JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 15.220.152.161

15.220.152.161 was found in our database!

This IP was reported 124 times. Confidence of Abuse is 46%: ?

46%

ISP	A100 ROW GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-15-220-152-161.eu-central-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇩🇪 Germany
City	Hamburg, Hamburg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 15.220.152.161

Whois 15.220.152.161

IP Abuse Reports for 15.220.152.161:

This IP address has been reported a total of 124 times from 87 distinct sources. 15.220.152.161 was first reported on October 6th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 BestFans.com	2026-06-13 22:13:32 (2 days ago)	Credential brute-force attacks on webpage logins	Brute-Force
🇧🇪 cmbplf	2026-06-12 20:36:48 (3 days ago)	10.297 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇫🇷 dynamix	2026-06-12 18:02:13 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 R.G.	2026-06-12 14:31:39 (3 days ago)	(XMLRPCorWHATEVER) Get lost please 15.220.152.161 (DE/Germany/ec2-15-220-152-161.eu-central-1.comput ... show more (XMLRPCorWHATEVER) Get lost please 15.220.152.161 (DE/Germany/ec2-15-220-152-161.eu-central-1.compute.amazonaws.com): 3 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 integrantservices.com	2026-06-12 14:17:27 (3 days ago)	(wordpress) Failed wordpress login from 15.220.152.161 (DE/Germany/ec2-15-220-152-161.eu-central-1.c ... show more (wordpress) Failed wordpress login from 15.220.152.161 (DE/Germany/ec2-15-220-152-161.eu-central-1.compute.amazonaws.com) show less	Brute-Force
🇮🇹 VHosting	2026-06-12 13:50:03 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 bitblockit	2026-05-11 18:32:18 (1 month ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 52371/tcp. Observed event time: 2026-05-11 18:32:18 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-05-11 18:20:13 (1 month ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 52371/tcp. Observed event time: 2026-05-11 18:20:13 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇬🇧 poundawebsiteltd	2026-04-30 08:34:07 (1 month ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 15.220.152.161 - - [30/Apr/2026: ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 15.220.152.161 - - [30/Apr/2026:09:34:05 +0100] GET / HTTP/1.1 403 2788 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 show less	Web App Attack
Anonymous	2026-04-25 06:05:23 (1 month ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=20	Hacking
🇺🇸 TPI-Abuse	2026-04-15 19:30:33 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1 ... show more (mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 15:30:27.031376 2026] [security2:error] [pid 3304022:tid 3304022] [client 15.220.152.161:22890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rustyog.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rustyog.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ad_nU7-LcPFuKXJaofRr5QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-04-15 18:03:44 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 17:58:47 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1 ... show more (mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 13:58:41.946376 2026] [security2:error] [pid 3539704:tid 3539729] [client 15.220.152.161:24100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rpiusa.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rpiusa.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ad_R0To_3JoijNFhnEywTgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 14:33:25 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1 ... show more (mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 10:33:17.513926 2026] [security2:error] [pid 1353505:tid 1353505] [client 15.220.152.161:18731] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|robinsnestingplace.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "robinsnestingplace.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ad-hrYo4fowX-kld5NPSOwAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 12:30:30 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1 ... show more (mod_security) mod_security (id:225170) triggered by 15.220.152.161 (ec2-15-220-152-161.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 08:30:24.155074 2026] [security2:error] [pid 1800338:tid 1800338] [client 15.220.152.161:59714] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rimaine.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rimaine.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ad-E4PuRz1WzHUUlt_LmOwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 124 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.198

🇩🇪 195.230.103.246

🇺🇸 144.225.124.188

🇵🇰 138.252.175.106

🇨🇦 104.157.40.219

🇸🇬 103.13.207.88

🇨🇦 85.217.149.69

🇺🇸 45.156.129.95

🇺🇸 18.222.36.198

🇨🇳 14.153.230.30

🇺🇸 195.184.76.51

🇳🇱 195.178.110.30

🇦🇷 181.46.5.63

🇺🇸 109.105.210.74

🇧🇬 78.128.112.30

🇧🇪 34.76.145.144

🇨🇦 23.252.224.216

🇬🇧 217.146.80.104

🇺🇸 195.184.76.50

🇷🇺 178.176.231.111