JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 44.203.152.200

44.203.152.200 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 0%: ?

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-44-203-152-200.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 44.203.152.200

Whois 44.203.152.200

IP Abuse Reports for 44.203.152.200:

This IP address has been reported a total of 60 times from 40 distinct sources. 44.203.152.200 was first reported on April 15th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-04-30 13:02:46 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
Anonymous	2026-04-18 01:05:53 (2 months ago)	Portscan: TCP/443 (3x), TCP/80 (4x)	Port Scan
🇳🇱 homeshowdomain.nl	2026-04-16 21:59:04 (2 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-04-15. show less	Web App Attack SSH Hacking
🇧🇪 boxed-it	2026-04-16 17:11:18 (2 months ago)	GET /.git/config (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇧🇪 boxed-it	2026-04-16 15:54:43 (2 months ago)	GET /.git/config (Tarpitted for 1d15h8m29s, wasted 8.06MB)	Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-15 21:59:09 (2 months ago)	Auto-ban: >3000 req/min op 2026-04-15	Web App Attack SSH Hacking
🇳🇱 oisecnet	2026-04-15 21:02:06 (2 months ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-04-15. 3 requests from this I ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-04-15. 3 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 [email protected]	2026-04-15 18:22:00 (2 months ago)	[Tue Apr 14 20:32:34.116045 2026] [authz_core:error] [pid 25900] [client 44.203.152.200:33448] AH016 ... show more [Tue Apr 14 20:32:34.116045 2026] [authz_core:error] [pid 25900] [client 44.203.152.200:33448] AH01630: client denied by server configuration: /opt/homebrew/var/www/.git show less	Web App Attack Hacking
🇳🇿 FaB Property Group	2026-04-15 13:59:40 (2 months ago)	Requested file: .git/config	Web App Attack
🇳🇿 FaB Property Group	2026-04-15 13:59:40 (2 months ago)	Requested file: .git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 07:22:05 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 44.203.152.200 (ec2-44-203-152-200.compute-1.am ... show more (mod_security) mod_security (id:210492) triggered by 44.203.152.200 (ec2-44-203-152-200.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 03:21:57.561388 2026] [security2:error] [pid 1081286:tid 1081286] [client 44.203.152.200:34528] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pathpa.org"] [uri "/.git/config"] [unique_id "ad88lSZmkAmgvZowuac2LAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 06:20:49 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 44.203.152.200 (ec2-44-203-152-200.compute-1.am ... show more (mod_security) mod_security (id:210492) triggered by 44.203.152.200 (ec2-44-203-152-200.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 02:20:44.327577 2026] [security2:error] [pid 2967656:tid 2967656] [client 44.203.152.200:51664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cointraptions.com"] [uri "/.git/config"] [unique_id "ad8uPEmX2cCKrz899EpJQwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 kranem	2026-04-15 06:00:04 (2 months ago)	Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 14618 (AMAZON-AES - Amazon.com, Inc.) Pro ... show more Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 14618 (AMAZON-AES - Amazon.com, Inc.) Protocol: HTTP/1.1 (GET method) Endpoint: /.git/config Timestamp: 2026-04-15T05:55:05Z User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:31.0) Gecko/20100101 Firefox/31.0 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-15 05:32:48 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 44.203.152.200 (ec2-44-203-152-200.compute-1.am ... show more (mod_security) mod_security (id:210492) triggered by 44.203.152.200 (ec2-44-203-152-200.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 01:32:45.032006 2026] [security2:error] [pid 944345:tid 944345] [client 44.203.152.200:45260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web58.dnchosting.com"] [uri "/.git/config"] [unique_id "ad8i_dcyzW2OpY9iN8n3fAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-15 04:38:24 (2 months ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 122.185.101.50

🇺🇸 47.88.100.101

🇨🇳 1.192.59.248

🇺🇸 192.101.65.76

🇨🇭 191.96.170.50

🇳🇱 172.211.56.214

🇬🇧 172.64.192.205

🇬🇧 172.64.192.204

🇫🇮 147.185.133.127

🇮🇳 135.235.138.43

🇫🇷 87.119.223.79

🇺🇸 74.7.241.14

🇺🇸 47.253.63.1

🇫🇮 45.87.249.147

🇯🇵 8.216.8.151

🇹🇼 202.39.153.245

🇯🇵 172.105.197.151

🇺🇸 154.29.87.83

🇦🇱 141.98.143.24

🇮🇩 103.154.231.122