JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.44.134.251

104.44.134.251 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Antonio, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.44.134.251

Whois 104.44.134.251

IP Abuse Reports for 104.44.134.251:

This IP address has been reported a total of 50 times from 24 distinct sources. 104.44.134.251 was first reported on February 11th 2021, and the most recent report was 5 years ago.

Old Reports: The most recent abuse report for this IP address is from 5 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 security.rdmc.fr	2021-03-30 20:47:16 (5 years ago)	Automatic report - Banned IP Access	Web App Attack
🇫🇷 security.rdmc.fr	2021-03-29 15:44:07 (5 years ago)	Automatic report - Banned IP Access	Web App Attack
🇳🇱 Pornomens	2021-03-28 00:40:46 (5 years ago)	104.44.134.251 - - \[28/Mar/2021:06:40:31 +0200\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X1 ... show more 104.44.134.251 - - \[28/Mar/2021:06:40:31 +0200\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[28/Mar/2021:06:40:34 +0200\] "POST / HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[28/Mar/2021:06:40:45 +0200\] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_10_1\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/39.0.2171.95 Safari/537.36" ... show less	Web App Attack
🇨🇦 ISPLtd	2021-03-27 18:04:45 (5 years ago)	TCP/80 port scan with CWR ECE SYN flags set GET /.env	Port Scan Hacking Web App Attack
Anonymous	2021-03-27 02:16:52 (5 years ago)	[Sat Mar 27 02:16:27.017078 2021] [:error] [pid 7422] [client 104.44.134.251] ModSecurity: Access de ... show more [Sat Mar 27 02:16:27.017078 2021] [:error] [pid 7422] [client 104.44.134.251] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "[mungedIP2]"] [uri "/.env"] [unique_id "YF7Nun8AAAEAABz@FUYAAAAN"] [Sat Mar 27 02:16:51.847616 2021] [:error] [pid 7114] [client 104.44.134.251] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-gener show less	Bad Web Bot Web App Attack
🇺🇸 findlab	2021-03-26 16:20:03 (5 years ago)	Backdrop CMS module report: Request: /vendor/phpunit/phpunit/src/Util/PHP/eval-std...	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Pornomens	2021-03-26 07:58:47 (5 years ago)	104.44.134.251 - - \[26/Mar/2021:12:57:32 +0100\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X1 ... show more 104.44.134.251 - - \[26/Mar/2021:12:57:32 +0100\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[26/Mar/2021:12:58:08 +0100\] "POST / HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[26/Mar/2021:12:58:46 +0100\] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_10_1\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/39.0.2171.95 Safari/537.36" ... show less	Web App Attack
🇩🇪 nextweb	2021-03-25 16:17:32 (5 years ago)	(mod_security) mod_security (id:210492) triggered by 104.44.134.251 (US/United States/Texas/San Anto ... show more (mod_security) mod_security (id:210492) triggered by 104.44.134.251 (US/United States/Texas/San Antonio/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 5 in the last 3600 secs show less	Brute-Force
🇩🇪 billaids	2021-03-25 15:52:27 (5 years ago)	104.44.134.251 - - [25/Mar/2021:20:52:20 +0100] "GET /.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (X11; ... show more 104.44.134.251 - - [25/Mar/2021:20:52:20 +0100] "GET /.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Bad Web Bot Exploited Host Web App Attack
🇩🇪 iNetWorker	2021-03-25 13:53:59 (5 years ago)	trolling for resource vulnerabilities	Web App Attack
🇳🇱 Pornomens	2021-03-25 09:10:18 (5 years ago)	104.44.134.251 - - \[25/Mar/2021:14:09:49 +0100\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X1 ... show more 104.44.134.251 - - \[25/Mar/2021:14:09:49 +0100\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[25/Mar/2021:14:10:03 +0100\] "POST / HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[25/Mar/2021:14:10:17 +0100\] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_10_1\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/39.0.2171.95 Safari/537.36" ... show less	Web App Attack
🇺🇸 etu brutus	2021-03-20 23:06:33 (5 years ago)	From CCTV User Interface Log ...::ffff:104.44.134.251 - - [20/Mar/2021:23:06:33 +0000] "GET / HTTP/1 ... show more From CCTV User Interface Log ...::ffff:104.44.134.251 - - [20/Mar/2021:23:06:33 +0000] "GET / HTTP/1.1" 200 960 ... show less	Hacking Web App Attack
🇳🇱 kiwi.network	2021-03-20 01:06:04 (5 years ago)	Probing host IP: Attack repeated for 24 hours 104.44.134.251 - - [11/Mar/2021:16:51:16 0200] "GET / ... show more Probing host IP: Attack repeated for 24 hours 104.44.134.251 - - [11/Mar/2021:16:51:16 0200] "GET /.env HTTP/1.1" 403 605 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - [11/Mar/2021:16:51:16 0200] "POST / HTTP/1.1" 404 590 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - [18/Mar/2021:21:22:10 0200] "GET / HTTP/1.1" 404 590 "-" "python-requests/2.25.1" 104.44.134.251 - - [20/Mar/2021:07:06:01 0200] "GET /.env HTTP/1.1" 403 605 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Hacking Exploited Host Web App Attack
🇳🇱 Pornomens	2021-03-19 18:00:22 (5 years ago)	104.44.134.251 - - \[19/Mar/2021:23:00:19 +0100\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X1 ... show more 104.44.134.251 - - \[19/Mar/2021:23:00:19 +0100\] "GET /.env HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[19/Mar/2021:23:00:20 +0100\] "POST / HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(X11\; Linux x86_64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/81.0.4044.129 Safari/537.36" 104.44.134.251 - - \[19/Mar/2021:23:00:21 +0100\] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 473 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_10_1\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/39.0.2171.95 Safari/537.36" ... show less	Web App Attack
Anonymous	2021-03-19 13:56:39 (5 years ago)	104.44.134.251 - - [19/Mar/2021:13:55:52 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin ... show more 104.44.134.251 - - [19/Mar/2021:13:55:52 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 5846 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" show less	Web App Attack

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.228

🇺🇸 162.216.150.114

🇨🇳 113.82.211.213

🇳🇴 79.127.150.143

🇨🇾 62.228.200.254

🇺🇸 45.92.229.34

🇸🇬 43.156.201.48

🇧🇪 34.38.39.152

🇯🇵 15.152.113.117

🇸🇪 13.63.238.3

🇰🇷 211.253.31.30

🇺🇸 173.252.87.5

🇹🇭 159.192.132.36

🇨🇳 101.96.238.202

🇺🇸 52.168.141.47

🇺🇸 45.92.229.27

🇺🇸 45.92.229.21

🇫🇷 194.163.179.198

🇬🇧 185.241.166.90

🇺🇸 150.107.38.111