AbuseIPDB » 13.39.16.88

13.39.16.88 was found in our database!

This IP was reported 79 times. Confidence of Abuse is 92%: ?

92%

ISP	Amazon Data Services France
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-13-39-16-88.eu-west-3.compute.amazonaws.com
Domain Name	amazon.com
Country	France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 13.39.16.88

Whois 13.39.16.88

IP Abuse Reports for 13.39.16.88:

This IP address has been reported a total of 79 times from 60 distinct sources. 13.39.16.88 was first reported on June 15th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
rtbh.com.tr	2025-06-16 20:07:11 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
openstrike.co.uk	2025-06-16 05:13:26 (1 month ago)	2 attacks on password grabbing URLs: GET /.vscode/sftp.json HTTP/1.1	Hacking
octageeks.com	2025-06-16 04:06:18 (1 month ago)	Wordpress malicious attack:[octablocked]	Web App Attack
rtbh.com.tr	2025-06-15 20:07:10 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
JPPO	2025-06-15 18:04:18 (1 month ago)	ET SCAN SFTP/FTP Password Exposure via sftp-config.json ports , ports: 80(x2)	Port Scan
MogBox	2025-06-15 16:34:18 (1 month ago)	(RSRCTROLL) Vulnerability Trolling: GET/POST /sftp-config.json 13.39.16.88 (FR/France/ec2-13-39-16-8 ... show more(RSRCTROLL) Vulnerability Trolling: GET/POST /sftp-config.json 13.39.16.88 (FR/France/ec2-13-39-16-88.eu-west-3.compute.amazonaws.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 13.39.16.88 - - [15/Jun/2025:12:34:08 -0400] "GET /sftp-config.json HTTP/2.0" 404 167 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Hacking
Anonymous	2025-06-15 16:30:12 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
pa4080	2025-06-15 16:05:07 (1 month ago)	Detected by ModSecurity. Request URI: /sftp-config.json	Web App Attack
Anonymous	2025-06-15 16:00:38 (1 month ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/ ... show moreHttp Port:80 (http_status:403) - Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 show less	Web App Attack
Rip	2025-06-15 15:57:42 (1 month ago)	Automated reconnaissance attempt targeting restricted or sensitive paths. ...	Brute-Force Web App Attack
TPI-Abuse	2025-06-15 15:50:54 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 13.39.16.88 (ec2-13-39-16-88.eu-west-3.compute. ... show more(mod_security) mod_security (id:210492) triggered by 13.39.16.88 (ec2-13-39-16-88.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 15 11:50:49.680117 2025] [security2:error] [pid 680987:tid 680987] [client 13.39.16.88:63440] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tremulant.com"] [uri "/sftp-config.json"] [unique_id "aE7r2RzBcx1tFfO2N3fshgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
IgorS.zg.hr	2025-06-15 15:25:30 (1 month ago)	Web application attack detected by fail2ban	Hacking Web App Attack
LotPhantom	2025-06-15 15:22:25 (1 month ago)	2025/06/15 15:22:24 [error] 1630129#1630129: 7602 access forbidden by rule, client: 13.39.16.88, se ... show more2025/06/15 15:22:24 [error] 1630129#1630129: 7602 access forbidden by rule, client: 13.39.16.88, server: job-search-api.bridginggaps.tech, request: "GET /.vscode/sftp.json HTTP/1.1", host: "job-search-api.bridginggaps.tech" ... show less	Web App Attack
conseilgouz	2025-06-15 15:17:43 (1 month ago)	are-17 : Block hidden directories=>/.vscode/sftp.json(/)	Hacking
AvonleaConsulting	2025-06-15 14:19:02 (1 month ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack

Showing 1 to 15 of 79 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

82.165.82.123

114.119.151.83

47.128.96.218

46.161.50.108

195.178.110.224

20.12.41.6

83.222.191.6

2a06:4883:1000::15

176.65.148.61

14.103.116.173

106.246.224.218

58.49.140.148

119.241.30.111

118.194.235.201

186.189.37.247

20.65.194.188

43.252.230.158

206.168.34.175

117.184.30.6

45.135.232.177