AbuseIPDB » 52.28.16.197

52.28.16.197 was found in our database!

This IP was reported 260 times. Confidence of Abuse is 100%: ?

100%
ISP A100 ROW GmbH
Usage Type Data Center/Web Hosting/Transit
ASN AS16509
Hostname(s) ec2-52-28-16-197.eu-central-1.compute.amazonaws.com
Domain Name amazon.com
Country ๐Ÿ‡ฉ๐Ÿ‡ช Germany
City Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.28.16.197
Whois 52.28.16.197

IP Abuse Reports for 52.28.16.197:

This IP address has been reported a total of 260 times from 165 distinct sources. 52.28.16.197 was first reported on , and the most recent report was .

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter IoA Timestamp (UTC) Comment Categories
๐Ÿ‡ฌ๐Ÿ‡ง openstrike.co.uk
39 attacks on env grabbing URLs: GET /.env HTTP/1.1
Hacking
๐Ÿ‡ท๐Ÿ‡บ DZBOT
DZBOT: Website Scanning / Scraping
Bad Web Bot Exploited Host Web App Attack
๐Ÿ‡ฌ๐Ÿ‡ง Axel
Web App Attack Hacking SQL Injection
๐Ÿ‡ฌ๐Ÿ‡ง thetomtaylor.co.uk
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa01]
Hacking Brute-Force Bad Web Bot Web App Attack
๐Ÿ‡ธ๐Ÿ‡ฌ serverutama
Web App Attack Bad Web Bot
๐Ÿ‡บ๐Ÿ‡ธ almazick
Fail2Ban jail window on srv1.windowrepair.us banned 52.28.16.197 after 1 attempts
Bad Web Bot Web App Attack
๐Ÿ‡ซ๐Ÿ‡ท alpha
Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (honeypot decoy)
Bad Web Bot Web App Attack
๐Ÿ‡บ๐Ÿ‡ธ conrad10781
nginx-dot-env
Web App Attack
๐Ÿ‡บ๐Ÿ‡ธ mnsf
Abuse Detected (1)
Brute-Force Web App Attack
๐Ÿ‡ฌ๐Ÿ‡ง thetomtaylor.co.uk
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa02]
Hacking Brute-Force Bad Web Bot Web App Attack
๐Ÿ‡ฌ๐Ÿ‡ง andypiper
CrowdSec ban for AbuseIPDB Top List
Brute-Force Web App Attack
๐Ÿ‡ซ๐Ÿ‡ฎ Christopher Hughes
.env scan
Web App Attack
๐Ÿ‡ฎ๐Ÿ‡ช Jim Keir
2026-06-03 00:33:12 52.28.16.197 File scanning, blocking 52.28.16.197 for 5 minutes
Web App Attack
๐Ÿ‡ฌ๐Ÿ‡ง Mendip_Defender
Brute-Force
๐Ÿ‡ฌ๐Ÿ‡ง seniorlinuxadmin
52.28.16.197 - - [03/Jun/2026:01:23:50 +0100] "GET /.env HTTP/1.1" 403 158 "-" "Python-urllib/3.13"
Port Scan Web App Attack

Showing 1 to 15 of 260 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown ๐Ÿšฉ

Recently Reported IPs:

๐Ÿ‡บ๐Ÿ‡ธ 2607:f8b0:4001:c0b::129
๐Ÿ‡จ๐Ÿ‡ณ 203.83.234.180
๐Ÿ‡ธ๐Ÿ‡ฌ 165.232.169.124
๐Ÿ‡บ๐Ÿ‡ธ 147.185.132.249
๐Ÿ‡ฉ๐Ÿ‡ช 134.122.93.157
๐Ÿ‡จ๐Ÿ‡ณ 120.193.9.167
๐Ÿ‡จ๐Ÿ‡ณ 111.36.57.69
๐Ÿ‡จ๐Ÿ‡ณ 110.177.179.14
๐Ÿ‡บ๐Ÿ‡ธ 91.230.168.255
๐Ÿ‡บ๐Ÿ‡ธ 91.230.168.121
๐Ÿ‡ฑ๐Ÿ‡น 77.90.185.16
๐Ÿ‡จ๐Ÿ‡ณ 47.92.224.5
๐Ÿ‡บ๐Ÿ‡ธ 40.83.182.122
๐Ÿ‡จ๐Ÿ‡ณ 39.98.33.154
๐Ÿ‡ธ๐Ÿ‡ฌ 15.235.235.67
๐Ÿ‡ฎ๐Ÿ‡ณ 223.187.84.109
๐Ÿ‡ฐ๐Ÿ‡ท 211.37.174.180
๐Ÿ‡บ๐Ÿ‡ธ 205.210.31.59
๐Ÿ‡ฎ๐Ÿ‡ถ 185.187.78.207
๐Ÿ‡บ๐Ÿ‡ธ 107.173.158.29