JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.15.99.163

52.15.99.163 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 73%: ?

73%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-52-15-99-163.us-east-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.15.99.163

Whois 52.15.99.163

IP Abuse Reports for 52.15.99.163:

This IP address has been reported a total of 17 times from 17 distinct sources. 52.15.99.163 was first reported on August 21st 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇰 jodk	2026-06-08 03:01:39 (3 days ago)	SSH brute-force + malware deployment (Redtail miner). 5 hits on honeypot. Uploaded clean.sh, setup.s ... show more SSH brute-force + malware deployment (Redtail miner). 5 hits on honeypot. Uploaded clean.sh, setup.sh, redtail binaries. Injected SSH backdoor key. show less	Brute-Force SSH
🇺🇸 ShadowWhisperer	2026-06-07 19:01:01 (3 days ago)	RDP credential attempt.	Brute-Force Hacking
🇩🇪 Justin F. \| AS204464	2026-06-07 18:46:39 (3 days ago)	Honeypot [nx-infrastructure]: HTTP/1.1 request on 8020 GET / User-Agent: visionheight.com/scan Mozi ... show more Honeypot [nx-infrastructure]: HTTP/1.1 request on 8020 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 8020 [3] TCP Reported by: Justin F. show less	Hacking Bad Web Bot
🇬🇧 knock	2026-06-07 18:46:04 (3 days ago)	Knock-Knock honeypot brute-force: RDP (1 total hits)	Brute-Force
🇩🇪 dispaisyenterprises	2026-06-07 18:45:56 (3 days ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (1 bytes of payload); 7777 [2] TCP Reported by DisP ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (1 bytes of payload); 7777 [2] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 gbzret4d	2026-06-07 18:45:54 (3 days ago)	Honeypot [uk-production01]: HTTP/1.1 request on 1443 GET / User-Agent: visionheight.com/scan Mozill ... show more Honeypot [uk-production01]: HTTP/1.1 request on 1443 GET / User-Agent: visionheight.com/scan Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 1443 [3] TCP show less	Hacking Bad Web Bot
🇩🇪 fleckenbase	2026-06-07 18:43:15 (3 days ago)	2026-06-07T20:43:15.464584+02:00 v30393 sshd[2328224]: error: kex_exchange_identification: client se ... show more 2026-06-07T20:43:15.464584+02:00 v30393 sshd[2328224]: error: kex_exchange_identification: client sent invalid protocol identifier "GET / HTTP/1.1" 2026-06-07T20:43:15.464699+02:00 v30393 sshd[2328224]: banner exchange: Connection from 52.15.99.163 port 61502: invalid format ... show less	Brute-Force SSH
🇩🇪 kexol	2026-06-07 18:43:08 (3 days ago)	3389 port scanned	Port Scan
🇩🇪 femboy.cat	2026-06-07 18:42:47 (3 days ago)	Port scan to tcp/7777 from 52.15.99.163	Brute-Force
🇨🇦 alexbfr	2026-06-07 18:42:33 (3 days ago)	Fail2Ban Report, custom-honeypot jail: Automated honeypot detection.	Hacking
🇬🇧 skocherhan	2026-06-07 18:42:14 (3 days ago)	RDP probe cluster. Session hits: 1. Client Info: Unknown Protocol (Non-RDP Data)	Port Scan Brute-Force
Anonymous	2026-06-07 18:42:08 (3 days ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇧🇬 MazenHost	2026-06-07 18:41:33 (3 days ago)	1780857692 - 06/07/2026 21:41:32 Host: 52.15.99.163/52.15.99.163 Port: 31337 TCP Blocked ...	Port Scan
🇫🇷 Soncraft	2026-06-07 18:41:31 (3 days ago)	Blocked by UFW on Jellyfin [31337/tcp] Source port: 53870 TTL: 47 Packet length: 40 TOS: 0x08 This ... show more Blocked by UFW on Jellyfin [31337/tcp] Source port: 53870 TTL: 47 Packet length: 40 TOS: 0x08 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 EGP Abuse Dept	2026-04-08 00:29:24 (2 months ago)	Unauthorized connection to FTP port 21	Port Scan Hacking

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.47

🇨🇳 110.177.179.238

🇷🇴 92.118.39.227

🇮🇳 202.141.95.56

🇦🇷 200.32.52.150

🇺🇸 172.234.218.245

🇮🇩 123.231.210.210

🇮🇳 122.187.116.110

🇺🇸 97.223.23.47

🇺🇸 23.95.80.172

🇬🇧 87.236.176.28

🇸🇬 68.183.236.1

🇺🇸 64.62.197.16

🇫🇷 54.38.241.200

🇺🇸 23.95.212.149

🇨🇦 20.151.200.108

🇨🇳 14.22.79.82

🇧🇷 2804:8750:409e:ab00:3:a56:79a1:854d

🇩🇪 213.209.159.236

🇺🇸 192.34.128.202