JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.204.132.161

52.204.132.161 was found in our database!

This IP was reported 1,998 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-52-204-132-161.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.204.132.161

Whois 52.204.132.161

IP Abuse Reports for 52.204.132.161:

This IP address has been reported a total of 1,998 times from 171 distinct sources. 52.204.132.161 was first reported on May 30th 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Fasetech	2026-06-21 03:33:37 (13 hours ago)	SecLedge detected suspicious activity. Score: 102.6. Sensor: T-Pot.	Brute-Force
Anonymous	2026-06-20 00:53:52 (1 day ago)	2026-06-19 20:53:50 52.204.132.161:48460 WARNING: Bad encapsulated packet length from peer (32805), ... show more 2026-06-19 20:53:50 52.204.132.161:48460 WARNING: Bad encapsulated packet length from peer (32805), which must be > 0 and <= 1768 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...] 2026-06-19 20:53:50 52.204.132.161:8013 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1768 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...] 2026-06-19 20:53:50 52.204.132.161:34891 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1768 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...] ... show less	Port Scan Hacking
🇺🇸 xmission.com	2026-06-19 23:09:45 (1 day ago)	Blocked by UFW (TCP on 443) Source port: 43635 TTL: 58 Packet length: 52 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 443) Source port: 43635 TTL: 58 Packet length: 52 TOS: 0x00 This report (for 52.204.132.161) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 cazae	2026-06-19 22:22:22 (1 day ago)	Unauthorized attempt on debian [443/tcp] Source port: 58632 TTL: 49 Packet length: 52 TOS: 0x08 htt ... show more Unauthorized attempt on debian [443/tcp] Source port: 58632 TTL: 49 Packet length: 52 TOS: 0x08 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 www.winos.me	2026-06-19 17:21:36 (1 day ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking
Anonymous	2026-06-19 16:59:33 (1 day ago)	tls scan	Port Scan
🇺🇸 anon333	2026-06-19 16:06:14 (2 days ago)	Invalid HTTP port 80 probes to server T1206	Hacking Exploited Host
🇫🇷 zulzeen	2026-06-19 14:29:19 (2 days ago)	[incypit-web] Blocked by SysWarden Firewall [BLOCK] (Web Attack)	Hacking Web App Attack
🇳🇱 soverin	2026-06-19 14:10:18 (2 days ago)	Network scan on port 443	Email Spam
🇦🇺 crispi	2026-06-19 11:32:32 (2 days ago)	Port scan from 52.204.132.161	Port Scan
Anonymous	2026-06-19 08:16:07 (2 days ago)	Port scan and brute force attack	Port Scan Brute-Force
🇳🇱 StopAbuse	2026-06-19 07:35:44 (2 days ago)	tcp/443	Port Scan
🇺🇸 kuj	2026-06-19 06:12:20 (2 days ago)	2026-06-19T00:12:20.482702-06:00 derpamp-oci derper[287106]: 2026/06/19 00:12:20 http: TLS handshake ... show more 2026-06-19T00:12:20.482702-06:00 derpamp-oci derper[287106]: 2026/06/19 00:12:20 http: TLS handshake error from 52.204.132.161:18343: tls: client offered only unsupported versions: [302] 2026-06-19T00:12:20.532033-06:00 derpamp-oci derper[287106]: 2026/06/19 00:12:20 http: TLS handshake error from 52.204.132.161:9979: acme/autocert: missing server name 2026-06-19T00:12:20.532885-06:00 derpamp-oci derper[287106]: 2026/06/19 00:12:20 http: TLS handshake error from 52.204.132.161:51073: acme/autocert: missing server name ... show less	Port Scan Brute-Force
🇺🇸 xmission.com	2026-06-19 05:15:40 (2 days ago)	Blocked by UFW (TCP on 443) Source port: 34566 TTL: 58 Packet length: 52 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 443) Source port: 34566 TTL: 58 Packet length: 52 TOS: 0x00 This report (for 52.204.132.161) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 Cyber Crusader	2026-06-19 03:58:40 (2 days ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force

Showing 1 to 15 of 1998 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.163.112

🇮🇳 152.59.143.237

🇩🇪 69.5.169.127

🇺🇸 66.132.195.35

🇺🇸 66.132.172.200

🇩🇪 45.196.97.124

🇺🇸 40.124.175.188

🇺🇸 34.60.97.204

🇭🇺 5.187.199.193

🇧🇷 187.50.226.182

🇮🇳 103.175.8.51

🇧🇬 78.128.113.22

🇺🇸 2604:a880:400:d1:0:4:9e8a:7001

🇺🇸 2604:a880:400:d1:0:4:9e84:a001

🇨🇭 209.99.188.148

🇨🇳 203.2.164.205

🇫🇮 178.20.210.152

🇹🇭 165.154.119.217

🇹🇭 147.50.231.135

🇷🇺 147.45.48.17