JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.231.200.49

13.231.200.49 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 24%: ?

24%

ISP	Amazon Data Services Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-231-200-49.ap-northeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.231.200.49

Whois 13.231.200.49

IP Abuse Reports for 13.231.200.49:

This IP address has been reported a total of 4 times from 3 distinct sources. 13.231.200.49 was first reported on June 27th 2026, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Octopuce	2026-06-27 08:28:36 (10 hours ago)	Aggressive web search of vulnerable pages: /.env /.env.local /app/.env /apps/.env /api/.env ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 07:42:28 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 13.231.200.49 (ec2-13-231-200-49.ap-northeast-1 ... show more (mod_security) mod_security (id:210492) triggered by 13.231.200.49 (ec2-13-231-200-49.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:42:20.699955 2026] [security2:error] [pid 7067:tid 7067] [client 13.231.200.49:53536] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gayebrown.tulsatvmemories.com"] [uri "/.git/config"] [unique_id "aj9-3Pn-S5xLsIH6btCDVwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-27 07:34:28 (11 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 07:23:12 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 13.231.200.49 (ec2-13-231-200-49.ap-northeast-1 ... show more (mod_security) mod_security (id:210492) triggered by 13.231.200.49 (ec2-13-231-200-49.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:23:07.133963 2026] [security2:error] [pid 28646:tid 28675] [client 13.231.200.49:52554] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gavinblair.shaneblair.com"] [uri "/.git/config"] [unique_id "aj96WxsYjGwLUTdcCOtKWgAAANI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 87.236.176.73

🇧🇬 78.128.113.46

🇳🇱 31.14.32.7

🇮🇩 163.7.4.169

🇺🇸 147.185.132.82

🇨🇳 123.187.243.243

🇷🇸 109.93.213.108

🇺🇸 85.254.175.161

🇺🇸 66.132.224.56

🇹🇭 45.194.70.253

🇸🇬 20.212.52.137

🇧🇪 198.235.24.167

🇧🇷 177.159.150.111

🇫🇷 167.86.124.4

🇺🇸 147.185.132.251

🇺🇸 147.185.132.118

🇺🇸 141.11.88.6

🇭🇰 114.111.52.109

🇭🇰 65.52.160.255

🇧🇷 20.197.238.124