JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.201.55.222

13.201.55.222 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 45%: ?

45%

ISP	Amazon Data Services India
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-201-55-222.ap-south-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.201.55.222

Whois 13.201.55.222

IP Abuse Reports for 13.201.55.222:

This IP address has been reported a total of 7 times from 7 distinct sources. 13.201.55.222 was first reported on June 3rd 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 0x44	2026-06-03 04:49:57 (2 days ago)	Abusive host detected * Attempt to access sensitive files	Web App Attack Hacking
🇳🇱 tmiland	2026-06-03 04:22:17 (2 days ago)	(nginx_404) Dot directory Honeypot Trap 13.201.55.222 (IN/India/ec2-13-201-55-222.ap-south-1.compute ... show more (nginx_404) Dot directory Honeypot Trap 13.201.55.222 (IN/India/ec2-13-201-55-222.ap-south-1.compute.amazonaws.com): 2 in the last 3600 secs; IP: 13.201.55.222; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 13.201.55.222 - - [03/Jun/2026:06:22:15 +0200] "GET /.env HTTP/1.1" 404 11089 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 13.201.55.222 - - [03/Jun/2026:06:22:15 +0200] "GET /.env.local HTTP/1.1" 404 11085 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" show less	Brute-Force
🇩🇪 Blexyel	2026-06-03 04:10:04 (2 days ago)	13.201.55.222 - - [03/Jun/2026:06:10:04 +0200] "GET /.git/config HTTP/1.1" 200 2116 "-" "Mozilla/5.0 ... show more 13.201.55.222 - - [03/Jun/2026:06:10:04 +0200] "GET /.git/config HTTP/1.1" 200 2116 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇫🇷 phoenix1jl96	2026-06-03 04:03:53 (2 days ago)	2026/06/03 06:03:21 [error] 609460#609460: 641582 open() "/home/user-data/www/default/mailer/.env" ... show more 2026/06/03 06:03:21 [error] 609460#609460: 641582 open() "/home/user-data/www/default/mailer/.env" failed (2: No such file or directory), client: 13.201.55.222, server: autoconfig.test.ledemon.us, request: "GET /mailer/.env HTTP/1.1", host: "autoconfig.test.ledemon.us" 2026/06/03 06:03:22 [error] 609460#609460: *641582 open() "/usr/local/lib/roundcubemail/.env" failed (2: No such file or directory), client: 13.201.55.222, server: autoconfig.test.ledemon.us, request: "GET /mail/.env HTTP/1.1", host: "autoconfig.test.ledemon.us" ... show less	DNS Compromise DNS Poisoning DDoS Attack Ping of Death Web Spam Email Spam Blog Spam Port Scan Hacking Brute-Force Bad Web Bot SSH Web App Attack
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-06-03 03:43:13 (2 days ago)	[Tue Jun 02 21:43:03.437434 2026] [authz_core:error] [pid 471916:tid 140228123682368] [client 13.201 ... show more [Tue Jun 02 21:43:03.437434 2026] [authz_core:error] [pid 471916:tid 140228123682368] [client 13.201.55.222:33528] AH01630: client denied by server configuration: /var/www/horde/.env.bak [Tue Jun 02 21:43:12.544549 2026] [authz_core:error] [pid 471916:tid 140227721029184] [client 13.201.55.222:33528] AH01630: client denied by server configuration: /var/www/horde/.env.dist [Tue Jun 02 21:43:12.784117 2026] [authz_core:error] [pid 471916:tid 140229306463808] [client 13.201.55.222:33528] AH01630: client denied by server configuration: /var/www/horde/.env.swp ... show less	Bad Web Bot
Anonymous	2026-06-03 03:33:52 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇨🇭 ca	2026-06-03 03:07:49 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇲 217.113.30.139

🇧🇪 198.235.24.205

🇳🇱 195.178.110.30

🇵🇰 182.183.181.12

🇷🇺 178.155.124.176

🇰🇿 178.91.86.2

🇰🇿 178.90.226.246

🇹🇭 171.100.206.135

🇳🇱 168.235.125.60

🇺🇸 165.22.131.64

🇰🇿 149.27.135.66

🇺🇸 147.182.247.10

🇨🇳 111.55.170.76

🇷🇺 109.163.218.124

🇰🇿 92.49.219.179

🇺🇸 91.230.168.138

🇨🇳 39.64.133.22

🇰🇿 5.63.97.62

🇺🇸 3.134.80.28

🇩🇪 213.209.159.56