JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 16.170.254.52

16.170.254.52 was found in our database!

This IP was reported 3 times. Confidence of Abuse is 0%: ?

ISP	Amazon Data Services Sweden
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-16-170-254-52.eu-north-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 16.170.254.52

Whois 16.170.254.52

IP Abuse Reports for 16.170.254.52:

This IP address has been reported a total of 3 times from 2 distinct sources. 16.170.254.52 was first reported on August 24th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-08-24 07:44:31 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 16.170.254.52 (ec2-16-170-254-52.eu-north-1.com ... show more (mod_security) mod_security (id:240335) triggered by 16.170.254.52 (ec2-16-170-254-52.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 24 03:44:24.284341 2024] [security2:error] [pid 6549:tid 6549] [client 16.170.254.52:41318] [client 16.170.254.52] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 16.170.254.52 (+1 hits since last alert)\|newmooncafe.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newmooncafe.com"] [uri "/xmlrpc.php"] [unique_id "ZsmPWF-Mum33hLBwultuegAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-24 04:46:55 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 16.170.254.52 (ec2-16-170-254-52.eu-north-1.com ... show more (mod_security) mod_security (id:240335) triggered by 16.170.254.52 (ec2-16-170-254-52.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 24 00:46:50.486174 2024] [security2:error] [pid 26130:tid 26130] [client 16.170.254.52:34732] [client 16.170.254.52] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 16.170.254.52 (+1 hits since last alert)\|akistech.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "akistech.com"] [uri "/xmlrpc.php"] [unique_id "ZsllusucPbEOw6IE6IA8RgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-24 01:03:17 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 3 of 3 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.27

🇧🇷 186.216.88.83

🇫🇮 147.185.133.127

🇺🇸 138.94.219.124

🇻🇳 103.7.41.117

🇫🇷 85.204.70.96

🇧🇬 78.128.114.102

🇺🇸 66.132.172.113

🇨🇳 60.191.221.172

🇮🇳 52.66.164.71

🇨🇦 51.222.26.148

🇺🇸 198.41.227.158

🇺🇸 173.230.150.73

🇺🇸 162.216.149.189

🇫🇮 138.124.5.60

🇺🇸 136.144.43.184

🇮🇳 122.160.103.228

🇨🇳 119.53.253.2

🇨🇳 117.62.22.127

🇨🇳 115.198.60.210