JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.229.248.45

13.229.248.45 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 57%: ?

57%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-229-248-45.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.229.248.45

Whois 13.229.248.45

IP Abuse Reports for 13.229.248.45:

This IP address has been reported a total of 12 times from 9 distinct sources. 13.229.248.45 was first reported on May 28th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 13:07:36 (13 hours ago)	(mod_security) mod_security (id:210730) triggered by 13.229.248.45 (ec2-13-229-248-45.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 13.229.248.45 (ec2-13-229-248-45.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:07:29.447493 2026] [security2:error] [pid 19316:tid 19316] [client 13.229.248.45:65363] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|heytechiesshow.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "heytechiesshow.com"] [uri "/backup.sql"] [unique_id "aiF4kbLITSvHMvEvLTjwWAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 22:57:21 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 13.229.248.45 (ec2-13-229-248-45.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 13.229.248.45 (ec2-13-229-248-45.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 18:57:17.993917 2026] [security2:error] [pid 10831:tid 10831] [client 13.229.248.45:61792] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|chelseafootballprogrammes.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chelseafootballprogrammes.com"] [uri "/1.sql"] [unique_id "aiCxTZVh5ewhxo6pzREovwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-03 15:06:12 (1 day ago)	Scanning/Probing (30)	Brute-Force Web App Attack
🇳🇱 Mangelot Hosting	2026-06-03 12:13:43 (1 day ago)	(modsecurity) srv102 ModSecurity 13.229.248.45 (SG/Singapore/ec2-13-229-248-45.ap-southeast-1.comput ... show more (modsecurity) srv102 ModSecurity 13.229.248.45 (SG/Singapore/ec2-13-229-248-45.ap-southeast-1.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 Epimetheus	2026-06-03 07:02:31 (1 day ago)	Unauthorized access attempts: [GET] /wp-content/mysql.sql [GET] /blog/mysql.sql [GET] /blog/backup. ... show more Unauthorized access attempts: [GET] /wp-content/mysql.sql [GET] /blog/mysql.sql [GET] /blog/backup.sql [GET] /database/backup.sql [GET] /blog/db.sql [GET] /blog/drive.sql [GET] /wp-content/uploads/backup.sql [GET] /wp-content/uploads/database.sql [GET] /wp-content/uploads/mysql.sql [GET] //wp-content/uploads/drive.sql [GET] /wp-content/uploads/dump.sql [GET] /wp-content/database.sql [GET] /backups/database.sql [GET] /translate.sql [GET] /temp.sql [GET] /users.sql [GET] /www.sql [GET] /drive.sql [GET] /mysql.sql [GET] /db_backup.sql [GET] /dump.sql [GET] /db.sql [GET] /sql.sql [GET] /localhost.sql [GET] /drive_db.sql [GET] /mysqldump.sql [GET] /data.sql [GET] /site.sql [GET] /1.sql [GET] /backup.sql UA: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 show less	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-03 05:07:02 (1 day ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-01 10:22:21 (3 days ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 01:28:28 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 13.229.248.45 (ec2-13-229-248-45.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 13.229.248.45 (ec2-13-229-248-45.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:28:20.762223 2026] [security2:error] [pid 19895:tid 19895] [client 13.229.248.45:58470] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|guldunyayayinlari.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "guldunyayayinlari.com"] [uri "/guldunyayayinlari_db.sql"] [unique_id "ahzgNIH1Jxi3TmNrsRDdIwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-31 14:48:42 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 Vegascosmetics	2026-05-28 21:50:41 (1 week ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-28 17:35:20 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 kosada.com	2026-05-28 14:04:35 (1 week ago)	Web vulnerability probing: /database.sql	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.155

🇧🇬 81.177.213.165

🇺🇸 66.132.172.112

🇰🇷 49.247.36.49

🇳🇱 45.87.249.200

🇧🇷 205.210.31.153

🇨🇳 175.170.238.228

🇭🇰 152.32.169.155

🇨🇱 136.248.242.166

🇰🇷 124.46.235.212

🇨🇳 120.48.34.72

🇪🇪 109.206.241.199

🇺🇸 104.171.159.2

🇳🇱 93.174.95.106

🇷🇴 92.118.39.62

🇷🇴 80.94.92.102

🇺🇸 66.132.186.250

🇺🇸 65.49.1.233

🇧🇪 34.78.26.73

🇬🇧 31.14.254.23