JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.40.190.91

13.40.190.91 was found in our database!

This IP was reported 108 times. Confidence of Abuse is 0%: ?

ISP	Amazon Data Services UK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-40-190-91.eu-west-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.40.190.91

Whois 13.40.190.91

IP Abuse Reports for 13.40.190.91:

This IP address has been reported a total of 108 times from 70 distinct sources. 13.40.190.91 was first reported on March 12th 2025, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2025-03-17 20:48:51 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 tecnicorioja	2025-03-16 23:01:00 (1 year ago)	(Mod_security) [16/Mar/2025:10:54:21.406577	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2025-03-16 20:48:53 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 geot	2025-03-16 12:30:26 (1 year ago)	GET /sftp-config.json HTTP/1.1 GET /.vscode/sftp.json HTTP/1.1	Hacking Web App Attack
🇦🇺 advena	2025-03-16 10:15:59 (1 year ago)	13.40.190.91 (AS16509 AMAZON-02) was intercepted at 2025-03-16T10:09:27Z after violating WAF directi ... show more 13.40.190.91 (AS16509 AMAZON-02) was intercepted at 2025-03-16T10:09:27Z after violating WAF directive: 874a3e315c344b1281ad4f00046aab6f. Pre-cautionary/corrective action applied: managed_challenge. show less	Web Spam Hacking Brute-Force Web App Attack
🇺🇸 Penny Packer	2025-03-16 10:07:08 (1 year ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 kosada.com	2025-03-16 09:30:50 (1 year ago)	Web vulnerability probing	Web App Attack
🇩🇪 XICTRON	2025-03-16 09:20:03 (1 year ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇬🇧 Aetherweb Ark	2025-03-16 08:12:35 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 13.40.190.91 (GB/United Kingdom/ec2-13-40-190-9 ... show more (mod_security) mod_security (id:210492) triggered by 13.40.190.91 (GB/United Kingdom/ec2-13-40-190-91.eu-west-2.compute.amazonaws.com): N in the last X secs show less	Web App Attack
🇯🇵 VXG-NET	2025-03-16 08:00:24 (1 year ago)	port=80, indicator_type=info-leak	Hacking
🇵🇱 sefinek.net	2025-03-16 08:00:22 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from GB. Action taken: BLOCK ASN: 16509 (AMAZON-02) Protoc ... show more Triggered Cloudflare WAF (firewallCustom) from GB. Action taken: BLOCK ASN: 16509 (AMAZON-02) Protocol: HTTP/1.1 (GET method) Endpoint: /.vscode/sftp.json Timestamp: 2025-03-16T06:57:50Z Ray ID: 92125bd0f96c63c1 UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇮 kumiko	2025-03-16 07:56:04 (1 year ago)	[2025-03-16 07:56:03] Probing for dotfiles "GET /.vscode/sftp.json HTTP/1.1" 301	Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-03-16 07:48:27 (1 year ago)	Cloudflare WAF: Request Path: /sftp-config.json Request Query: Host: ns2.elhacker.net userAgent: Mo ... show more Cloudflare WAF: Request Path: /sftp-config.json Request Query: Host: ns2.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Action: block Source: firewallManaged ASN Description: AMAZON-02 Country: GB Method: GET Timestamp: 2025-03-16T07:48:27Z ruleId: c2a2f414a67c409f90cccb6c5bba0215. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
Anonymous	2025-03-16 07:41:11 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
🇨🇿 ddw	2025-03-16 07:00:11 (1 year ago)	ModSecurity detection - Rules: 930130(Restricted File Access Attempt)	Web App Attack

Showing 1 to 15 of 108 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9634:4001

🇮🇳 164.52.202.196

🇺🇸 137.184.69.130

🇨🇳 121.235.69.99

🇻🇳 14.162.147.4

🇺🇸 2607:f8b0:4001:c61::124

🇺🇸 2604:a880:400:d1:0:4:9630:1001

🇨🇳 218.13.26.42

🇬🇧 185.56.45.50

🇨🇳 180.114.102.202

🇭🇰 152.32.130.155

🇨🇳 120.239.51.70

🇭🇰 103.230.240.59

🇫🇷 85.217.140.11

🇬🇧 51.195.244.28

🇩🇪 31.70.93.40

🇺🇸 18.190.15.50

🇺🇸 2a09:bac5:6d72:e3c::16b:135

🇭🇰 199.45.155.65

🇬🇧 198.244.226.240