JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.237.140.198

54.237.140.198 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 35%: ?

35%

ISP	Amazon.com, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-237-140-198.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.237.140.198

Whois 54.237.140.198

IP Abuse Reports for 54.237.140.198:

This IP address has been reported a total of 25 times from 24 distinct sources. 54.237.140.198 was first reported on May 1st 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 David Koswari	2026-05-04 05:52:00 (1 month ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇧🇪 boxed-it	2026-05-03 06:00:40 (1 month ago)	GET /_ignition/execute-solution (Tarpitted for 1d15h8m29s, wasted 8.06MB)	Web App Attack
🇬🇧 openstrike.co.uk	2026-05-02 05:13:25 (1 month ago)	3 attacks on Laravel URLs: GET /_ignition/execute-solution HTTP/1.1	Web App Attack
🇮🇹 NonOggiCaroMio	2026-05-01 18:38:21 (1 month ago)	Arruso ca si: crowdsecurity/http-cve-probing	Brute-Force
🇨🇦 polycoda	2026-05-01 18:20:50 (1 month ago)	📄 Probes for tons of inexistent files and/or PHP scripts	Hacking Web App Attack
🇯🇵 HeliJP	2026-05-01 16:45:40 (1 month ago)	2026-05-01T16:07:15Z - Recognized attacks\bad behavior from IP address 54.237.140.198 on port 443\80 ... show more 2026-05-01T16:07:15Z - Recognized attacks\bad behavior from IP address 54.237.140.198 on port 443\80 (3 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
Anonymous	2026-05-01 16:42:00 (1 month ago)	probing	Web App Attack
🇩🇪 Carsten	2026-05-01 16:30:57 (1 month ago)	GET [_ignition/execute-solution]	Port Scan
🇨🇭 4server	2026-05-01 16:10:52 (1 month ago)	[FriMay0118:10:46.5968542026][security2:error][pid94963:tid96218][client54.237.140.198:0]ModSecurity ... show more [FriMay0118:10:46.5968542026][security2:error][pid94963:tid96218][client54.237.140.198:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"piffarerio.ch\"][uri\"/_ignition/execute-solution\"][unique_id\"afTQhkesN44E_EFS4n9q0gAAAQY\"] show less	Hacking Web App Attack
🇺🇸 gglobatech	2026-05-01 15:47:26 (1 month ago)	CrowdSec detection: crowdsecurity/http-cve-probing on srv1042301	Brute-Force Port Scan
🇺🇸 mnsf	2026-05-01 15:05:58 (1 month ago)	Too many Status 40X (14)	Brute-Force Web App Attack
Anonymous	2026-05-01 14:43:08 (1 month ago)	Http Port:80 (http_status:404) - Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko ... show more Http Port:80 (http_status:404) - Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0 show less	Web App Attack
🇺🇸 kosada.com	2026-05-01 14:40:24 (1 month ago)	Web vulnerability probing: /_ignition/execute-solution	Web App Attack
🇩🇪 filstal.org	2026-05-01 14:30:11 (1 month ago)	CrowdSec-Report: crowdsecurity/http-cve-probing	Hacking Web App Attack
🇩🇪 dklueh79	2026-05-01 13:52:31 (1 month ago)	Probe for vulnerabilities. Path attempted: /_ignition/execute-solution	Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 199.247.11.119

🇹🇼 198.235.24.44

🇺🇸 162.216.149.27

🇸🇳 41.82.50.218

🇨🇳 223.166.28.82

🇨🇿 92.62.233.214

🇩🇪 91.92.240.2

🇺🇸 213.169.215.213

🇨🇳 101.43.233.26

🇵🇹 94.60.225.226

🇺🇸 23.23.213.182

🇺🇸 20.29.116.172

🇺🇸 3.210.29.96

🇺🇸 172.253.242.53

🇦🇪 165.154.12.108

🇸🇾 129.224.207.12

🇨🇳 106.75.144.150

🇳🇱 91.92.40.204

🇸🇪 83.226.181.38

🇺🇸 65.49.1.235