AbuseIPDB » 157.100.104.110
157.100.104.110 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 0% : ?
ISP
ECUANET - CORPORACION ECUATORIANA DE INFORMACION
Usage Type
Data Center/Web Hosting/Transit
ASN
AS27947
Hostname(s)
host-157-100-104-110.ecua.net.ec
Domain Name
ecua.net.ec
Country
πͺπ¨
Ecuador
City
Quito, Pichincha
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 157.100.104.110 :
This IP address has been reported a total of
8
times from
5 distinct
sources.
157.100.104.110 was first reported on
November 26th 2025 , and the most recent report was
1 week ago .
Old Reports:
The most recent abuse report for this IP address is from
1 week ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π¬π·
setupgr
2026-06-22 12:22:18
(1 week ago)
(mod_security) mod_security (id:11000011) triggered by 157.100.104.110 (EC/Ecuador/Guayas/Guayaquil/ ...
show more
(mod_security) mod_security (id:11000011) triggered by 157.100.104.110 (EC/Ecuador/Guayas/Guayaquil/-/[AS27947 Telconet S.A]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 22 15:22:14.707909 2026] [security2:error] [pid 1934691:tid 1934799] [client 157.100.104.110:16343] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "ecua.net.ec" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: host-157-100-104-110.ecua.net.ec"] [severity "CRITICAL"] [hostname "adoro.gr"] [uri "/%CE%BF-%CE%BB%CE%BF%CE%B3%CE%B1%CF%81%CE%B9%CE%B1%CF%83%CE%BC%CF%8C%CF%82-%CE%BC%CE%BF%CF%85/"] [unique_id "ajko9tOaK73DZo-R8XbqgAAAABM"]
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-03-12 02:03:47
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 157.100.104.110 (host-157-100-104-110.ecua.net. ...
show more
(mod_security) mod_security (id:210730) triggered by 157.100.104.110 (host-157-100-104-110.ecua.net.ec): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 22:03:41.925711 2026] [security2:error] [pid 25581:tid 25618] [client 157.100.104.110:51482] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thebiglies.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thebiglies.org"] [uri "/ariel95.com"] [unique_id "abIe_SUeOiZ_vMWWquB2HwAAAJY"], referer: http://thebiglies.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2025-12-16 08:55:11
(6 months ago)
block ruleset A5EE6C8F745F0934168261886A3817E5C386412A
Bad Web Bot
πΊπΈ
TPI-Abuse
2025-12-10 14:52:11
(6 months ago)
"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ...
show more
"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access"
show less
DDoS Attack
SQL Injection
Exploited Host
Anonymous
2025-12-04 00:03:26
(6 months ago)
botnet
DDoS Attack
π©πͺ
SMARTNET
2025-11-30 18:38:00
(7 months ago)
Aisuru(Mirai variant) DDoS
DDoS Attack
π©πͺ
SMARTNET
2025-11-30 18:38:00
(7 months ago)
Aisuru(Mirai variant) DDoS
DDoS Attack
π©πͺ
SMARTNET
2025-11-26 07:00:13
(7 months ago)
Aisuru(Mirai variant) DDoS
DDoS Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: