2024-10-01 02:50, 2024-10-02 02:50, 2024-10-03 02:50, 2024-10-04 02:50, 2024-10-05 02:50, 2024-10-06 02:50, 2024-10-07 02:50, 2024-10-08 02:50, 2024-10-09 02:50, 2024-10-10 02:50, 2024-10-11 02:50
AbuseIPDB
13.59.91.49 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-10-11 04:00:00.375000
Was present on blacklist at: 2024-09-20 04:00, 2024-09-21 04:00, 2024-09-22 04:00, 2024-09-23 04:00, 2024-09-24 04:00, 2024-09-25 04:00, 2024-09-26 04:00, 2024-09-27 04:00, 2024-09-28 04:00, 2024-09-29 04:00, 2024-09-30 04:00, 2024-10-01 04:00, 2024-10-02 04:00, 2024-10-03 04:00, 2024-10-04 04:00, 2024-10-05 04:00, 2024-10-06 04:00, 2024-10-07 04:00, 2024-10-08 04:00, 2024-10-09 04:00, 2024-10-10 04:00, 2024-10-11 04:00
Turris greylist
13.59.91.49 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2024-10-11 21:15:00.300000
Was present on blacklist at: 2024-09-21 21:15, 2024-09-23 21:15, 2024-09-24 21:15, 2024-09-26 21:15, 2024-09-27 21:15, 2024-09-29 21:15, 2024-09-30 21:15, 2024-10-01 21:15, 2024-10-03 21:15, 2024-10-04 21:15, 2024-10-05 21:15, 2024-10-06 21:15, 2024-10-07 21:15, 2024-10-09 21:15, 2024-10-10 21:15, 2024-10-11 21:15
Warden events (12197)
2024-10-11
ReconScanning (node.368407): 204
ReconScanning (node.cfb4f7): 86
ReconScanning (node.4dc198): 198
ReconScanning (node.5f02e7): 3
2024-10-10
ReconScanning (node.cfb4f7): 141
ReconScanning (node.4dc198): 198
ReconScanning (node.368407): 201
ReconScanning (node.5f02e7): 5
2024-10-09
ReconScanning (node.4dc198): 181
ReconScanning (node.368407): 184
ReconScanning (node.cfb4f7): 55
ReconScanning (node.5f02e7): 5
2024-10-08
ReconScanning (node.4dc198): 224
ReconScanning (node.368407): 224
ReconScanning (node.cfb4f7): 68
ReconScanning (node.5f02e7): 5
2024-10-07
ReconScanning (node.4dc198): 207
ReconScanning (node.cfb4f7): 88
ReconScanning (node.368407): 205
ReconScanning (node.5f02e7): 5
2024-10-06
ReconScanning (node.cfb4f7): 51
ReconScanning (node.5f02e7): 6
ReconScanning (node.368407): 205
ReconScanning (node.4dc198): 203
2024-10-05
ReconScanning (node.cfb4f7): 104
ReconScanning (node.368407): 165
ReconScanning (node.4dc198): 164
ReconScanning (node.5f02e7): 5
2024-10-04
ReconScanning (node.368407): 229
ReconScanning (node.4dc198): 223
ReconScanning (node.cfb4f7): 195
ReconScanning (node.5f02e7): 4
2024-10-03
ReconScanning (node.368407): 195
ReconScanning (node.cfb4f7): 66
AnomalyTraffic (node.ffe95c): 2
ReconScanning (node.4dc198): 106
ReconScanning (node.5f02e7): 1
2024-10-02
ReconScanning (node.cfb4f7): 137
ReconScanning (node.4dc198): 87
ReconScanning (node.368407): 197
ReconScanning (node.5f02e7): 6
AnomalyTraffic (node.ffe95c): 1
2024-10-01
ReconScanning (node.4dc198): 175
ReconScanning (node.368407): 174
ReconScanning (node.cfb4f7): 83
ReconScanning (node.5f02e7): 5
2024-09-30
ReconScanning (node.4dc198): 167
ReconScanning (node.368407): 187
ReconScanning (node.cfb4f7): 81
ReconScanning (node.5f02e7): 6
2024-09-29
ReconScanning (node.4dc198): 179
ReconScanning (node.368407): 179
ReconScanning (node.cfb4f7): 68
ReconScanning (node.5f02e7): 8
2024-09-28
ReconScanning (node.cfb4f7): 53
ReconScanning (node.4dc198): 159
ReconScanning (node.368407): 164
ReconScanning (node.5f02e7): 4
2024-09-27
ReconScanning (node.4dc198): 196
ReconScanning (node.368407): 200
ReconScanning (node.cfb4f7): 194
ReconScanning (node.5f02e7): 3
2024-09-26
ReconScanning (node.368407): 156
ReconScanning (node.4dc198): 154
ReconScanning (node.cfb4f7): 129
AnomalyTraffic (node.ffe95c): 2
2024-09-25
ReconScanning (node.cfb4f7): 142
ReconScanning (node.368407): 226
ReconScanning (node.4dc198): 224
ReconScanning (node.5f02e7): 4
AnomalyTraffic (node.ffe95c): 10
2024-09-24
ReconScanning (node.cfb4f7): 1134
ReconScanning (node.368407): 206
ReconScanning (node.5f02e7): 7
ReconScanning (node.4dc198): 204
2024-09-23
ReconScanning (node.368407): 206
ReconScanning (node.4dc198): 204
AnomalyTraffic (node.ffe95c): 1
ReconScanning (node.5f02e7): 8
ReconScanning (node.cfb4f7): 606
2024-09-22
ReconScanning (node.368407): 221
ReconScanning (node.4dc198): 221
AnomalyTraffic (node.ffe95c): 3
ReconScanning (node.5f02e7): 6
2024-09-21
ReconScanning (node.4dc198): 183
ReconScanning (node.368407): 182
ReconScanning (node.5f02e7): 6
AnomalyTraffic (node.ffe95c): 4
2024-09-20
ReconScanning (node.4dc198): 181
ReconScanning (node.368407): 181
ReconScanning (node.5f02e7): 6
2024-09-19
ReconScanning (node.ce2b59): 6
ReconScanning (node.368407): 124
ReconScanning (node.4dc198): 124
ReconScanning (node.5f02e7): 2
DShield reports (IP summary, reports)
2024-09-19
Number of reports: 8874
Distinct targets: 6072
2024-09-20
Number of reports: 17602
Distinct targets: 11116
2024-09-21
Number of reports: 17807
Distinct targets: 11354
2024-09-22
Number of reports: 17059
Distinct targets: 10674
2024-09-23
Number of reports: 16821
Distinct targets: 10786
2024-09-24
Number of reports: 16884
Distinct targets: 10935
2024-09-25
Number of reports: 16719
Distinct targets: 10728
2024-09-26
Number of reports: 12496
Distinct targets: 8052
2024-09-27
Number of reports: 16766
Distinct targets: 10612
2024-09-28
Number of reports: 16278
Distinct targets: 10413
2024-09-29
Number of reports: 16916
Distinct targets: 10702
2024-09-30
Number of reports: 16333
Distinct targets: 10531
2024-10-01
Number of reports: 16433
Distinct targets: 10666
2024-10-02
Number of reports: 16367
Distinct targets: 10732
2024-10-03
Number of reports: 14605
Distinct targets: 9606
2024-10-04
Number of reports: 16972
Distinct targets: 11161
2024-10-05
Number of reports: 16741
Distinct targets: 10961
2024-10-06
Number of reports: 17080
Distinct targets: 11005
2024-10-07
Number of reports: 17153
Distinct targets: 11219
2024-10-08
Number of reports: 16878
Distinct targets: 11019
2024-10-09
Number of reports: 16916
Distinct targets: 10870
2024-10-10
Number of reports: 15242
Distinct targets: 9779
OTX pulses
[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot
Author name:georgengelmann
Pulse modified:2024-10-10 21:34:02.574000
Indicator created:2024-10-10 13:19:03
Indicator role:bruteforce
Indicator title:RDP intrusion attempt from ec2-13-59-91-49.us-east-2.compute.amazonaws.com port 50022
Indicator expiration:2024-11-09 13:00:00
Origin AS
AS16509 - AMAZON-02
BGP Prefix
13.58.0.0/15
geo
United States, Columbus
🕑 America/New_York
hostname
ec2-13-59-91-49.us-east-2.compute.amazonaws.com
hostname_class
['ip_in_hostname']
Address block ('inetnum' or 'NetRange' in whois database)
13.56.0.0 - 13.59.255.255
last_activity
2024-10-11 23:57:39
last_warden_event
2024-10-11 23:57:39
rep
0.9407738095238094
reserved_range
0
ts_added
2024-09-19 12:17:02.703000
ts_last_update
2024-10-11 23:57:45.790000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses