JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.87.168.165

52.87.168.165 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-52-87-168-165.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.87.168.165

Whois 52.87.168.165

IP Abuse Reports for 52.87.168.165:

This IP address has been reported a total of 14 times from 11 distinct sources. 52.87.168.165 was first reported on September 20th 2025, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2025-09-24 02:48:54 (8 months ago)	Multiple WAF Violations	Web App Attack
🇨🇭 zynex	2025-09-24 02:38:00 (8 months ago)	URL Probing: /config/.env	Web App Attack
🇧🇪 voormedia	2025-09-24 02:23:30 (8 months ago)	Accessed trap at '/.env'	Web App Attack
🇸🇦 manaftam	2025-09-21 10:56:00 (9 months ago)	attempt to view hidden files Directory traversal attack attempt to access webserver files	Web App Attack
🇳🇱 BlueWire Hosting	2025-09-21 04:10:10 (9 months ago)	Scanning for Laravel vulnerabilities	Web App Attack
🇨🇭 zynex	2025-09-20 22:35:36 (9 months ago)	URL Probing: /api/.env	Web App Attack
🇧🇪 voormedia	2025-09-20 20:12:51 (9 months ago)	Accessed trap at '/.env'	Web App Attack
🇫🇷 dynamix	2025-09-20 19:22:30 (9 months ago)	Multiple WAF Violations	Web App Attack
🇧🇪 cmbplf	2025-09-20 16:33:21 (9 months ago)	181 requests with url.path *.env	Brute-Force Bad Web Bot
🇩🇪 FeG Deutschland	2025-09-20 11:57:57 (9 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 mnsf	2025-09-20 10:05:18 (9 months ago)	Too many Status 40X (11) Too many Status 50X (13)	Brute-Force Web App Attack
🇺🇸 Ghost Rider	2025-09-20 09:13:55 (9 months ago)	RdpGuard detected brute-force attempt on RDP	Brute-Force
🇮🇩 Burayot	2025-09-20 08:28:45 (9 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 52.87.168.165 (US/United States/ec2- ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 52.87.168.165 (US/United States/ec2-52-87-168-165.compute-1.amazonaws.com): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-09-20 07:03:04 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 52.87.168.165 (ec2-52-87-168-165.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.87.168.165 (ec2-52-87-168-165.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 20 03:02:59.091468 2025] [security2:error] [pid 17470:tid 17470] [client 52.87.168.165:64254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laboquimia.es"] [uri "/.env"] [unique_id "aM5Ro0nW9S7uoyMnA0nYfAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.178.66.81

🇺🇸 157.230.129.112

🇳🇱 91.92.40.7

🇫🇷 85.217.140.19

🇺🇸 70.89.116.5

🇻🇳 58.186.20.143

🇨🇳 39.107.136.130

🇮🇳 192.178.65.94

🇹🇼 111.70.23.251

🇰🇷 110.14.190.221

🇧🇩 103.16.73.163

🇨🇳 101.96.198.153

🇫🇷 85.217.140.11

🇰🇷 59.22.201.143

🇩🇪 167.94.145.20

🇺🇸 164.92.114.247

🇸🇬 103.187.147.214

🇺🇸 66.132.224.28

🇺🇸 50.28.2.153

🇨🇳 223.97.193.142