JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.178.124.19

54.178.124.19 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 33%: ?

33%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-54-178-124-19.ap-northeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.178.124.19

Whois 54.178.124.19

IP Abuse Reports for 54.178.124.19:

This IP address has been reported a total of 15 times from 12 distinct sources. 54.178.124.19 was first reported on March 27th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 1cyb3rpunk	2026-06-14 00:40:14 (2 days ago)	Honeypot trap [git_config_leak] on sectrace.org — path: /.git/config stage: recon. Automated scanner ... show more Honeypot trap [git_config_leak] on sectrace.org — path: /.git/config stage: recon. Automated scanner/attacker activity. show less	Port Scan Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 16:53:16 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 54.178.124.19 (ec2-54-178-124-19.ap-northeast-1 ... show more (mod_security) mod_security (id:210492) triggered by 54.178.124.19 (ec2-54-178-124-19.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:53:10.494513 2026] [security2:error] [pid 5702:tid 5707] [client 54.178.124.19:36454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "section64.org.wwwhst.com"] [uri "/.git/config"] [unique_id "ai2K9kcBGeq_mVO9uv2T3wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 loveprod	2026-06-13 15:12:15 (2 days ago)	54.178.124.19 - - [13/Jun/2026:18:12:14 +0300] "GET /.git/config HTTP/1.1" 200 5556 "-" "Mozilla/5.0 ... show more 54.178.124.19 - - [13/Jun/2026:18:12:14 +0300] "GET /.git/config HTTP/1.1" 200 5556 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 54.178.124.19 - - [13/Jun/2026:18:12:14 +0300] "GET /.env HTTP/1.1" 200 5554 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" ... show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-13 15:04:39 (2 days ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 consul.to	2026-06-13 15:03:56 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 raymarron.com	2024-03-28 14:11:53 (2 years ago)	/wp/ /wordpress/ /blog/ /blog/robots.txt /xmlrpc.php?rsd	Web App Attack
Anonymous	2024-03-28 03:12:47 (2 years ago)	(wordpress) Failed wordpress login from 54.178.124.19 (JP/Japan/ec2-54-178-124-19.ap-northeast-1.com ... show more (wordpress) Failed wordpress login from 54.178.124.19 (JP/Japan/ec2-54-178-124-19.ap-northeast-1.compute.amazonaws.com) show less	Brute-Force
🇺🇸 mnsf	2024-03-28 03:04:13 (2 years ago)	Login Too Frequent (6)	Brute-Force Web App Attack
Anonymous	2024-03-28 01:09:45 (2 years ago)	Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096, ... show more Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less	Brute-Force SSH
🇺🇸 jcbriar	2024-03-28 00:10:39 (2 years ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-03-28 00:06:15 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 54.178.124.19 (ec2-54-178-124-19.ap-northeast-1 ... show more (mod_security) mod_security (id:225170) triggered by 54.178.124.19 (ec2-54-178-124-19.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 27 20:06:11.441237 2024] [security2:error] [pid 16216:tid 47606405203712] [client 54.178.124.19:58326] [client 54.178.124.19] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|inal.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "inal.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZgS0c_OlPNVdJB43FSyxPwAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 lindi	2024-03-27 19:43:37 (2 years ago)	54.178.124.19 - - [27/Mar/2024:20:43:35 +0100] "GET /xmlrpc.php?rsd HTTP/1.1" 404 490 "-" "Mozilla/5 ... show more 54.178.124.19 - - [27/Mar/2024:20:43:35 +0100] "GET /xmlrpc.php?rsd HTTP/1.1" 404 490 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0" 54.178.124.19 - - [27/Mar/2024:20:43:36 +0100] "GET /blog/ HTTP/1.1" 404 489 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0" 54.178.124.19 - - [27/Mar/2024:20:43:36 +0100] "GET /wordpress/ HTTP/1.1" 404 489 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0" 54.178.124.19 - - [27/Mar/2024:20:43:37 +0100] "GET /wp/ HTTP/1.1" 404 489 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0" ... show less	Web Spam Brute-Force Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2024-03-27 19:25:34 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 54.178.124.19 (ec2-54-178-124-19.ap-northeast-1 ... show more (mod_security) mod_security (id:225170) triggered by 54.178.124.19 (ec2-54-178-124-19.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 27 15:25:27.724224 2024] [security2:error] [pid 9790] [client 54.178.124.19:62756] [client 54.178.124.19] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|stukabird.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stukabird.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZgRypx0dYSkDh4OhooaNUwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-03-27 19:00:50 (2 years ago)	Unauthorized login attempts [ wordpress-xmlrpc]	Brute-Force Web App Attack
Anonymous	2024-03-27 18:26:09 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.203.190.153

🇲🇴 182.93.50.90

🇮🇳 125.19.163.58

🇳🇱 91.92.40.204

🇷🇴 85.120.229.88

🇺🇸 62.132.18.53

🇭🇰 45.142.154.99

🇮🇩 202.152.201.166

🇩🇪 167.94.146.37

🇺🇸 93.152.208.26

🇮🇹 83.229.8.197

🇳🇱 74.125.181.217

🇸🇬 8.219.104.8

🇮🇷 5.202.169.252

🇺🇸 2604:a940:300:5b6:0:26::

🇺🇿 213.230.64.246

🇨🇳 180.76.244.13

🇮🇩 103.124.196.101

🇮🇳 49.37.103.154

🇬🇧 2a06:4880:2000::35