JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.212.81.92

13.212.81.92 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-212-81-92.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.212.81.92

Whois 13.212.81.92

IP Abuse Reports for 13.212.81.92:

This IP address has been reported a total of 47 times from 34 distinct sources. 13.212.81.92 was first reported on November 30th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Axel	2026-06-13 00:00:41 (1 hour ago)	Blocked by Fail2Ban. Flagged by jail recidive \| UK-01	Brute-Force
Anonymous	2026-06-12 17:37:27 (8 hours ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇮🇱 spd.co.il	2026-06-12 17:01:35 (8 hours ago)	Web application attack detected	Hacking Web App Attack
Anonymous	2026-06-12 16:29:49 (9 hours ago)	13.212.81.92 detected on srv01	Brute-Force
🇩🇪 Ba-Yu	2026-06-12 14:44:55 (10 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇦🇺 AWW-Admin	2026-06-12 12:04:30 (13 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 13.212.81.92 (SG/Singapore/ec2-13-212-8 ... show more (mod_security) mod_security triggered on hostname [redacted] 13.212.81.92 (SG/Singapore/ec2-13-212-81-92.ap-southeast-1.compute.amazonaws.com) show less	SQL Injection
Anonymous	2026-06-12 12:03:40 (13 hours ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
🇩🇪 todix	2026-06-12 11:43:25 (14 hours ago)	Web App Attack Exploid from 13.212.81.92	Web App Attack
🇫🇷 andreighitan	2026-06-12 11:15:16 (14 hours ago)	Coordinated attack against 84.46.253.134. Webshell scanning, PHPUnit RCE (CVE-2017-9841), credential ... show more Coordinated attack against 84.46.253.134. Webshell scanning, PHPUnit RCE (CVE-2017-9841), credential harvesting (secrets.yml, google-services.json, .git). Active June 12 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Web App Attack Brute-Force
🇳🇱 tmiland	2026-06-12 11:13:47 (14 hours ago)	(nginx_404) Dot directory Honeypot Trap 13.212.81.92 (SG/Singapore/ec2-13-212-81-92.ap-southeast-1.c ... show more (nginx_404) Dot directory Honeypot Trap 13.212.81.92 (SG/Singapore/ec2-13-212-81-92.ap-southeast-1.compute.amazonaws.com): 2 in the last 3600 secs; IP: 13.212.81.92; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 13.212.81.92 - - [12/Jun/2026:13:13:46 +0200] "GET /.env.backup HTTP/1.1" 404 2992 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" 13.212.81.92 - - [12/Jun/2026:13:13:46 +0200] "GET /.env.dist HTTP/1.1" 404 2992 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" show less	Brute-Force
🇸🇬 Cloudkul Cloudkul	2026-06-12 11:13:17 (14 hours ago)	Attempted Not Found (404 status code) requests on our application, more than 30% of their total requ ... show more Attempted Not Found (404 status code) requests on our application, more than 30% of their total requests. show less	Brute-Force Web App Attack
🇩🇪 piticu iuli	2026-06-12 11:02:45 (14 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 13.212.81.92 (SG/Singapore/ec2-13-212-8 ... show more (mod_security) mod_security triggered on hostname [redacted] 13.212.81.92 (SG/Singapore/ec2-13-212-81-92.ap-southeast-1.compute.amazonaws.com) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-12 10:53:03 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 13.212.81.92 (ec2-13-212-81-92.ap-southeast-1.c ... show more (mod_security) mod_security (id:210492) triggered by 13.212.81.92 (ec2-13-212-81-92.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:52:57.833848 2026] [security2:error] [pid 1195:tid 1269] [client 13.212.81.92:37370] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.sh2.lol"] [uri "/.env"] [unique_id "aivlCdl0Cl57ZPLp6PtqfwAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 10:36:51 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 13.212.81.92 (ec2-13-212-81-92.ap-southeast-1.c ... show more (mod_security) mod_security (id:210492) triggered by 13.212.81.92 (ec2-13-212-81-92.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:36:45.335893 2026] [security2:error] [pid 10773:tid 10773] [client 13.212.81.92:39988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.lemay.design"] [uri "/.env.production"] [unique_id "aivhPUVHeWK9DaW9iBrtlAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 10:07:43 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 13.212.81.92 (ec2-13-212-81-92.ap-southeast-1.c ... show more (mod_security) mod_security (id:210492) triggered by 13.212.81.92 (ec2-13-212-81-92.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:07:37.023388 2026] [security2:error] [pid 4122:tid 4122] [client 13.212.81.92:32820] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.asiabeef.network"] [uri "/.env.dev"] [unique_id "aivaacqQNXlbcErwkqre-wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.105

🇲🇽 187.191.48.9

🇵🇰 182.191.83.123

🇵🇱 149.50.96.175

🇮🇩 103.179.252.171

🇺🇸 66.132.186.224

🇨🇳 49.64.85.138

🇭🇰 47.83.213.125

🇬🇧 35.203.211.93

🇺🇸 205.210.31.102

🇭🇰 199.45.155.86

🇧🇪 198.235.24.227

🇰🇷 182.210.76.170

🇨🇳 180.76.239.185

🇺🇸 147.185.132.87

🇩🇪 69.5.169.118

🇺🇸 66.132.172.177

🇰🇪 41.60.144.202

🇺🇸 24.255.8.47

🇺🇸 20.64.105.41