JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.180.143.185

54.180.143.185 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 21%: ?

21%

ISP	AWS Asia Pacific (Seoul) Region
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-54-180-143-185.ap-northeast-2.compute.amazonaws.com
Domain Name	amazon.com
Country	🇰🇷 Korea (the Republic of)
City	Incheon, Incheon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.180.143.185

Whois 54.180.143.185

IP Abuse Reports for 54.180.143.185:

This IP address has been reported a total of 4 times from 4 distinct sources. 54.180.143.185 was first reported on February 18th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 CBJ	2026-06-23 18:18:13 (4 days ago)	fail2ban: apache-filepath-recon ...	Web App Attack
Anonymous	2026-06-23 18:09:10 (4 days ago)	(caddyscan) Scanner path probe from 54.180.143.185 (KR/South Korea/ec2-54-180-143-185.ap-northeast-2 ... show more (caddyscan) Scanner path probe from 54.180.143.185 (KR/South Korea/ec2-54-180-143-185.ap-northeast-2.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 54.180.143.185 - - [23/Jun/2026:18:09:04 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 54.180.143.185 - - [23/Jun/2026:18:09:04 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 54.180.143.185 - - [23/Jun/2026:18:09:04 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 54.180.143.185 - - [23/Jun/2026:18:09:04 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 54.180.143.185 - - [23/Jun/2026:18:09:05 +0000] "GET /.env.staging HTTP/1.1" show less	Port Scan
🇮🇹 clamehost.it	2026-06-23 17:19:28 (4 days ago)	Automatic report - Brute Force attack using this IP address	Brute-Force
🇺🇸 TPI-Abuse	2024-02-18 22:33:46 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 54.180.143.185 (ec2-54-180-143-185.ap-northeast ... show more (mod_security) mod_security (id:210492) triggered by 54.180.143.185 (ec2-54-180-143-185.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 18 17:33:40.614601 2024] [security2:error] [pid 27390] [client 54.180.143.185:54830] [client 54.180.143.185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.zodiacgate.com"] [uri "/.git/HEAD"] [unique_id "ZdKFxBcfhY5qsooXhYsjxAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 103.99.214.16

🇨🇦 75.152.77.118

🇨🇴 200.10.29.236

🇭🇰 172.253.5.26

🇨🇳 171.83.25.242

🇩🇪 167.94.145.22

🇹🇼 116.59.10.205

🇺🇸 47.88.6.178

🇰🇷 210.222.226.182

🇺🇸 209.38.131.131

🇸🇪 195.178.191.5

🇺🇸 143.20.253.81

🇪🇪 140.99.201.26

🇩🇪 138.68.87.88

🇭🇰 119.8.25.65

🇦🇺 34.129.142.61

🇳🇱 5.255.124.164

🇳🇱 195.178.110.30

🇺🇸 162.216.149.148

🇺🇸 137.184.13.100