IP address 13.239.161.156 has been flagged in 220 abuse reports across 12 independent threat intelligence sources, resulting in a threat score of 100.0/100 (critical risk). The primary activity associated with this IP is aggregated threat, along with attacks, brute force, high threat, malware c2, moderate threat, severe abuse, spam, suspicious activity, web attack, web brute force.
This IP is geolocated in Australia (Sydney) and belongs to the network Amazon.com, Inc. (AS16509). Reports span from 2025-10-13 to 2025-12-20.
Assessment: With 220 abuse reports, 13.239.161.156 shows persistent malicious activity that has been flagged by multiple threat intelligence feeds. The activity pattern and multi-source corroboration indicate this is a genuine threat that warrants immediate blocking at the firewall level. This IP belongs to Amazon.com, Inc., a major cloud/hosting provider — the malicious activity likely originates from a compromised or rented virtual server rather than the provider's own infrastructure.