JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.201.30.226

43.201.30.226 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 1%: ?

ISP	Amazon.com, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇰🇷 Korea (the Republic of)
City	Incheon, Incheon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.201.30.226

Whois 43.201.30.226

IP Abuse Reports for 43.201.30.226:

This IP address has been reported a total of 14 times from 7 distinct sources. 43.201.30.226 was first reported on November 14th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 pipeline.es	2026-06-03 10:13:44 (3 days ago)	Web scanning / probing for vulnerable paths \| URL: /erp/.env \| Evidence: onticketstore.com 43.201.30 ... show more Web scanning / probing for vulnerable paths \| URL: /erp/.env \| Evidence: onticketstore.com 43.201.30.226 - - [03/Jun/2026:12:13:09 +0200] \"GET /erp/.env HTTP/1.1\" 404 28451 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36\" GEOIP_COUNTRY_CODE=KR \| ASN: AMAZON-02 \| Country: KR show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2025-11-16 11:28:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 16 06:28:21.253653 2025] [security2:error] [pid 23966:tid 23966] [client 43.201.30.226:52816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thinksite.net"] [uri "/api/.env.bak"] [unique_id "aRm1VY78QrIR48FjiuvalgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-16 08:12:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 16 03:12:37.086173 2025] [security2:error] [pid 17782:tid 17782] [client 43.201.30.226:56384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title13.itaxcenter.com"] [uri "/.env"] [unique_id "aRmHdUa6BU5mxvg1MGSU9wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 nzhost.co.nz	2025-11-16 07:36:07 (6 months ago)	$f2bV_matches	Hacking Brute-Force
Anonymous	2025-11-15 20:11:10 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇷 masterguru	2025-11-15 20:05:34 (6 months ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-15 13:53:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 08:53:04.244414 2025] [security2:error] [pid 32065:tid 32065] [client 43.201.30.226:55518] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theflyingdutchman.us"] [uri "/.env.development"] [unique_id "aRiFwMscdwLTjU-cumvQdAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-15 03:45:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 22:45:40.885430 2025] [security2:error] [pid 30779:tid 30782] [client 43.201.30.226:46314] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.indigowampum.philacentric.com"] [uri "/.git/config"] [unique_id "aRf3ZLR005WQ7eGBME_2mAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-15 03:24:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 22:24:39.076506 2025] [security2:error] [pid 29783:tid 29783] [client 43.201.30.226:51686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.1.waggonerfinancial.com"] [uri "/.git/config"] [unique_id "aRfyd7hZrLTjTsvai4LfGQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 20:26:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 15:26:43.337114 2025] [security2:error] [pid 32129:tid 32129] [client 43.201.30.226:55630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lordcain.cain2016.org"] [uri "/.git/config"] [unique_id "aReQg0ar1_SOrwiQTz0fkQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 17:19:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 12:19:36.548881 2025] [security2:error] [pid 2086615:tid 2086615] [client 43.201.30.226:34794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.engravingbyangela.com.jbcllcnet.com"] [uri "/.git/config"] [unique_id "aRdkqHQ6k97wC2_prEIulwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-14 16:40:07 (6 months ago)	block ruleset bad bot: misc bad content F608233CC4C86EE814CE8DDDA9C4A0D3C79882F6	Bad Web Bot
🇩🇪 Kreapptivo	2025-11-14 16:33:00 (6 months ago)	[14/Nov/2025:17:32:58 +0100] Web-Request: "GET /.git/config", User-Agent: "python-httpx/0.27.0"	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 16:31:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 43.201.30.226 (ec2-43-201-30-226.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 11:31:36.331810 2025] [security2:error] [pid 18048:tid 18048] [client 43.201.30.226:41540] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.festival.bluegrassexpressband.com"] [uri "/.git/config"] [unique_id "aRdZaDtczg-88bSmY48k4QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 202.51.214.98

🇹🇼 198.235.24.116

🇧🇷 187.72.128.177

🇯🇵 160.251.182.78

🇫🇷 85.217.140.3

🇺🇸 18.232.36.1

🇺🇸 216.25.89.68

🇧🇪 198.235.24.252

🇫🇮 147.185.133.215

🇫🇮 147.185.133.96

🇨🇳 101.95.103.182

🇺🇸 74.125.17.178

🇬🇧 35.203.210.193

🇺🇸 35.175.155.7

🇷🇺 188.168.86.6

🇷🇺 176.109.97.11

🇱🇹 81.30.98.144

🇺🇸 69.164.217.74

🇳🇱 64.89.162.15

🇺🇸 45.33.40.18