AbuseIPDB » 54.211.218.254
54.211.218.254 was found in our database!
This IP was reported 7 times. Confidence of
Abuse
is 32% : ?
ISP
Amazon.com, Inc.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS14618
Hostname(s)
ec2-54-211-218-254.compute-1.amazonaws.com
Domain Name
amazon.com
Country
πΊπΈ
United States of America
City
Ashburn, Virginia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 54.211.218.254 :
This IP address has been reported a total of
7
times from
4 distinct
sources.
54.211.218.254 was first reported on
July 16th 2026 , and the most recent report was
4 hours ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π³π±
homeshowdomain.nl
2026-07-17 22:04:03
(4 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-07-17 04:32:39
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.am ...
show more
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:32:31.753835 2026] [security2:error] [pid 239445:tid 239445] [client 54.211.218.254:36120] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flyingdodopublications.com"] [uri "/.git/config"] [unique_id "almwX3Vu5hbb5urVzJZfaAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-17 03:08:15
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.am ...
show more
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:08:10.208765 2026] [security2:error] [pid 1271:tid 1271] [client 54.211.218.254:36082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fly805.com.inetbrain.com"] [uri "/.git/config"] [unique_id "almcmgZiVsoVAWoYP5W75wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-17 00:44:45
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.am ...
show more
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:44:39.467266 2026] [security2:error] [pid 27260:tid 27260] [client 54.211.218.254:48604] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flutetroupeofyakima.org"] [uri "/.git/config"] [unique_id "all69whfkP6LGAZCsseEiwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Savvii
2026-07-16 13:52:20
(1 day ago)
20 attempts against mh_ha-misbehave-ban on onion
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 12:54:27
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.am ...
show more
(mod_security) mod_security (id:210492) triggered by 54.211.218.254 (ec2-54-211-218-254.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:54:20.711813 2026] [security2:error] [pid 2850165:tid 2850165] [client 54.211.218.254:59656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joqlawncare.com"] [uri "/.git/config"] [unique_id "aljUfJCCEmwafk6MEH4VeAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-16 12:24:42
(1 day ago)
Excessive 404/403 errors
Brute-Force
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: