JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.145.82.93

54.145.82.93 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-145-82-93.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.145.82.93

Whois 54.145.82.93

IP Abuse Reports for 54.145.82.93:

This IP address has been reported a total of 9 times from 7 distinct sources. 54.145.82.93 was first reported on May 22nd 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Linuxmalwarehuntingnl	2024-07-02 07:03:53 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇹🇼 光盾	2024-05-30 09:27:00 (2 years ago)	URI bruteforce	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-05-28 19:51:38 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 54.145.82.93 (ec2-54-145-82-93.compute-1.amazon ... show more (mod_security) mod_security (id:210730) triggered by 54.145.82.93 (ec2-54-145-82-93.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 15:51:33.198851 2024] [security2:error] [pid 22908] [client 54.145.82.93:46890] [client 54.145.82.93] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|film-safe.net\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "film-safe.net"] [uri "/config/settings.ini"] [unique_id "ZlY1xZCSYgfXqcHiZZb0XAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-05-28 07:58:48 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 54.145.82.93 (ec2-54-145-82-93.compute-1.amazon ... show more (mod_security) mod_security (id:210730) triggered by 54.145.82.93 (ec2-54-145-82-93.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 03:58:44.905144 2024] [security2:error] [pid 6236] [client 54.145.82.93:35246] [client 54.145.82.93] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.mooseled.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mooseled.com"] [uri "/config/settings.ini"] [unique_id "ZlWOtB06npIbKXBwn291ogAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-05-28 07:22:39 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
Anonymous	2024-05-28 04:09:34 (2 years ago)	Bot / scanning and/or hacking attempts: GET /.env.test HTTP/1.1, GET /.envs HTTP/1.1, GET /.rbenv-ve ... show more Bot / scanning and/or hacking attempts: GET /.env.test HTTP/1.1, GET /.envs HTTP/1.1, GET /.rbenv-version HTTP/1.1, done, streams: 0/6/6/0/0 (open/recv/resp/push/rst), GET /.env.sample HTTP/1.1, GET /.env-sample HTTP/1.1, GET /env.json HTTP/1.1, GET /.env_bak HTTP/1.1, GET /.env.docker.dev HTTP/1.1, GET /.env.php HTTP/1.1, GET /.env.backup HTTP/1.1, GET /.env.prod HTTP/1.1, GET /.env.prod.local HTTP/1.1, done, streams: 0/1/1/0/0 (open/recv/resp/push/rst), GET /.env.development.sample HTTP/1.1, GET /.zshenv HTTP/1.1, GET /environment.ts HTTP/1.1, GET /.env_old HTTP/1.1, GET /.env.dev.local HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-05-27 14:27:07 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 54.145.82.93 (ec2-54-145-82-93.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 54.145.82.93 (ec2-54-145-82-93.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 27 10:27:00.503655 2024] [security2:error] [pid 31792] [client 54.145.82.93:55502] [client 54.145.82.93] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livingwaterresortandspa.com"] [uri "/.env.bak"] [unique_id "ZlSYNI5_k1sgGdQZxbdsngAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-05-22 14:00:22 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇧🇪 cmbplf	2024-05-22 13:22:27 (2 years ago)	554 requests to /.git/config	Brute-Force Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.166

🇬🇧 193.32.209.226

🇺🇸 138.68.243.18

🇮🇩 118.99.81.226

🇺🇸 98.92.36.234

🇹🇷 94.154.43.36

🇮🇹 93.38.41.60

🇩🇪 92.246.91.98

🇬🇧 91.230.225.239

🇫🇷 85.217.140.1

🇧🇬 79.124.62.230

🇺🇸 67.83.153.142

🇧🇪 34.140.175.187

🇻🇳 27.73.52.178

🇬🇧 2a06:4882:1000::9

🇮🇹 205.147.30.1

🇰🇷 125.138.175.113

🇩🇪 92.246.91.92

🇳🇱 91.92.40.7

🇸🇬 47.82.11.87