JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.210.148.167

54.210.148.167 was found in our database!

This IP was reported 111 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon.com, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-210-148-167.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.210.148.167

Whois 54.210.148.167

IP Abuse Reports for 54.210.148.167:

This IP address has been reported a total of 111 times from 82 distinct sources. 54.210.148.167 was first reported on May 25th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-27 21:59:02 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-26. show less	Web App Attack SSH Hacking
🇮🇱 spd.co.il	2026-05-27 10:11:02 (1 week ago)	Web application attack detected	Hacking Web App Attack
Anonymous	2026-05-26 23:06:16 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing show less	Bad Web Bot Web App Attack
Anonymous	2026-05-26 22:13:30 (1 week ago)	Portscan: TCP/80 (5x), TCP/443	Port Scan
🇺🇦 URAN Publishing Service	2026-05-26 12:07:10 (1 week ago)	54.210.148.167 - - [26/May/2026:15:07:09 +0300] "GET /wp-includes/speculative8.php HTTP/1.1" 404 761 ... show more 54.210.148.167 - - [26/May/2026:15:07:09 +0300] "GET /wp-includes/speculative8.php HTTP/1.1" 404 761 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" ... show less	Web App Attack
🇺🇸 mnsf	2026-05-26 11:05:22 (1 week ago)	Scanning/Probing (12)	Brute-Force Web App Attack
🇩🇪 findlab	2026-05-26 09:25:01 (1 week ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇪🇸 pipeline.es	2026-05-26 09:09:03 (1 week ago)	Web scanning / probing for vulnerable paths	Port Scan Web App Attack
🇳🇱 holos.pt	2026-05-26 07:20:02 (1 week ago)	Blocked for Known malicious User-Agents in query string: Mozlila/5.0 (Linux; Android 7.0; SM-G892A B ... show more Blocked for Known malicious User-Agents in query string: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 show less	Web App Attack
🇯🇵 bokumin.org	2026-05-26 05:46:16 (1 week ago)	[id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20)"] [uri "/.env"] [id "949110"] [ ... show more [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20)"] [uri "/.env"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25)"] show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-26 05:38:53 (1 week ago)	54.210.148.167 - - [26/May/2026:08:38:52 +0300] "GET /.env HTTP/1.1" 404 727 "-" "Mozilla/5.0 (X11; ... show more 54.210.148.167 - - [26/May/2026:08:38:52 +0300] "GET /.env HTTP/1.1" 404 727 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇱 thedreamer.nl	2026-05-26 05:13:08 (1 week ago)	54.210.148.167 - - [26/May/2026:07:07:58 +0200] "GET /.env HTTP/1.1" 200 1007 "-" "Mozilla/5.0 (Wind ... show more 54.210.148.167 - - [26/May/2026:07:07:58 +0200] "GET /.env HTTP/1.1" 200 1007 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" "US" "Ashburn" "39.04690" "-77.49030" 54.210.148.167 - - [26/May/2026:07:07:58 +0200] "GET /.env.bak HTTP/1.1" 200 1007 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "US" "Ashburn" "39.04690" "-77.49030" 54.210.148.167 - - [26/May/2026:07:07:58 +0200] "GET /.env.old HTTP/1.1" 200 1007 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0" "US" "Ashburn" "39.04690" "-77.49030" 54.210.148.167 - - [26/May/2026:07:07:58 +0200] "GET /.env.save HTTP/1.1" 200 1007 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" "US" "Ashburn" "39.04690" "-77.49030" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇨🇭 🇨🇭 Hosting	2026-05-26 05:10:11 (1 week ago)	Automated WAF report: 200-300 blocked requests from this IP detected by our WAF.	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-26 04:51:36 (1 week ago)	Try to access /.env	Web App Attack
🇳🇱 wlt-blocker	2026-05-26 04:42:36 (1 week ago)	Unauthorized access to webpage admin	Web App Attack

Showing 1 to 15 of 111 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 138.84.72.55

🇺🇸 43.153.104.156

🇵🇰 39.35.216.143

🇬🇧 35.203.210.196

🇬🇧 195.96.139.177

🇧🇷 191.6.25.239

🇺🇸 170.187.165.134

🇺🇸 135.237.126.99

🇩🇪 91.92.240.42

🇬🇧 213.166.84.34

🇨🇴 200.25.6.202

🇭🇰 199.45.154.190

🇸🇬 167.172.82.105

🇺🇾 167.58.102.218

🇸🇬 139.99.38.177

🇨🇳 106.75.11.100

🇺🇸 91.230.168.93

🇳🇱 89.38.96.216

🇧🇷 69.6.221.248

🇦🇺 68.218.80.58