JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.234.238.69

13.234.238.69 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 29%: ?

29%

ISP	Amazon Data Services India
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-234-238-69.ap-south-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.234.238.69

Whois 13.234.238.69

IP Abuse Reports for 13.234.238.69:

This IP address has been reported a total of 26 times from 23 distinct sources. 13.234.238.69 was first reported on April 21st 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 pipeline.es	2026-05-27 06:51:26 (2 weeks ago)	Web scanning / probing for vulnerable paths	Port Scan Web App Attack
🇬🇧 innovacommunications	2026-05-27 02:45:02 (2 weeks ago)	Reported from Imunify360 blocklist	Brute-Force SSH
🇳🇱 Mangelot Hosting	2026-05-27 01:04:25 (2 weeks ago)	(modsecurity) srv104 ModSecurity 13.234.238.69 (IN/India/ec2-13-234-238-69.ap-south-1.compute.amazon ... show more (modsecurity) srv104 ModSecurity 13.234.238.69 (IN/India/ec2-13-234-238-69.ap-south-1.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:59:44 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 13.234.238.69 (ec2-13-234-238-69.ap-south-1.com ... show more (mod_security) mod_security (id:210492) triggered by 13.234.238.69 (ec2-13-234-238-69.ap-south-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:59:39.277335 2026] [security2:error] [pid 25240:tid 25260] [client 13.234.238.69:59988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "moogoob.com"] [uri "/.git/config"] [unique_id "ahZB-zliLFgAt9t_q4rPgAAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-05-27 00:23:47 (2 weeks ago)	[WedMay2702:23:44.2121322026][security2:error][pid2270771:tid2270871][client13.234.238.69:0]ModSecur ... show more [WedMay2702:23:44.2121322026][security2:error][pid2270771:tid2270871][client13.234.238.69:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\\$\(\?:\\\\\\\\\(\(\?:\\\\\\\\\(.\\\\\\\\\$\\|.\\)\\\\\\\\\)\\|\\\\\\\\{.\\\\\\\\\}\)\\|[\<\>]\\\\\\\\$.\\\\\\\\\$\)\"atARGS:0.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"396\"][id\"393655\"][rev\"17\"][msg\"Atomicorp.comWAFRules:PossibleRemoteCommandExecution:UnixShellExpressionFound\"][data\"MatchedData:\$$\(41\271$\)foundwithinARGS:0:{then:\$1:__proto__:thenstatus:resolved_modelreason:-1value:{then:\$b1337}_response:{_prefix:varres=process.mainmodule.require$child_process$.execsync$echo\$\(\(41\271$\)\\|base64-w0\).tostring.trimthrowobject.assign$newerror\(next_redirect${digest:\`next_redirectpush/login\?a=\${res}307\`}\)_chunks:\$q2_formdata:{get:\$1:constructor:constructor}}}\"][tag\"attack-rce\"][hostname\"mood4apps.com\"][uri\"/\"][unique_id\"ahY5kMBo8vKlwdQt3KPjEwAAAMs\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 consul.to	2026-05-26 23:51:27 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 pipeline.es	2026-05-26 23:28:17 (2 weeks ago)	Web scanning / probing for vulnerable paths \| URL: /administrator/.env \| Evidence: monturista.com 13 ... show more Web scanning / probing for vulnerable paths \| URL: /administrator/.env \| Evidence: monturista.com 13.234.238.69 - - [27/May/2026:01:28:08 +0200] \"GET /administrator/.env HTTP/1.1\" 404 21064 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36\" GEOIP_COUNTRY_CODE=IN \| ASN: AMAZON-02 \| Country: IN show less	Port Scan Web App Attack
🇭🇺 DumaNet	2025-04-23 05:15:00 (1 year ago)	Web app attack attempts, scanning for vulnerability. Date: 2025 Apr 21. 20:22:10 Source IP: 13.234 ... show more Web app attack attempts, scanning for vulnerability. Date: 2025 Apr 21. 20:22:10 Source IP: 13.234.238.69 Portion of the log(s): 13.234.238.69 - [21/Apr/2025:20:20:34 +0200] "HEAD /new HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 13.234.238.69 - [21/Apr/2025:20:20:34 +0200] "HEAD /new HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 13.234.238.69 - [21/Apr/2025:20:20:34 +0200] "HEAD /old HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 13.234.238.69 - [21/Apr/2025:20:20:34 +0200] "HEAD /old HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 13.234.238.69 - [21/Apr/2025:20:20:34 +0200] "HEAD /backup HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0 show less	Web App Attack
🇬🇧 AvonleaConsulting	2025-04-22 23:00:42 (1 year ago)	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
🇺🇸 OceanTreasure	2025-04-22 06:40:00 (1 year ago)	tcp/80; Making high volume head requests to scan for WordPress installations: "HEAD /wordpress"	Brute-Force
🇺🇸 octageeks.com	2025-04-22 04:11:07 (1 year ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇳🇱 BlueWire Hosting	2025-04-22 04:10:14 (1 year ago)	Probing for application vulnerabilities	Brute-Force Web App Attack
🇩🇪 bescared	2025-04-22 03:44:24 (1 year ago)	F2B - Malicious activity detected. Too many 403.	Hacking Brute-Force Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2025-04-22 01:34:00 (1 year ago)	13.234.238.69 - - [22/Apr/2025:02:33:51 +0100] "HEAD / HTTP/1.0" 200 183 "-" "Mozilla/5.0 (Windows N ... show more 13.234.238.69 - - [22/Apr/2025:02:33:51 +0100] "HEAD / HTTP/1.0" 200 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 13.234.238.69 - - [22/Apr/2025:02:33:51 +0100] "HEAD /wordpress HTTP/1.0" 301 937 "http://stringersplumbingandheating.co.uk/wordpress" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 13.234.238.69 - - [22/Apr/2025:02:33:56 +0100] "HEAD / HTTP/1.0" 301 816 "http://stringersplumbingandheating.co.uk/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" ... show less	Hacking Web App Attack
🇺🇸 Moby	2025-04-21 23:15:48 (1 year ago)	Mon Apr 21 05:24:45.718364 202513.234.238.69 - - [21/Apr/2025:18:15:46 -0500] "HEAD /wordpress HTTP/ ... show more Mon Apr 21 05:24:45.718364 202513.234.238.69 - - [21/Apr/2025:18:15:46 -0500] "HEAD /wordpress HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" Mon Apr 21 05:24:45.718364 202513.234.238.69 - - [21/Apr/2025:18:15:47 -0500] "HEAD /wp HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" Mon Apr 21 05:24:45.718364 202513.234.238.69 - - [21/Apr/2025:18:15:47 -0500] "HEAD /bc HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c03::12c

🇩🇪 213.209.159.56

🇺🇸 205.210.31.70

🇹🇼 198.235.24.41

🇬🇧 193.32.209.253

🇺🇸 165.154.134.190

🇺🇸 162.216.149.207

🇺🇸 147.185.132.81

🇺🇸 72.63.18.44

🇺🇸 47.251.189.155

🇨🇳 36.134.211.170

🇬🇧 35.203.210.179

🇻🇳 14.225.7.70

🇮🇳 4.240.96.30

🇨🇳 222.86.168.224

🇰🇭 175.100.83.145

🇮🇳 148.113.3.75

🇩🇪 141.11.250.239

🇲🇴 125.31.2.160

🇨🇳 106.12.43.166