JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.229.76.83

13.229.76.83 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 87%: ?

87%

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-229-76-83.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.229.76.83

Whois 13.229.76.83

IP Abuse Reports for 13.229.76.83:

This IP address has been reported a total of 16 times from 14 distinct sources. 13.229.76.83 was first reported on June 17th 2026, and the most recent report was 23 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 01:38:13 (23 minutes ago)	(mod_security) mod_security (id:210492) triggered by 13.229.76.83 (ec2-13-229-76-83.ap-southeast-1.c ... show more (mod_security) mod_security (id:210492) triggered by 13.229.76.83 (ec2-13-229-76-83.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 21:38:07.879913 2026] [security2:error] [pid 28715:tid 28715] [client 13.229.76.83:36498] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.245"] [uri "/.git/HEAD"] [unique_id "ajNL_4C3UXoNi0gEeRJpVwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 maxpower	2026-06-18 01:35:23 (26 minutes ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 13.229.76.83 (SG/Singapore/ec2-13-229-76 ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 13.229.76.83 (SG/Singapore/ec2-13-229-76-83.ap-southeast-1.compute.amazonaws.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 13.229.76.83 - - [18/Jun/2026:03:35:19 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 548 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" host=51.89.2.98 13.229.76.83 - - [18/Jun/2026:03:35:19 +0200] "GET /.aws/credentials HTTP/1.1" 404 10385 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "-" host=51.89.2.98 show less	Port Scan
🇹🇼 kk_it_man	2026-06-18 01:30:26 (30 minutes ago)		Port Scan
🇹🇭 Sawasdee	2026-06-18 01:18:09 (43 minutes ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 mnsf	2026-06-18 01:12:30 (48 minutes ago)	Too many Status 50X (30) Scanning/Probing (20)	Brute-Force Web App Attack
Anonymous	2026-06-18 01:03:45 (57 minutes ago)	Attempt to access sensitive files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 00:50:57 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 13.229.76.83 (ec2-13-229-76-83.ap-southeast-1.c ... show more (mod_security) mod_security (id:210492) triggered by 13.229.76.83 (ec2-13-229-76-83.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 20:50:50.975692 2026] [security2:error] [pid 28940:tid 28940] [client 13.229.76.83:48198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.147"] [uri "/.git/HEAD"] [unique_id "ajNA6hN94GqJ_oEKbP_RBQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 HeliJP	2026-06-18 00:45:46 (1 hour ago)	2026-06-17T23:54:17Z - Recognized attacks\bad behavior from IP address 13.229.76.83 on port 443\80 ( ... show more 2026-06-17T23:54:17Z - Recognized attacks\bad behavior from IP address 13.229.76.83 on port 443\80 (52 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
🇷🇸 Scan	2026-06-18 00:32:06 (1 hour ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇮🇹 clamehost.it	2026-06-18 00:11:25 (1 hour ago)	Automatic report - Brute Force attack using this IP address	Brute-Force
🇧🇾 lns.bz	2026-06-17 22:54:16 (3 hours ago)	Too many 404 requests [BY]	Web App Attack
🇳🇱 Savvii	2026-06-17 22:52:23 (3 hours ago)	15 attempts against mh-modsecurity-ban on sonic	Brute-Force Web App Attack
🇬🇧 djboddington	2026-06-17 22:48:31 (3 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇫🇷 wiredalter	2026-06-17 22:39:59 (3 hours ago)	Blocked by fail2ban on o2VPS [2086/tcp] Source Port: 45264 TTL: 48 Packet Length: 60 TOS: 0x00 Anal ... show more Blocked by fail2ban on o2VPS [2086/tcp] Source Port: 45264 TTL: 48 Packet Length: 60 TOS: 0x00 Analyzed by https://ip.wiredalter.com show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-17 22:38:14 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 13.229.76.83 (ec2-13-229-76-83.ap-southeast-1.c ... show more (mod_security) mod_security (id:210492) triggered by 13.229.76.83 (ec2-13-229-76-83.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 18:38:08.762499 2026] [security2:error] [pid 19509:tid 19509] [client 13.229.76.83:58224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.207"] [uri "/.git/HEAD"] [unique_id "ajMh0KUN8xeY6VVmfm4BAAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.230.223.46

🇳🇱 185.224.128.16

🇺🇸 162.216.149.66

🇳🇱 45.148.10.121

🇷🇺 31.6.97.98

🇬🇪 2.57.217.229

🇺🇸 207.90.244.26

🇹🇭 180.180.157.104

🇺🇸 162.216.149.221

🇫🇮 147.185.133.226

🇫🇮 147.185.133.53

🇨🇳 112.25.140.211

🇷🇺 109.75.204.44

🇮🇩 103.47.134.56

🇷🇺 92.125.60.91

🇵🇱 87.251.64.149

🇺🇸 71.207.100.149

🇱🇺 64.89.160.19

🇺🇸 47.254.46.23

🇮🇳 38.137.11.14