JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.209.118.28

54.209.118.28 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon.com, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-209-118-28.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.209.118.28

Whois 54.209.118.28

IP Abuse Reports for 54.209.118.28:

This IP address has been reported a total of 20 times from 18 distinct sources. 54.209.118.28 was first reported on June 24th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-25 21:26:31 (2 hours ago)	Request Overload (132)	Brute-Force Web App Attack
Anonymous	2026-06-25 04:25:02 (19 hours ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp, ports=80	Port Scan Hacking
🇫🇷 EDSL	2026-06-25 03:48:55 (19 hours ago)	[mail.edsl.fr] Blocked by SysWarden Firewall (Web Attack)	Web App Attack Hacking Port Scan
🇺🇸 LotPhantom	2026-06-25 03:06:38 (20 hours ago)	54.209.118.28 - - [25/Jun/2026:03:05:56 +0000] "GET / HTTP/1.1" 404 39 "-" "Mozilla/5.0 (Windows NT ... show more 54.209.118.28 - - [25/Jun/2026:03:05:56 +0000] "GET / HTTP/1.1" 404 39 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "0" ... show less	Web App Attack
🇮🇹 Progetto1	2026-06-25 01:35:03 (21 hours ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇩🇪 Progetto1	2026-06-24 23:53:02 (23 hours ago)	Detected via HAProxyScanner at 2026-06-24 23:53:02 UTC on destination port WEB (80/443). Repeated sc ... show more Detected via HAProxyScanner at 2026-06-24 23:53:02 UTC on destination port WEB (80/443). Repeated scan / connection. show less	Port Scan Hacking Brute-Force
🇺🇸 MPL	2026-06-24 22:18:11 (1 day ago)	tcp/443 (3 or more attempts)	Port Scan
🇩🇪 Carsten	2026-06-24 20:18:23 (1 day ago)	Bad web bot [Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Headles ... show more Bad web bot [Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/109.0.5414.168 Safari/537.36] show less	Bad Web Bot
🇺🇸 gerensat	2026-06-24 20:11:29 (1 day ago)	2026-06-24 17:11:29 \| / \| [] \| Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko	Web App Attack
🇩🇪 bescared	2026-06-24 19:03:52 (1 day ago)	F2B - Malicious activity detected. URL Probing. -8ff06ede-	Hacking Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2026-06-24 18:00:39 (1 day ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -111.596 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -111.596 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/ show less	Web App Attack Bad Web Bot
🇨🇭 4server	2026-06-24 16:24:11 (1 day ago)	[WedJun2418:24:08.3078772026][security2:error][pid3861282:tid3861361][client54.209.118.28:0]ModSecur ... show more [WedJun2418:24:08.3078772026][security2:error][pid3861282:tid3861361][client54.209.118.28:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?i\)\(10\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\|192\\\\\\\\.168\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\|172\\\\\\\\.\(1[6-9]\\|2[0-9]\\|3[0-1]\)\\\\\\\\.\\\\\\\\d{1\,3}\\\\\\\\.\\\\\\\\d{1\,3}\\|fe80::\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"25\"][id\"990004\"][msg\"SSRFattempttoprivate/internalnetworkdetected\"][hostname\"www.hosting-domain-swiss-ch.ticino-hosting.ch\"][uri\"/\"][unique_id\"ajwEqM-ixMdK9PCUgAXraAAAANA\"] show less	Hacking Web App Attack
🇺🇸 gerensat	2026-06-24 15:51:26 (1 day ago)	2026-06-24 12:51:26 \| / \| [] \| Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.3 (KHTML, like Ge ... show more 2026-06-24 12:51:26 \| / \| [] \| Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3 show less	Web App Attack
🇫🇷 Sklurk	2026-06-24 15:27:07 (1 day ago)	Web App Attack	Web App Attack
Anonymous	2026-06-24 14:26:02 (1 day ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.195.108.229

🇺🇸 195.184.76.122

🇺🇸 71.6.147.254

🇨🇳 58.59.233.142

🇺🇸 205.210.31.69

🇺🇸 195.184.76.126

🇨🇳 180.184.142.135

🇳🇱 176.65.139.181

🇺🇸 172.235.41.110

🇭🇰 152.32.189.128

🇳🇱 91.92.40.28

🇸🇪 44.5.150.88

🇬🇧 35.203.210.117

🇨🇭 209.99.191.19

🇺🇸 172.236.228.115

🇿🇦 169.239.183.136

🇺🇸 162.216.149.66

🇫🇮 147.185.133.169

🇳🇱 132.243.121.237

🇨🇳 111.225.149.69