JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.66.248.198

52.66.248.198 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 16%: ?

16%

ISP	Amazon Data Services India
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-52-66-248-198.ap-south-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.66.248.198

Whois 52.66.248.198

IP Abuse Reports for 52.66.248.198:

This IP address has been reported a total of 9 times from 7 distinct sources. 52.66.248.198 was first reported on November 29th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-13 09:03:38 (2 days ago)	PSCSERV WPSCAN 52.66.248.198	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:51:53 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 52.66.248.198 (ec2-52-66-248-198.ap-south-1.com ... show more (mod_security) mod_security (id:210492) triggered by 52.66.248.198 (ec2-52-66-248-198.ap-south-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:51:47.168904 2026] [security2:error] [pid 6160:tid 6160] [client 52.66.248.198:47216] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "my-pitch.org"] [uri "/.git/config"] [unique_id "ai0aI-sYDSuCNFUJVXwW3wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-29 22:07:34 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
🇩🇪 Mr-Money	2025-11-29 19:40:16 (6 months ago)	scenario: crowdsecurity/http-sensitive-files - events: 5	Hacking Web App Attack
🇺🇸 xmission.com	2025-11-29 19:28:38 (6 months ago)	Blocked by UFW (TCP on 443) Source port: 49476 TTL: 45 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 443) Source port: 49476 TTL: 45 Packet length: 60 TOS: 0x08 This report (for 52.66.248.198) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 19:22:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 52.66.248.198 (ec2-52-66-248-198.ap-south-1.com ... show more (mod_security) mod_security (id:210492) triggered by 52.66.248.198 (ec2-52-66-248-198.ap-south-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 14:22:13.693600 2025] [security2:error] [pid 17051:tid 17051] [client 52.66.248.198:60462] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "imjustsayin.yeswedeliver.org"] [uri "/.git/config"] [unique_id "aStH5ULbpnwgko0YgZdXOwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 R.G.	2025-11-29 13:53:48 (6 months ago)	(ScanningForFiles) Scanning for files triggerd 52.66.248.198 (IN/India/ec2-52-66-248-198.ap-south-1. ... show more (ScanningForFiles) Scanning for files triggerd 52.66.248.198 (IN/India/ec2-52-66-248-198.ap-south-1.compute.amazonaws.com): 10 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 12:31:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 52.66.248.198 (ec2-52-66-248-198.ap-south-1.com ... show more (mod_security) mod_security (id:210492) triggered by 52.66.248.198 (ec2-52-66-248-198.ap-south-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 07:31:15.577423 2025] [security2:error] [pid 16736:tid 16736] [client 52.66.248.198:43076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "imc23.net.independentmusicconference.com"] [uri "/.git/config"] [unique_id "aSrnk43QkawsIHXp7L_r9wAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-29 12:09:42 (6 months ago)	Multiple web server 400 error codes from same source ip	Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 182.8.99.48

🇲🇦 197.153.57.103

🇪🇸 192.210.155.164

🇮🇩 182.10.131.218

🇹🇷 176.236.199.69

🇭🇰 156.251.179.157

🇹🇭 147.50.231.135

🇨🇳 122.7.21.126

🇮🇳 117.200.81.72

🇮🇳 110.225.227.173

🇵🇰 103.174.207.127

🇮🇳 103.27.10.134

🇩🇪 69.5.169.224

🇲🇾 47.254.193.63

🇳🇱 45.148.10.151

🇩🇿 41.111.178.165

🇧🇪 34.77.59.85

🇭🇰 23.91.97.170

🇺🇸 20.168.122.17

🇵🇪 190.236.8.132