AbuseIPDB » 54.197.9.24
54.197.9.24 was found in our database!
This IP was reported 4 times. Confidence of
Abuse
is 15% : ?
ISP
Amazon.com, Inc.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS14618
Hostname(s)
ec2-54-197-9-24.compute-1.amazonaws.com
Domain Name
amazon.com
Country
πΊπΈ
United States of America
City
Ashburn, Virginia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 54.197.9.24 :
This IP address has been reported a total of
4
times from
2 distinct
sources.
54.197.9.24 was first reported on
June 22nd 2026 , and the most recent report was
4 days ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π³π±
homeshowdomain.nl
2026-06-24 22:00:06
(4 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-23.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-22 19:08:50
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.197.9.24 (ec2-54-197-9-24.compute-1.amazonaw ...
show more
(mod_security) mod_security (id:210492) triggered by 54.197.9.24 (ec2-54-197-9-24.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 15:08:42.631519 2026] [security2:error] [pid 10127:tid 10127] [client 54.197.9.24:47444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "h-vpastoralcharge.org"] [uri "/.git/HEAD"] [unique_id "ajmIOrX591nRiFp2lVL-mAAAAGE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 18:37:50
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.197.9.24 (ec2-54-197-9-24.compute-1.amazonaw ...
show more
(mod_security) mod_security (id:210492) triggered by 54.197.9.24 (ec2-54-197-9-24.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 14:37:43.860076 2026] [security2:error] [pid 5181:tid 5181] [client 54.197.9.24:51952] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cmangano.com.ithacalions.com"] [uri "/.git/config"] [unique_id "ajmA96G_toonjWHti7r02gAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 18:18:44
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.197.9.24 (ec2-54-197-9-24.compute-1.amazonaw ...
show more
(mod_security) mod_security (id:210492) triggered by 54.197.9.24 (ec2-54-197-9-24.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 14:18:39.981478 2026] [security2:error] [pid 13959:tid 13959] [client 54.197.9.24:55862] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pinkrays.com"] [uri "/.git/HEAD"] [unique_id "ajl8fy1Vo3V-CH1CitRpUgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
4
of 4 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: