JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.59.27.105

13.59.27.105 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 80%: ?

80%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-59-27-105.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.59.27.105

Whois 13.59.27.105

IP Abuse Reports for 13.59.27.105:

This IP address has been reported a total of 17 times from 16 distinct sources. 13.59.27.105 was first reported on June 6th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 anon333	2026-06-06 20:36:06 (4 days ago)	Invalid HTTP port 80 probes to server T1636	Hacking Exploited Host
🇬🇧 knock	2026-06-06 19:48:27 (4 days ago)	Knock-Knock honeypot brute-force: proto8 (5 total hits)	Brute-Force
🇵🇱 sledzik1984	2026-06-06 19:47:54 (4 days ago)	13.59.27.105 - - [06/Jun/2026:21:45:40 +0200] "\x03\x00\x00+&\xE0\x00\x00\x00\x00\x00Cookie: mstshas ... show more 13.59.27.105 - - [06/Jun/2026:21:45:40 +0200] "\x03\x00\x00+&\xE0\x00\x00\x00\x00\x00Cookie: mstshash=zgrab" 400 157 "-" "-" 13.59.27.105 - - [06/Jun/2026:21:46:46 +0200] "\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xDF\x8D\xF9\xBE\x1F\x07\xFB)\xD0\x02\xB2\xA4\xDB\x1C%\xA93\x8D\x9C\xBA\xC3TG" 400 157 "-" "-" 13.59.27.105 - - [06/Jun/2026:21:47:54 +0200] "\x16\x03\x01\x01\x00\x01\x00\x00\xFC\x03\x03SI\xDA\x19\xEB\xB4\x90I\xD6[\x96\x1C\x97e\xF1\xEC\x7F\xA1\xA8\xF0\xF3*\xD9\x02J?\xBF\x13\x87\xCAz\xE1 5\|}\xFC\xF1\xAE\x18\xE6\xB7\x9E\xE4\x19X\xC0P\xBE\x1F\x9D\x91\xB5\xA6\x11;\xCD\xC7\xAC\xE4V\xAC\xDD\x8C$\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0" 400 157 "-" "-" ... show less	Web App Attack
🇺🇸 xxkodedxx	2026-06-06 19:46:28 (4 days ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10m window. Origin: US / AS16509 Amazon.com, Inc. Active: 19:45:23→19:46:27 UTC Volume: 1 HTTP req Probed: / Status mix: 444×1 Vhost fishing: 67.217.240.72 UA: "visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-06 19:45:57 (4 days ago)	Web vulnerability probing: / (bogus vhost/SNI)	Web App Attack
🇮🇹 abuseiphack	2026-06-06 19:45:57 (4 days ago)	Automatic report for brute force attack	Web App Attack
🇺🇸 nyt	2026-06-06 19:45:39 (4 days ago)	Empty UA + error, Unusual user agent for a scan request	Bad Web Bot Web App Attack
🇮🇹 sssrit	2026-06-06 19:44:58 (4 days ago)	13.59.27.105 - - [06/Jun/2026:21:44:06 +0200] "\x03\x00\x00+&\xE0\x00\x00\x00\x00\x00Cookie: mstshas ... show more 13.59.27.105 - - [06/Jun/2026:21:44:06 +0200] "\x03\x00\x00+&\xE0\x00\x00\x00\x00\x00Cookie: mstshash=zgrab" 400 150 "-" "-" 13.59.27.105 - - [06/Jun/2026:21:44:29 +0200] "\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03\xFD\xE0.rik\xDE\x09\xC3\x1A\xD6l\xE2\xCA\x8E\xBDJ\x88c\xED\xAB," 400 150 "-" "-" 13.59.27.105 - - [06/Jun/2026:21:44:58 +0200] "\x16\x03\x01\x01\x00\x01\x00\x00\xFC\x03\x03\xD0\xD1G\x97\x02H\xC5\x95.\xE8q\xB2\xBD\xC9\x8AN^1P}\x8B\x00\x14\xA2\xEFO\xA3\x1E^\xB4MP \xA1\x90\xBC?%\xE8\xEAJ2\xD5~0\x22\x09po\xE5\xDA\x178J\xA6\xAF\x9B\xDE}sD\xD4+\x06\x00&\xCC\xA8\xCC\xA9\xC0/\xC00\xC0+\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0" 400 150 "-" "-" ... show less	Brute-Force
🇺🇸 kosada.com	2026-06-06 19:44:49 (4 days ago)	Web vulnerability probing (bogus request)	Web App Attack
🇫🇷 GoodOldTOS	2026-06-06 19:44:31 (4 days ago)	Unexpected binary data sent to an endpoint	Hacking Bad Web Bot
🇦🇱 router.al	2026-06-06 19:44:24 (4 days ago)	06/06/2026-19:44:24.656174 13.59.27.105 Protocol: 6 ET SCAN MS Terminal Server Traffic on Non-standa ... show more 06/06/2026-19:44:24.656174 13.59.27.105 Protocol: 6 ET SCAN MS Terminal Server Traffic on Non-standard Port show less	Port Scan
🇨🇭 GAS	2026-06-06 19:44:16 (4 days ago)	Direct IP access. 13.59.27.105 - - [06/Jun/2026:21:44:00 +0200] "\x03" 400 392 "-" "-" "-" "-" 13.59 ... show more Direct IP access. 13.59.27.105 - - [06/Jun/2026:21:44:00 +0200] "\x03" 400 392 "-" "-" "-" "-" 13.59.27.105 - - [06/Jun/2026:21:44:15 +0200] "GET / HTTP/1.1" 402 2760 "-" "visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36" "REDACTED" "" ... show less	Port Scan Web App Attack
Anonymous	2026-06-06 19:44:10 (4 days ago)	malformed/TLS-on-HTTP probe	Web App Attack
🇧🇪 loloji	2026-06-06 19:44:04 (4 days ago)	Malformed HTTP requests (scanning/probing) detected by Fail2Ban [jail: nginx-bad-request]. Origin: D ... show more Malformed HTTP requests (scanning/probing) detected by Fail2Ban [jail: nginx-bad-request]. Origin: Dublin, United States (Amazon.com, Inc.). show less	Brute-Force Web App Attack
🇨🇿 sajmon0011	2026-06-06 19:43:57 (4 days ago)	13.59.27.105 - - [06/Jun/2026:21:43:57 +0200] "\x03" 400 226 "-" "-" ...	Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.226.197.48

🇫🇮 147.185.133.210

🇨🇳 123.173.5.4

🇺🇸 107.150.105.116

🇮🇳 59.145.160.134

🇨🇳 27.128.170.160

🇰🇷 222.236.155.146

🇲🇽 186.96.145.241

🇳🇱 176.65.139.239

🇳🇱 176.65.139.236

🇳🇱 176.65.139.235

🇨🇳 171.36.7.133

🇳🇱 45.148.10.147

🇮🇷 37.255.220.246

🇺🇸 18.97.5.27

🇨🇳 1.24.16.5

🇮🇳 223.185.24.100

🇯🇴 212.34.19.167

🇺🇸 165.154.163.133

🇺🇸 109.105.209.15