JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.85.81.159

54.85.81.159 was found in our database!

This IP was reported 160 times. Confidence of Abuse is 0%: ?

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-85-81-159.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.85.81.159

Whois 54.85.81.159

IP Abuse Reports for 54.85.81.159:

This IP address has been reported a total of 160 times from 105 distinct sources. 54.85.81.159 was first reported on October 25th 2022, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇿🇦 slartybartfast69420blazit	2025-09-01 20:38:21 (9 months ago)	Fail2ban picked up 54.85.81.159 attacking nginx	Web App Attack
🇿🇦 slartybartfast69420blazit	2025-08-30 20:53:32 (9 months ago)	Fail2ban picked up 54.85.81.159 attacking nginx	Web App Attack
🇹🇷 rtbh.com.tr	2025-08-30 20:08:32 (9 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇿🇦 slartybartfast69420blazit	2025-08-29 20:52:58 (9 months ago)	Fail2ban picked up 54.85.81.159 attacking nginx	Web App Attack
🇹🇷 rtbh.com.tr	2025-08-29 20:08:31 (9 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 geot	2025-08-29 12:45:28 (9 months ago)	44 requests, including : GET /.git/config HTTP/1.1 GET /app/.env HTTP/1.1 GET /.env.local HTTP/1.1 ... show more 44 requests, including : GET /.git/config HTTP/1.1 GET /app/.env HTTP/1.1 GET /.env.local HTTP/1.1 GET /nextjs-app/.env HTTP/1.1 GET /blog.env HTTP/1.1 GET /config/.env HTTP/1.1 GET /library/.env HTTP/1.1 GET /myproject/.env HTTP/1.1 GET /react-app/.env HTTP/1.1 GET /.envs/.production/.django HTTP/1.1 GET /laravel/.env HTTP/1.1 GET /.aws/credentials HTTP/1.1 GET /wp-content/.env HTTP/1.1 GET /config.json HTTP/1.1 GET /vendor/.env HTTP/1.1 GET /react-app/.env.production HTTP/1.1 GET /.env.production HTTP/1.1 GET /application/.env HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 FamilysWebSite	2025-08-29 08:53:00 (9 months ago)	Multiple attempts of unauthorized access	Hacking Brute-Force Web App Attack
🇬🇧 AvonleaConsulting	2025-08-28 22:49:04 (9 months ago)	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
🇧🇷 felipeforte	2025-08-28 22:12:00 (9 months ago)	54.85.81.159 - - [28/Aug/2025:10:48:27 +0000] "GET /.env HTTP/1.1" 403 118 "-" "Mozilla/5.0" 54.85. ... show more 54.85.81.159 - - [28/Aug/2025:10:48:27 +0000] "GET /.env HTTP/1.1" 403 118 "-" "Mozilla/5.0" 54.85.81.159 - - [28/Aug/2025:10:48:27 +0000] "GET /.env.local HTTP/1.1" 403 118 "-" "Mozilla/5.0" 54.85.81.159 - - [28/Aug/2025:10:48:27 +0000] "GET /.env.production HTTP/1.1" 403 118 "-" "Mozilla/5.0" 54.85.81.159 - - [28/Aug/2025:10:48:27 +0000] "GET /wp-content/.env HTTP/1.1" 403 118 "-" "Mozilla/5.0" 54.85.81.159 - - [28/Aug/2025:10:48:27 +0000] "GET /.git/config HTTP/1.1" 403 118 "-" "Mozilla/5.0" 54.85.81.159 - - [28/Aug/2025:10:48:27 +0000] "GET /application/.env HTTP/1.1" 403 118 "-" "Mozilla/5.0" show less	Web App Attack
🇿🇦 slartybartfast69420blazit	2025-08-28 20:46:09 (9 months ago)	Fail2ban picked up 54.85.81.159 attacking nginx	Web App Attack
🇹🇷 rtbh.com.tr	2025-08-28 20:08:29 (9 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 SLSLLC	2025-08-28 18:50:28 (9 months ago)	54.85.81.159 - - [28/Aug/2025:18:50:28 +0000] "GET /.env HTTP/2.0" 403 1881 "-" "Mozilla/5.0" ...	Brute-Force Web App Attack
Anonymous	2025-08-28 18:38:10 (9 months ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/.env	Web App Attack
🇺🇸 TPI-Abuse	2025-08-28 18:37:08 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 54.85.81.159 (ec2-54-85-81-159.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 54.85.81.159 (ec2-54-85-81-159.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 28 14:37:02.105628 2025] [security2:error] [pid 27432:tid 27432] [client 54.85.81.159:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "otterb.org"] [uri "/.env"] [unique_id "aLChzl3pveM_KdoOosNZKwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 weblite	2025-08-28 18:14:58 (9 months ago)	WP_EXPLOIT_PROBE WP_MALWARE_PROBE	Hacking Web App Attack

Showing 1 to 15 of 160 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 162.158.138.86

🇷🇴 151.242.30.224

🇹🇷 37.202.54.97

🇩🇪 213.209.159.143

🇺🇸 162.216.149.35

🇺🇸 66.132.195.68

🇺🇸 66.132.172.38

🇨🇳 61.240.156.16

🇭🇰 47.83.248.61

🇷🇺 45.150.11.192

🇸🇬 43.134.35.72

🇨🇭 35.216.234.82

🇩🇪 31.16.193.52

🇰🇷 118.32.101.175

🇨🇳 111.41.205.54

🇨🇳 111.11.93.87

🇺🇸 107.150.105.5

🇻🇳 103.241.43.193

🇧🇬 78.128.114.58

🇬🇧 51.195.215.19