JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.79.135.109

52.79.135.109 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	AWS Asia Pacific (Seoul) Region
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-52-79-135-109.ap-northeast-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇰🇷 Korea (the Republic of)
City	Incheon, Incheon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.79.135.109

Whois 52.79.135.109

IP Abuse Reports for 52.79.135.109:

This IP address has been reported a total of 10 times from 8 distinct sources. 52.79.135.109 was first reported on November 14th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Douglas Jorge	2026-05-26 23:32:26 (2 weeks ago)	WARNING:watchdog:SECEVENT_F2B type=CLIENT_TOKEN_MISSING sev=ALERT ip=52.79.135.109 path=/ detail=hea ... show more WARNING:watchdog:SECEVENT_F2B type=CLIENT_TOKEN_MISSING sev=ALERT ip=52.79.135.109 path=/ detail=header ausente WARNING:watchdog:SECEVENT_F2B type=CLIENT_TOKEN_MISSING sev=ALERT ip=52.79.135.109 path=/ detail=header ausente WARNING:watchdog:SECEVENT_F2B type=CLIENT_TOKEN_MISSING sev=ALERT ip=52.79.135.109 path=/ detail=header ausente WARNING:watchdog:SECEVENT_F2B type=CLIENT_TOKEN_MISSING sev=ALERT ip=52.79.135.109 path=/ detail=header ausente WARNING:watchdog:SECEVENT_F2B type=CLIENT_TOKEN_MISSING sev=ALERT ip=52.79.135.109 path=/.git-credentials detail=header ausente ... show less	Brute-Force Web App Attack
Anonymous	2025-12-15 08:28:34 (5 months ago)	Blocked: Reason='Auto-block via DW'; Requests=0	Hacking
🇧🇪 cmbplf	2025-11-16 14:23:12 (6 months ago)	411 requests with url.path .env 274 requests with url.path phpinfo.php	Brute-Force Bad Web Bot
🇫🇷 masterguru	2025-11-16 06:52:06 (6 months ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇪🇸 robotstxt	2025-11-16 04:29:23 (6 months ago)	52.79.135.109 - - [16/Nov/2025:04:29:03 +0000] "GET /cgi-bin/phpinfo.php.save HTTP/1.1" 404 11724 "- ... show more 52.79.135.109 - - [16/Nov/2025:04:29:03 +0000] "GET /cgi-bin/phpinfo.php.save HTTP/1.1" 404 11724 "-" rt="0.901" "python-httpx/0.24.1" "-" h="smtp-ms.wpfuturo.com" sn="smtp-ms.wpfuturo.com" ru="/cgi-bin/phpinfo.php.save" u="/index.php" ucs="-" ua="unix:/var/run/php/smtpms84.sock" us="404" uct="0.000" urt="0.901" 52.79.135.109 - - [16/Nov/2025:04:29:04 +0000] "GET /cgi-bin/phpinfo.php HTTP/1.1" 404 11724 "-" rt="1.706" "python-httpx/0.24.1" "-" h="smtp-ms.wpfuturo.com" sn="smtp-ms.wpfuturo.com" ru="/cgi-bin/phpinfo.php" u="/index.php" ucs="-" ua="unix:/var/run/php/smtpms84.sock" us="404" uct="0.000" urt="1.706" 52.79.135.109 - - [16/Nov/2025:04:29:04 +0000] "GET /cgi-bin/info.php HTTP/1.1" 404 11724 "-" rt="1.776" "python-httpx/0.24.1" "-" h="smtp-ms.wpfuturo.com" sn="smtp-ms.wpfuturo.com" ru="/cgi-bin/info.php" u="/index.php" ucs="-" ua="unix:/var/run/php/smtpms84.sock" us="404" uct="0.000" urt="1.776" 52.79.135.109 - - [16/Nov/2025:04:29:06 +0000] "GET /cgi-bin/info.php.save HTTP/1.1" ... show less	Bad Web Bot
Anonymous	2025-11-16 04:16:19 (6 months ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-15 23:03:41 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-14. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-15 03:46:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 52.79.135.109 (ec2-52-79-135-109.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 52.79.135.109 (ec2-52-79-135-109.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 22:46:00.614719 2025] [security2:error] [pid 28749:tid 28749] [client 52.79.135.109:47450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aircomfort.sophcomp.com"] [uri "/.git/config"] [unique_id "aRf3eOq6JtDIYSEAz4P2dAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 20:24:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 52.79.135.109 (ec2-52-79-135-109.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 52.79.135.109 (ec2-52-79-135-109.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 15:24:52.395092 2025] [security2:error] [pid 1756198:tid 1756212] [client 52.79.135.109:39948] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.charteredaccountant.us.aafm.us"] [uri "/.git/config"] [unique_id "aReQFGlABZgQPuI8HLroaQAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 16:28:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 52.79.135.109 (ec2-52-79-135-109.ap-northeast-2 ... show more (mod_security) mod_security (id:210492) triggered by 52.79.135.109 (ec2-52-79-135-109.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 11:28:32.519672 2025] [security2:error] [pid 30797:tid 30797] [client 52.79.135.109:58362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alianzaplayaelangel.turedinmobiliaria.com"] [uri "/.git/config"] [unique_id "aRdYsDqAmuJHHejjN1oWDQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.19

🇺🇸 147.185.132.242

🇯🇵 45.43.60.220

🇨🇳 14.205.104.200

🇬🇧 193.176.29.6

🇭🇰 172.253.4.17

🇮🇩 157.20.207.165

🇳🇱 138.226.239.11

🇹🇼 128.14.226.125

🇸🇬 103.187.146.33

🇸🇦 82.197.58.135

🇬🇧 35.203.211.220

🇻🇳 14.229.168.120

🇹🇭 1.20.140.252

🇨🇳 218.25.89.208

🇬🇧 198.244.168.146

🇲🇽 187.170.62.175

🇮🇳 139.59.30.229

🇨🇭 104.244.74.201

🇺🇸 66.132.195.27