JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.150.5.148

54.150.5.148 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-54-150-5-148.ap-northeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.150.5.148

Whois 54.150.5.148

IP Abuse Reports for 54.150.5.148:

This IP address has been reported a total of 43 times from 30 distinct sources. 54.150.5.148 was first reported on June 12th 2026, and the most recent report was 9 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 06:10:44 (9 minutes ago)	(mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.c ... show more (mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:10:37.501066 2026] [security2:error] [pid 13783:tid 13783] [client 54.150.5.148:36962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|applemaccomputerconsulting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "applemaccomputerconsulting.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ai5F3dUlEPBcHae25ZOb0QAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:50:34 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.c ... show more (mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:50:28.035875 2026] [security2:error] [pid 23163:tid 23163] [client 54.150.5.148:48522] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rdhtrucking.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rdhtrucking.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ai4zFPrP0YzC8bExdry_ogAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-06-14 04:06:18 (2 hours ago)	Honeypot access: WordPress admin access attempt. Path: /wp-login.php	Brute-Force Web App Attack
🇺🇸 Mundo Bueno	2026-06-14 02:26:19 (3 hours ago)	[ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: JP \| UA: Mozilla/5.0 (Windows NT 10. ... show more [ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: JP \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/ show less	Hacking Web App Attack
🇩🇪 LRob.fr	2026-06-14 01:30:06 (4 hours ago)	Repeated 503 errors, blocked by Fail2Ban in custom-503 jail	Bad Web Bot Web App Attack
🇺🇸 TAY	2026-06-13 23:50:43 (6 hours ago)	54.150.5.148 - - [14/Jun/2026:07:42:15 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6295 "-" "Mozilla/5.0 ... show more 54.150.5.148 - - [14/Jun/2026:07:42:15 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6295 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 54.150.5.148 - - [14/Jun/2026:07:43:13 +0800] "POST /wp-login.php HTTP/1.1" 200 2675 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 54.150.5.148 - - [14/Jun/2026:07:50:42 +0800] "POST /wp-login.php HTTP/1.1" 200 2979 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 xmission.com	2026-06-13 22:18:50 (8 hours ago)	54.150.5.148 - - [13/Jun/2026:16:18:50 -0600] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 ( ... show more 54.150.5.148 - - [13/Jun/2026:16:18:50 -0600] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" ... show less	Web App Attack
🇫🇷 tecnicorioja	2026-06-13 22:01:15 (8 hours ago)	wp-login attack [13/Jun/2026:14:04:49	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-13 20:15:02 (10 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇲🇹 Malta	2026-06-13 19:23:22 (10 hours ago)	54.150.5.148 - - [13/Jun/2026:21:23:22 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT 1 ... show more 54.150.5.148 - - [13/Jun/2026:21:23:22 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
Anonymous	2026-06-13 18:31:52 (11 hours ago)	WordPress Brute Force	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 17:26:38 (12 hours ago)	(mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.c ... show more (mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 13:26:31.897005 2026] [security2:error] [pid 20390:tid 20390] [client 54.150.5.148:58554] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|renjunews.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "renjunews.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ai2Sx1cdR5onnY67g2PDqAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 17:02:34 (13 hours ago)	(mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.c ... show more (mod_security) mod_security (id:225170) triggered by 54.150.5.148 (ec2-54-150-5-148.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 13:02:26.725065 2026] [security2:error] [pid 18912:tid 18912] [client 54.150.5.148:57564] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|paguilar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "paguilar.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ai2NIiuhsYLZmRc2jjsQwwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 dtorrer	2026-06-13 17:02:16 (13 hours ago)	Brute-force general attack.	Brute-Force
🇩🇪 nyt	2026-06-13 16:22:45 (13 hours ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇴 182.93.7.194

🇮🇳 168.144.113.21

🇫🇮 147.185.133.59

🇺🇸 66.132.186.224

🇨🇳 61.140.25.54

🇮🇩 38.46.214.137

🇳🇱 34.91.255.174

🇳🇱 204.76.203.15

🇬🇧 193.163.125.83

🇦🇷 181.167.106.40

🇦🇷 179.60.155.72

🇺🇸 172.234.199.190

🇺🇸 172.90.128.97

🇷🇴 80.94.92.166

🇳🇱 45.156.128.104

🇹🇼 35.221.175.92

🇩🇪 34.107.1.126

🇳🇱 192.253.248.169

🇲🇽 189.219.66.67

🇧🇷 187.45.95.66