JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.221.228.246

52.221.228.246 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.221.228.246

Whois 52.221.228.246

IP Abuse Reports for 52.221.228.246:

This IP address has been reported a total of 16 times from 8 distinct sources. 52.221.228.246 was first reported on August 8th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-08-10 08:15:56 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-08-10 01:29:56 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 21:29:49.943929 2024] [security2:error] [pid 2563:tid 2563] [client 52.221.228.246:53072] [client 52.221.228.246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 128.127.104.80 (1+1 hits since last alert)\|www.rochesterhistorical.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rochesterhistorical.org"] [uri "/xmlrpc.php"] [unique_id "ZrbCjTK-rYHHWUCOGT5rNwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 22:36:59 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 18:36:53.822880 2024] [security2:error] [pid 29146:tid 29146] [client 52.221.228.246:39332] [client 52.221.228.246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.104.184.43 (0+1 hits since last alert)\|www.puckerbackbikini.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.puckerbackbikini.com"] [uri "/xmlrpc.php"] [unique_id "ZraaBRlzhSsnY0XDHhYb8wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 10:28:05 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 06:28:00.297987 2024] [security2:error] [pid 15622:tid 15622] [client 52.221.228.246:57442] [client 52.221.228.246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.228.246 (+1 hits since last alert)\|www.pleaseaddbacon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.pleaseaddbacon.com"] [uri "/xmlrpc.php"] [unique_id "ZrXvMGZ7sBYTqeyx1VZJnwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 oncord	2024-08-09 09:53:17 (1 year ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2024-08-09 09:43:27 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 05:43:22.317121 2024] [security2:error] [pid 13706:tid 13706] [client 52.221.228.246:42382] [client 52.221.228.246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.228.246 (+1 hits since last alert)\|www.hotpay.co\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.hotpay.co"] [uri "/xmlrpc.php"] [unique_id "ZrXkuijJMkOORemqdH_9JAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-08-09 07:46:24 (1 year ago)	52.221.228.246 - - [09/Aug/2024:09:46:24 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 52.221.228.246 - - [09/Aug/2024:09:46:24 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇳🇱 applemooz	2024-08-09 07:37:40 (1 year ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2024-08-09 04:47:34 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-08-09 00:50:02 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 20:49:58.405060 2024] [security2:error] [pid 22124:tid 22124] [client 52.221.228.246:43462] [client 52.221.228.246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.228.246 (+1 hits since last alert)\|www.communiongatherings.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.communiongatherings.com"] [uri "/xmlrpc.php"] [unique_id "ZrVntlQ6ZsZGXyrXGBmRVQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-08 23:06:36 (1 year ago)	joshuajohannes.de 52.221.228.246 [09/Aug/2024:01:06:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4287 " ... show more joshuajohannes.de 52.221.228.246 [09/Aug/2024:01:06:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4287 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" joshuajohannes.de 52.221.228.246 [09/Aug/2024:01:06:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4287 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" show less	Web App Attack
🇫🇮 bittiguru.fi	2024-08-08 17:28:29 (1 year ago)	52.221.228.246 - [08/Aug/2024:20:28:25 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 ( ... show more 52.221.228.246 - [08/Aug/2024:20:28:25 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" "1.86" 52.221.228.246 - [08/Aug/2024:20:28:29 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" "1.86" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-08-08 16:28:36 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 12:28:28.364746 2024] [security2:error] [pid 5768:tid 5777] [client 52.221.228.246:45358] [client 52.221.228.246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.228.246 (+1 hits since last alert)\|www.killasgarage.bike\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.killasgarage.bike"] [uri "/xmlrpc.php"] [unique_id "ZrTyLEK3vXWiFcQMU0QlzwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-08 12:05:52 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.228.246 (ec2-52-221-228-246.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 08:05:45.950047 2024] [security2:error] [pid 968431:tid 968431] [client 52.221.228.246:46740] [client 52.221.228.246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.228.246 (+1 hits since last alert)\|meganmurph.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "meganmurph.com"] [uri "/xmlrpc.php"] [unique_id "ZrS0mV1OVj4uFkfJU4isHQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2024-08-08 09:23:39 (1 year ago)	719 requests to */xmlrpc.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 2602:fb54:674::

🇺🇸 216.25.89.68

🇳🇱 204.76.203.219

🇿🇼 197.221.255.28

🇵🇱 194.180.48.148

🇬🇧 147.148.205.252

🇻🇳 123.58.198.35

🇺🇸 65.49.1.20

🇳🇱 185.246.188.73

🇮🇳 125.21.59.218

🇮🇳 103.211.54.244

🇮🇩 103.175.215.253

🇫🇷 80.9.54.71

🇺🇸 76.79.213.69

🇰🇷 61.72.55.130

🇺🇸 45.156.129.97

🇶🇦 34.153.65.86

🇶🇦 34.18.62.244

🇷🇴 193.46.255.86

🇲🇽 189.216.142.179