JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.252.55.114

3.252.55.114 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Ireland Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-3-252-55-114.eu-west-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇪 Ireland
City	Dublin, Leinster

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.252.55.114

Whois 3.252.55.114

IP Abuse Reports for 3.252.55.114:

This IP address has been reported a total of 28 times from 21 distinct sources. 3.252.55.114 was first reported on June 18th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 SOC [GOLINE SA]	2026-06-22 03:03:21 (18 hours ago)	FortiGate detected IPS attack from IPv4 address 3.252.55.114	Hacking
🇨🇭 SOC [GOLINE SA]	2026-06-21 02:03:28 (1 day ago)	FortiGate detected IPS attack from IPv4 address 3.252.55.114	Hacking
🇨🇭 SOC [GOLINE SA]	2026-06-20 02:03:05 (2 days ago)	FortiGate detected IPS attack from IPv4 address 3.252.55.114	Hacking
Anonymous	2026-06-19 05:17:33 (3 days ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇫🇷 service Informatique	2026-06-19 04:00:37 (3 days ago)	/___proxy_subdomain_whm/login	Web App Attack
🇨🇭 SOC [GOLINE SA]	2026-06-19 01:04:49 (3 days ago)	FortiGate detected IPS attack from IPv4 address 3.252.55.114	Hacking
🇧🇷 SOC Blue Team	2026-06-18 05:25:46 (4 days ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇫🇷 Lunix	2026-06-18 04:41:03 (4 days ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 04:27:39 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 3.252.55.114 (ec2-3-252-55-114.eu-west-1.comput ... show more (mod_security) mod_security (id:210492) triggered by 3.252.55.114 (ec2-3-252-55-114.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:27:33.723683 2026] [security2:error] [pid 2162:tid 2162] [client 3.252.55.114:43820] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.55"] [uri "/.git/HEAD"] [unique_id "ajNztUeXp-Zf7sNMKv2KZgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-18 04:16:19 (4 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 04:03:42 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 3.252.55.114 (ec2-3-252-55-114.eu-west-1.comput ... show more (mod_security) mod_security (id:210492) triggered by 3.252.55.114 (ec2-3-252-55-114.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:03:36.680337 2026] [security2:error] [pid 31156:tid 31156] [client 3.252.55.114:44286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.28"] [uri "/.git/HEAD"] [unique_id "ajNuGP94sC5TvHx4BG8X5wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 zwebvigil	2026-06-18 03:54:54 (4 days ago)	3.252.55.114 [17/Jun/2026:20:54:52 -0700] "GET /.git/HEAD HTTP/1.1" 401 381 "-" port=56490 "Mozilla ... show more 3.252.55.114 [17/Jun/2026:20:54:52 -0700] "GET /.git/HEAD HTTP/1.1" 401 381 "-" port=56490 "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "-" "-" "<ipaddr>" 531 3.252.55.114 [17/Jun/2026:20:54:53 -0700] "GET /.git/config HTTP/1.1" 401 381 "-" port=56506 "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 547 3.252.55.114 [17/Jun/2026:20:54:53 -0700] "GET /.git/logs/HEAD HTTP/1.1" 401 381 "-" port=56508 "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" "-" "-" "<ipaddr>" 453 3.252.55.114 [17/Jun/2026:20:54:53 -0700] "GET /.git/refs/heads/master HTTP/1.1" 401 381 "-" port=56512 "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" "-" "-" "<ipaddr>" 379 3.252.55.114 [17/Jun/2026:20:54:53 -0700] "GET /.git/refs/heads/main HTTP/1.1" 401 381 "-" port=5653 show less	Web App Attack
🇺🇸 Matthew Ping	2026-06-18 03:30:01 (4 days ago)	ModSecurity rule 949110 triggered on lulus. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
Anonymous	2026-06-18 03:22:09 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-18 03:09:05 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 3.252.55.114 (ec2-3-252-55-114.eu-west-1.comput ... show more (mod_security) mod_security (id:210492) triggered by 3.252.55.114 (ec2-3-252-55-114.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:08:58.168085 2026] [security2:error] [pid 4355:tid 4379] [client 3.252.55.114:52416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.132"] [uri "/.git/HEAD"] [unique_id "ajNhSscpArrADHEKoTL9JgAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 13.90.206.6

🇺🇸 2607:f8b0:4002:c00::127

🇮🇳 194.164.149.230

🇸🇬 152.32.218.244

🇨🇳 116.28.182.163

🇫🇷 85.217.140.46

🇨🇳 60.166.83.133

🇺🇸 50.188.204.213

🇷🇺 213.234.11.10

🇺🇸 199.127.60.187

🇲🇽 189.217.130.86

🇨🇳 120.25.208.223

🇧🇬 78.128.114.166

🇺🇸 45.130.83.107

🇺🇸 44.62.21.54

🇨🇳 218.13.157.209

🇦🇷 200.63.111.132

🇺🇸 195.184.76.127

🇸🇪 171.25.158.57

🇹🇼 111.70.32.49