JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.86.66.252

54.86.66.252 was found in our database!

This IP was reported 943 times. Confidence of Abuse is 94%: ?

94%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	nat-service4.aws.kontera.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.86.66.252

Whois 54.86.66.252

IP Abuse Reports for 54.86.66.252:

This IP address has been reported a total of 943 times from 111 distinct sources. 54.86.66.252 was first reported on November 30th 2020, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-14 07:01:18 (4 hours ago)	Brute force	Brute-Force
🇫🇷 Sklurk	2026-06-13 15:16:37 (20 hours ago)	Web App Attack	Web App Attack
🇮🇩 sockominfo	2026-06-13 08:00:59 (1 day ago)	Double URL encoding detection. Threat Score: 7.9/10 (HIGH). Confidence: 60%. CVSS v3.1: 7.3/10 (High ... show more Double URL encoding detection. Threat Score: 7.9/10 (HIGH). Confidence: 60%. CVSS v3.1: 7.3/10 (High). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 87%. MITRE ATT&CK: T1110 (Brute Force). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-13 07:00:09 (1 day ago)	Double URL encoding detection. Threat Score: 6.3/10 (MEDIUM). Reported by TangerangKota-CSIRT	Hacking Web App Attack
🇦🇺 MAGIC	2026-06-12 01:36:26 (2 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 mrcrassi	2026-06-11 23:40:15 (2 days ago)	Triggered Cloudflare WAF (botFight) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET ... show more Triggered Cloudflare WAF (botFight) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /produtos/ UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 hermawan	2026-06-11 07:19:41 (3 days ago)	1781162373.986854 54.86.66.252 103.166.156.58 26883_2-4-8-1-3_1460_7 2026-06-11 14:19:33 WIB ...	Email Spam Hacking
Anonymous	2026-06-10 18:22:00 (3 days ago)	Multiple Violations by Bot	Port Scan Web App Attack
🇨🇦 1gz	2026-06-09 11:56:22 (4 days ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /services/ UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 hermawan	2026-06-09 01:54:49 (5 days ago)	1780970080.130857 54.86.66.252 103.166.156.58 26883_2-4-8-1-3_1460_7 2026-06-09 08:54:40 WIB ...	Email Spam Hacking
🇪🇸 librebit	2026-06-07 09:48:14 (1 week ago)	Brute force	Brute-Force
🇮🇩 hermawan	2026-06-07 02:34:41 (1 week ago)	1780799673.377399 54.86.66.252 103.166.156.58 26883_2-4-8-1-3_1460_7 2026-06-07 09:34:33 WIB ...	Email Spam Hacking
Anonymous	2026-06-06 15:08:22 (1 week ago)	Session Crossing	Hacking
🇫🇷 Sklurk	2026-06-06 14:55:54 (1 week ago)	Web App Attack	Web App Attack
🇸🇬 securejdprop	2026-06-06 14:09:02 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack

Showing 1 to 15 of 943 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.252.170

🇺🇸 186.233.184.67

🇺🇸 185.81.144.216

🇺🇸 162.216.150.82

🇺🇸 155.94.163.175

🇨🇦 85.217.149.57

🇷🇺 81.211.72.167

🇬🇧 206.189.247.132

🇨🇳 101.126.54.245

🇳🇬 62.173.38.229

🇯🇵 49.251.137.156

🇳🇱 45.153.34.235

🇳🇱 45.148.10.151

🇳🇱 5.61.209.92

🇺🇸 198.98.62.211

🇮🇳 182.48.204.173

🇭🇰 150.5.131.119

🇺🇸 72.14.147.177

🇱🇹 45.227.254.170

🇬🇧 44.63.228.75