JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.163.64.172

54.163.64.172 was found in our database!

This IP was reported 120 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-163-64-172.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.163.64.172

Whois 54.163.64.172

IP Abuse Reports for 54.163.64.172:

This IP address has been reported a total of 120 times from 90 distinct sources. 54.163.64.172 was first reported on May 28th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-10 10:36:33 (1 week ago)	tcp/8443 (282 or more attempts)	Port Scan
🇺🇸 itsnixk	2026-06-10 08:35:03 (2 weeks ago)	(mod_security) mod_security (id:920350) triggered by 54.163.64.172 (US/United States/ec2-54-163-64-1 ... show more (mod_security) mod_security (id:920350) triggered by 54.163.64.172 (US/United States/ec2-54-163-64-172.compute-1.amazonaws.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 10 04:35:00.969599 2026] [security2:error] [pid 150738:tid 151176] [client 54.163.64.172:55166] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/favicon.ico"] [unique_id "aikhtEkpmOlnr36RugMPqQAAAWY"] show less	Port Scan
Anonymous	2026-06-10 05:59:06 (2 weeks ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host
🇩🇪 femboy.cat	2026-06-10 01:32:36 (2 weeks ago)	Port scan to tcp/11443 from 54.163.64.172	Brute-Force
🇩🇪 marcel-knorr.de	2026-06-10 00:18:38 (2 weeks ago)	[MK-Root1] Blocked by UFW	Brute-Force Port Scan
🇩🇪 kexol	2026-06-09 20:58:46 (2 weeks ago)	8443 port scanned	Port Scan
🇩🇪 anycast_ac	2026-06-09 20:57:45 (2 weeks ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8443 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8443 (generic). Commands captured: $ show less	DDoS Attack IoT Targeted Brute-Force
🇳🇱 StopAbuse	2026-06-09 20:26:08 (2 weeks ago)	tcp/80	Port Scan
🇵🇱 sefinek.net	2026-06-09 20:03:26 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 1224 GET / User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) ... show more Honeypot hit: HTTP/1.1 request on 1224 GET / User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Accept: / Accept-Encoding: gzip; 1224 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇺🇸 Choice Tech LLC	2026-06-09 19:10:09 (2 weeks ago)	Blocked by OPNsense firewall; 3 hits, proto=tcp, ports=8443	Port Scan Hacking
🇺🇸 sandap1	2026-06-09 16:20:06 (2 weeks ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp, ports=9200,src_ip=54.163.64.172	Port Scan Hacking
🇩🇪 Justin F. \| AS204464	2026-06-09 12:34:34 (2 weeks ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (243 bytes of payload); 3232 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (243 bytes of payload); 3232 [1] TCP Reported by: Justin F. show less	Port Scan
🇩🇪 Admins@FBN	2026-06-09 08:04:34 (2 weeks ago)	FW-PortScan: Traffic Blocked srcport=45394 dstport=9200	Port Scan
🇩🇪 Honeypot-EU-Fru	2026-06-09 06:37:07 (2 weeks ago)	1780987025 - 06/09/2026 08:37:05 Host: 54.163.64.172/54.163.64.172 Port: 31337 TCP Blocked ...	Port Scan
🇯🇵 Kinsei Engineering Inc.	2026-06-09 03:46:52 (2 weeks ago)	UFW:High-frequency access to non-released ports used by software with known vulnerabilities.	Port Scan

Showing 1 to 15 of 120 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.224.128.16

🇨🇳 124.88.113.187

🇳🇱 45.148.10.157

🇺🇸 43.130.101.151

🇺🇸 20.65.193.129

🇸🇬 15.235.206.118

🇬🇧 2a06:4880:6000::7b

🇮🇳 210.79.148.255

🇩🇪 167.94.146.39

🇸🇬 167.71.213.48

🇵🇱 151.115.48.199

🇨🇳 120.85.182.216

🇸🇬 114.119.128.102

🇸🇬 89.187.163.213

🇬🇧 35.203.210.152

🇺🇸 216.25.89.68

🇳🇱 185.223.235.19

🇨🇦 170.9.40.164

🇮🇩 163.7.9.84

🇯🇵 124.155.125.131