AbuseIPDB » 13.213.38.228

13.213.38.228 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 30%: ?

30%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-213-38-228.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 13.213.38.228

Whois 13.213.38.228

IP Abuse Reports for 13.213.38.228:

This IP address has been reported a total of 22 times from 13 distinct sources. 13.213.38.228 was first reported on May 3rd 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
chronos	2025-05-05 06:43:33 (1 month ago)	[AUTORAVALT][[05/05/2025 - 03:43:33 -03:00 UTC] Attack from [Amazon Technologies Inc.] [ ... show more[AUTORAVALT][[05/05/2025 - 03:43:33 -03:00 UTC] Attack from [Amazon Technologies Inc.] [13.213.38.228][ec2-13-213-38-228.ap-southeast-1.compute.amazonaws.com] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
chronos	2025-05-05 06:17:41 (1 month ago)	[AUTORAVALT][[05/05/2025 - 03:17:40 -03:00 UTC] Attack from [Amazon Technologies Inc.] [ ... show more[AUTORAVALT][[05/05/2025 - 03:17:40 -03:00 UTC] Attack from [Amazon Technologies Inc.] [13.213.38.228][ec2-13-213-38-228.ap-southeast-1.compute.amazonaws.com] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
[email protected]	2025-05-04 12:18:35 (1 month ago)	Brute force 82 attempts	DDoS Attack SQL Injection Brute-Force SSH
polycoda	2025-05-04 12:02:45 (1 month ago)	📂 Probes for backup files such as: content.zip, arc.zip, new.zip, data.zip, temp.zip, main.zip, b ... show more📂 Probes for backup files such as: content.zip, arc.zip, new.zip, data.zip, temp.zip, main.zip, backup.zip, back.zip, old.zip, pack.zip, docs.zip, html.zip, www.zip, www1.zip, website.zip, web.zip, wp-config.php.zip, public_html.zip, #domainmiddle#.zip or #domainunderline#.zip show less	Hacking Web App Attack
Gabriel Camargo	2025-05-04 11:36:09 (1 month ago)	13.213.38.228 - - [04/May/2025:06:36:08 -0500] "GET /conf/conf.zip HTTP/1.1" 301 178 "-" "Mozilla/5. ... show more13.213.38.228 - - [04/May/2025:06:36:08 -0500] "GET /conf/conf.zip HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 13.213.38.228 - - [04/May/2025:06:36:08 -0500] "GET /old.zip HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 13.213.38.228 - - [04/May/2025:06:36:08 -0500] "GET /db_backup.zip HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" ... show less	Brute-Force SSH
mnsf	2025-05-04 09:05:07 (1 month ago)	Request Overload (164)	Brute-Force Web App Attack
Anonymous	2025-05-04 06:37:04 (1 month ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
eyesilyurt	2025-05-04 05:23:39 (1 month ago)	a- login authenticator failed Incorrect authentication data	Brute-Force SSH
eyesilyurt	2025-05-04 02:09:33 (1 month ago)	n- login authenticator failed Incorrect authentication data	Brute-Force SSH
jcbriar	2025-05-04 00:02:10 (1 month ago)	Searching for vulnerable scripts	Hacking Web App Attack
ISPLtd	2025-05-03 23:57:47 (1 month ago)	May 3 17:57:47 SRC=13.213.38.228 PROTO=TCP SPT=44604 DPT=80 SYN May 3 17:57:47 SRC=13.213.38 ... show moreMay 3 17:57:47 SRC=13.213.38.228 PROTO=TCP SPT=44604 DPT=80 SYN May 3 17:57:47 SRC=13.213.38.228 PROTO=TCP SPT=44838 DPT=80 SYN May 3 17:57:47 SRC=13.213.38.228 PROTO=TCP SPT=44344 DPT=80 ... show less	DDoS Attack
ISPLtd	2025-05-03 23:11:03 (1 month ago)	May 3 20:11:02 SRC=13.213.38.228 PROTO=TCP SPT=60956 DPT=80 SYN May 3 20:11:02 SRC=13.213.38 ... show moreMay 3 20:11:02 SRC=13.213.38.228 PROTO=TCP SPT=60956 DPT=80 SYN May 3 20:11:02 SRC=13.213.38.228 PROTO=TCP SPT=32772 DPT=80 SYN May 3 20:11:02 SRC=13.213.38.228 PROTO=TCP SPT=60892 DPT=80 SYN ... show less	DDoS Attack
kosada.com	2025-05-03 20:53:30 (1 month ago)	Web vulnerability probing	Web App Attack
chronos	2025-05-03 20:07:58 (1 month ago)	[AUTORAVALT][[03/05/2025 - 17:07:58 -03:00 UTC] Attack from [Amazon Technologies Inc.] [ ... show more[AUTORAVALT][[03/05/2025 - 17:07:58 -03:00 UTC] Attack from [Amazon Technologies Inc.] [13.213.38.228][ec2-13-213-38-228.ap-southeast-1.compute.amazonaws.com] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
dpinse	2025-05-03 19:59:20 (1 month ago)	teler detected Directory Bruteforce against resource /configs.zip from 13.213.38.228	Bad Web Bot

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩