JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.221.244.218

52.221.244.218 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	Amazon Data Services Singapore
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.221.244.218

Whois 52.221.244.218

IP Abuse Reports for 52.221.244.218:

This IP address has been reported a total of 14 times from 6 distinct sources. 52.221.244.218 was first reported on August 8th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-08-09 22:42:00 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 18:41:55.291369 2024] [security2:error] [pid 31910:tid 31910] [client 52.221.244.218:51234] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.104.184.43 (0+1 hits since last alert)\|www.puckerbackbikini.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.puckerbackbikini.com"] [uri "/xmlrpc.php"] [unique_id "ZrabMwUkT64IdA4guKhA8QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 18:37:09 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 14:37:05.014571 2024] [security2:error] [pid 1647:tid 1647] [client 52.221.244.218:33670] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.244.218 (+1 hits since last alert)\|www.doctoredwinalvarez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.doctoredwinalvarez.com"] [uri "/xmlrpc.php"] [unique_id "ZrZh0d0P-6VMdyRPGnaktgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 16:11:04 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 12:10:59.303754 2024] [security2:error] [pid 29974:tid 29974] [client 52.221.244.218:57062] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.244.218 (+1 hits since last alert)\|www.j3pr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.j3pr.com"] [uri "/xmlrpc.php"] [unique_id "ZrY_k5YqAa95HFVvH5JV5gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2024-08-09 15:49:02 (1 year ago)	Looking for CMS/PHP/SQL vulnerablilities - 13	Exploited Host Web App Attack
Anonymous	2024-08-09 10:25:16 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 MAGIC	2024-08-09 10:07:15 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇮 bittiguru.fi	2024-08-09 06:10:14 (1 year ago)	52.221.244.218 - [09/Aug/2024:09:10:11 +0300] "POST /xmlrpc.php HTTP/1.1" 200 260 "-" "Mozilla/5.0 ( ... show more 52.221.244.218 - [09/Aug/2024:09:10:11 +0300] "POST /xmlrpc.php HTTP/1.1" 200 260 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" "1.84" 52.221.244.218 - [09/Aug/2024:09:10:14 +0300] "POST /xmlrpc.php HTTP/1.1" 200 260 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" "1.84" ... show less	Hacking Brute-Force Web App Attack
🇲🇹 Malta	2024-08-09 05:32:57 (1 year ago)	52.221.244.218 - - [09/Aug/2024:07:32:57 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 52.221.244.218 - - [09/Aug/2024:07:32:57 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 04:33:15 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 00:33:06.718393 2024] [security2:error] [pid 8232:tid 8232] [client 52.221.244.218:56656] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.244.218 (+1 hits since last alert)\|www.495metro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.495metro.com"] [uri "/xmlrpc.php"] [unique_id "ZrWcAtwgzLv1DCCCj_5dAAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 00:19:48 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 20:19:44.693493 2024] [security2:error] [pid 17094:tid 17106] [client 52.221.244.218:36372] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.244.218 (+1 hits since last alert)\|www.wnsi.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.wnsi.org"] [uri "/xmlrpc.php"] [unique_id "ZrVgoOt6-GlyTVJ5XlFSNgAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-08 18:36:41 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 14:36:36.230596 2024] [security2:error] [pid 1178:tid 1178] [client 52.221.244.218:33036] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.244.218 (+1 hits since last alert)\|www.teamweurding.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.teamweurding.com"] [uri "/xmlrpc.php"] [unique_id "ZrUQNLr-Aw-BnrvWbTjdWwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-08 14:53:56 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 10:53:47.958864 2024] [security2:error] [pid 25749:tid 25749] [client 52.221.244.218:36440] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.244.218 (+1 hits since last alert)\|www.ideaofauniversity.website\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.ideaofauniversity.website"] [uri "/xmlrpc.php"] [unique_id "ZrTb-_hLgb_BSES8fkz4TgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-08 07:07:56 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast ... show more (mod_security) mod_security (id:240335) triggered by 52.221.244.218 (ec2-52-221-244-218.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 03:07:49.370268 2024] [security2:error] [pid 1210:tid 1231] [client 52.221.244.218:58234] [client 52.221.244.218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.221.244.218 (+1 hits since last alert)\|www.vancekelly.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.vancekelly.com"] [uri "/xmlrpc.php"] [unique_id "ZrRuxcxCvUv2yIvOvR1fvQAAANI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-08 05:11:10 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.116.247.145

🇺🇸 161.35.232.200

🇺🇸 156.232.13.218

🇮🇳 45.120.124.76

🇬🇭 41.139.0.127

🇬🇧 35.203.210.70

🇺🇸 20.118.24.61

🇯🇵 20.63.218.49

🇮🇳 122.187.173.10

🇺🇸 109.105.210.84

🇩🇪 84.170.14.18

🇫🇮 80.66.83.80

🇺🇸 34.169.212.188

🇫🇷 13.140.180.48

🇮🇹 185.197.8.203

🇮🇩 182.253.156.184

🇫🇮 147.185.133.137

🇺🇸 142.4.31.180

🇨🇳 113.214.18.234

🇷🇺 94.159.44.234