JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 44.222.131.42

44.222.131.42 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 0%: ?

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-44-222-131-42.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 44.222.131.42

Whois 44.222.131.42

IP Abuse Reports for 44.222.131.42:

This IP address has been reported a total of 40 times from 26 distinct sources. 44.222.131.42 was first reported on January 25th 2025, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2025-01-27 20:50:24 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 threatx	2025-01-27 20:24:09 (1 year ago)	Common blacklisted IPs across tenants	DDoS Attack Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2025-01-26 20:50:26 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 octageeks.com	2025-01-26 05:07:11 (1 year ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇦🇺 advena	2025-01-26 04:01:01 (1 year ago)	44.222.131.42 (AS14618 AMAZON-AES) was intercepted at 2025-01-26T03:56:30Z after violating WAF direc ... show more 44.222.131.42 (AS14618 AMAZON-AES) was intercepted at 2025-01-26T03:56:30Z after violating WAF directive: bot_fight_mode. Pre-cautionary/corrective action applied: managed_challenge. show less	Web Spam Hacking Brute-Force Web App Attack
Anonymous	2025-01-26 03:40:29 (1 year ago)	apache-wordpress-login	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-01-26 03:02:36 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 44.222.131.42 (ec2-44-222-131-42.compute-1.amaz ... show more (mod_security) mod_security (id:225170) triggered by 44.222.131.42 (ec2-44-222-131-42.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 25 22:02:32.273554 2025] [security2:error] [pid 3850265:tid 3850265] [client 44.222.131.42:53919] [client 44.222.131.42] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.taekwondoit.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.taekwondoit.com"] [uri "/about-us/wp-json/wp/v2/users/"] [unique_id "Z5WlyNmRr9Re7Ah3fQMLHwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 noise.agency	2025-01-26 02:32:56 (1 year ago)	(wordpress) Failed wordpress login from 44.222.131.42 (US/United States/ec2-44-222-131-42.compute-1. ... show more (wordpress) Failed wordpress login from 44.222.131.42 (US/United States/ec2-44-222-131-42.compute-1.amazonaws.com) show less	Brute-Force
Anonymous	2025-01-25 23:05:20 (1 year ago)	Failed login attempt detected by Fail2Ban in plesk-apache jail	Web App Attack
🇺🇸 TPI-Abuse	2025-01-25 22:44:52 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 44.222.131.42 (ec2-44-222-131-42.compute-1.amaz ... show more (mod_security) mod_security (id:225170) triggered by 44.222.131.42 (ec2-44-222-131-42.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 25 17:44:46.437898 2025] [security2:error] [pid 377144:tid 377144] [client 44.222.131.42:49601] [client 44.222.131.42] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.californiacbcdelegation.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.californiacbcdelegation.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5VpXsOblRHpcPvRMRfFdgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 zynex	2025-01-25 21:58:04 (1 year ago)	URL Probing: /wp-includes/wlwmanifest.xml	Web App Attack
🇸🇬 pusathosting.com	2025-01-25 21:45:03 (1 year ago)	2ds22 bruteforce	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-01-25 21:14:19 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 44.222.131.42 (ec2-44-222-131-42.compute-1.amaz ... show more (mod_security) mod_security (id:225170) triggered by 44.222.131.42 (ec2-44-222-131-42.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 25 16:14:15.440657 2025] [security2:error] [pid 5811:tid 5811] [client 44.222.131.42:58681] [client 44.222.131.42] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.sawted.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sawted.com"] [uri "/sawted/wp-json/wp/v2/users/"] [unique_id "Z5VUJxlUBYaO3XsDkrExsgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 quicksand	2025-01-25 21:11:08 (1 year ago)	Malicious URI path & Amazon AWS User Agent Spoofing [GET /virtual/capture/zd993/xmlrpc.php?rsd] [Moz ... show more Malicious URI path & Amazon AWS User Agent Spoofing [GET /virtual/capture/zd993/xmlrpc.php?rsd] [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36] show less	Bad Web Bot Web App Attack
🇩🇪 ardexter	2025-01-25 20:26:28 (1 year ago)	Wordpress attack and DDOS	DDoS Attack Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇨🇳 183.166.94.133

🇧🇷 177.5.253.214

🇸🇬 103.250.11.80

🇫🇷 91.231.89.69

🇬🇧 87.236.176.182

🇳🇱 77.246.100.120

🇫🇷 62.210.142.172

🇯🇵 58.98.197.137

🇺🇸 57.141.0.46

🇷🇺 45.155.146.33

🇩🇪 45.133.74.175

🇺🇸 45.79.109.193

🇸🇬 43.128.122.242

🇻🇳 42.114.236.4

🇬🇧 35.203.211.160

🇺🇸 34.162.41.198

🇺🇸 34.53.98.64

🇮🇳 34.47.217.145

🇺🇸 20.64.106.19