JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.241.145.251

54.241.145.251 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-54-241-145-251.us-west-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.241.145.251

Whois 54.241.145.251

IP Abuse Reports for 54.241.145.251:

This IP address has been reported a total of 53 times from 49 distinct sources. 54.241.145.251 was first reported on June 17th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 David Koswari	2026-06-19 05:45:00 (4 hours ago)	REQ_BLOCKED_SECURITY	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇫🇷 service Informatique	2026-06-19 04:00:37 (5 hours ago)	/___proxy_subdomain_whm/login	Web App Attack
🇧🇾 lns.bz	2026-06-19 00:01:09 (9 hours ago)	.env scanning [BY]	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-18 21:59:26 (12 hours ago)	Auto-ban: >3000 req/min op 2026-06-18	Web App Attack SSH Hacking
🇨🇭 Kepler-1649c	2026-06-18 10:05:17 (23 hours ago)	Detected Attack: HTPasswd.Access	Hacking
🇺🇸 gu-alvareza	2026-06-18 07:05:33 (1 day ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇳🇱 wolfemium	2026-06-18 06:00:50 (1 day ago)	54.241.145.251 - - [18/Jun/2026:09:00:46 +0300] "GET /wp-config.php HTTP/1.1" 302 138 "-" "Mozilla/5 ... show more 54.241.145.251 - - [18/Jun/2026:09:00:46 +0300] "GET /wp-config.php HTTP/1.1" 302 138 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 54.241.145.251 - - [18/Jun/2026:09:00:47 +0300] "GET /wp-config.php.bak HTTP/1.1" 302 138 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 54.241.145.251 - - [18/Jun/2026:09:00:48 +0300] "GET /phpinfo.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 54.241.145.251 - - [18/Jun/2026:09:00:48 +0300] "GET /info.php HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 54.241.145.251 - - [18/Jun/2026:09:00:49 +0300] "GET /config.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 54.241.145.251 - - [18/Jun/2026:09:00:49 +0300] "GET /config/config.php HTTP/1.1" 404 181 "-" "Mozilla/5.0 ... show less	DDoS Attack
🇳🇨 ACE-INFORMATIQUE.NC	2026-06-18 06:00:09 (1 day ago)	Malicious CGI/web attack blocked by Fail2ban	Web App Attack
🇩🇪 ghostwarriors	2026-06-18 05:20:06 (1 day ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-18 05:13:15 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
Anonymous	2026-06-18 05:00:19 (1 day ago)		Web App Attack
🇺🇸 antlac1	2026-06-18 04:59:49 (1 day ago)	crowdsecurity/http-probing	Brute-Force Web App Attack
🇯🇵 HeliJP	2026-06-18 04:45:47 (1 day ago)	2026-06-18T04:38:31Z - Recognized attacks\bad behavior from IP address 54.241.145.251 on port 443\80 ... show more 2026-06-18T04:38:31Z - Recognized attacks\bad behavior from IP address 54.241.145.251 on port 443\80 (52 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
🇦🇱 router.al	2026-06-18 04:45:29 (1 day ago)	06/18/2026-04:45:29.372475 54.241.145.251 Protocol: 6 ET WEB_SERVER WEB-PHP phpinfo access	Port Scan
🇺🇸 TPI-Abuse	2026-06-18 04:44:38 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 54.241.145.251 (ec2-54-241-145-251.us-west-1.co ... show more (mod_security) mod_security (id:210492) triggered by 54.241.145.251 (ec2-54-241-145-251.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:44:30.943149 2026] [security2:error] [pid 29082:tid 29082] [client 54.241.145.251:56062] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.137"] [uri "/.git/HEAD"] [unique_id "ajN3rjHnB72FAg2YmNT5lAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 116.99.173.108

🇺🇸 66.132.186.248

🇺🇸 205.210.31.91

🇱🇰 172.68.200.149

🇩🇪 167.172.177.125

🇺🇸 162.216.149.49

🇨🇳 125.74.55.217

🇨🇳 116.179.32.85

🇮🇩 103.112.245.85

🇬🇷 87.203.244.110

🇩🇪 87.106.29.151

🇧🇷 85.198.47.235

🇹🇷 149.34.211.140

🇧🇩 103.190.132.218

🇷🇺 95.139.87.125

🇫🇮 94.183.234.128

🇫🇷 91.231.89.64

🇲🇩 91.211.50.211

🇨🇳 223.109.252.197

🇺🇸 191.101.33.110