JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.167.104.28

54.167.104.28 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 28%: ?

28%

ISP	Amazon Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-54-167-104-28.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.167.104.28

Whois 54.167.104.28

IP Abuse Reports for 54.167.104.28:

This IP address has been reported a total of 5 times from 4 distinct sources. 54.167.104.28 was first reported on June 7th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ghostwarriors	2026-06-08 06:20:16 (5 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:15:26 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 54.167.104.28 (ec2-54-167-104-28.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 54.167.104.28 (ec2-54-167-104-28.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:15:18.438052 2026] [security2:error] [pid 12244:tid 12244] [client 54.167.104.28:37616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.138"] [uri "/.git/config"] [unique_id "aiYltlzOdmwPqXpIfdv8eAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2026-06-07 22:31:06 (6 days ago)	Probing for non-installed web apps or current vulnerabilities.	Hacking Web App Attack
🇨🇳 Peter Yu	2026-06-07 22:25:37 (6 days ago)		Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 22:13:52 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 54.167.104.28 (ec2-54-167-104-28.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 54.167.104.28 (ec2-54-167-104-28.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:13:48.913106 2026] [security2:error] [pid 17534:tid 17534] [client 54.167.104.28:52640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.4"] [uri "/.git/config"] [unique_id "aiXtHIPH57P7QH-ONcmYFgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇧 185.103.89.101

🇧🇷 168.196.206.14

🇺🇸 66.132.224.29

🇨🇳 43.226.39.182

🇺🇸 192.3.145.26

🇺🇸 162.216.150.215

🇮🇩 157.15.67.253

🇺🇸 135.222.40.33

🇨🇳 117.72.114.183

🇳🇱 45.148.10.183

🇹🇭 203.154.158.195

🇰🇪 197.254.56.50

🇷🇴 193.46.255.86

🇮🇶 185.166.25.150

🇭🇰 103.226.124.223

🇺🇸 66.132.195.99

🇨🇳 42.180.4.166

🇧🇷 2400:cb00:1233:1000:53f4:4013:f9ce:2843

🇧🇬 193.24.211.107

🇫🇮 122.8.45.51