JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 44.223.12.109

44.223.12.109 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-44-223-12-109.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 44.223.12.109

Whois 44.223.12.109

IP Abuse Reports for 44.223.12.109:

This IP address has been reported a total of 70 times from 59 distinct sources. 44.223.12.109 was first reported on June 17th 2026, and the most recent report was 10 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 WebNiraj	2026-06-18 01:24:51 (10 minutes ago)	(mod_security) mod_security (id:949110) triggered by 44.223.12.109 (US/United States/ec2-44-223-12-1 ... show more (mod_security) mod_security (id:949110) triggered by 44.223.12.109 (US/United States/ec2-44-223-12-109.compute-1.amazonaws.com): 5 in the last 3600 secs [SIGMA] show less	Brute-Force
🇩🇪 MarKup	2026-06-18 00:51:14 (44 minutes ago)	Multiple invalid 404 HTTP requests - Fail2Ban	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 00:47:35 (48 minutes ago)	(mod_security) mod_security (id:210492) triggered by 44.223.12.109 (ec2-44-223-12-109.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 44.223.12.109 (ec2-44-223-12-109.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 20:47:32.337717 2026] [security2:error] [pid 31458:tid 31458] [client 44.223.12.109:49360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.65"] [uri "/.git/HEAD"] [unique_id "ajNAJHHs2A_sIkqewE5JtAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 LRob.fr	2026-06-18 00:45:03 (50 minutes ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇷🇸 Scan	2026-06-18 00:42:27 (53 minutes ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-18 00:39:04 (56 minutes ago)	Bot / scanning and/or hacking attempts: GET /config/database.yml HTTP/1.1, GET /.aws/credentials HTT ... show more Bot / scanning and/or hacking attempts: GET /config/database.yml HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /wp-config.php.bak HTTP/1.1, GET /wp-config.php HTTP/1.1, GET /.env.local HTTP/1.1, GET /.git-credentials HTTP/1.1, GET /phpinfo.php HTTP/1.1, GET /.env.bak HTTP/1.1, GET /.env.save HTTP/1.1, GET /.env.development HTTP/1.1, GET /.env.old HTTP/1.1, GET /.env.prod HTTP/1.1, GET /.git/config HTTP/1.1, GET /.git/index HTTP/1.1, GET /.env_production HTTP/1.1, GET /.env.docker HTTP/1.1, GET /info.php HTTP/1.1 show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-06-18 00:25:34 (1 hour ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇹🇭 Sawasdee	2026-06-18 00:09:12 (1 hour ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 MPL	2026-06-18 00:07:32 (1 hour ago)	tcp port scan (15 or more attempts)	Port Scan
Anonymous	2026-06-17 23:39:49 (1 hour ago)	fail2ban: Sensitive web probes detected	Web App Attack
🇱🇹 NotACaptcha	2026-06-17 23:31:47 (2 hours ago)	webserver:80 [18/Jun/2026] "GET /.git/refs/heads/master HTTP/1.1" 403 363 "-" "Mozilla/5.0 (Macinto ... show more webserver:80 [18/Jun/2026] "GET /.git/refs/heads/master HTTP/1.1" 403 363 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 23:23:35 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 44.223.12.109 (ec2-44-223-12-109.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 44.223.12.109 (ec2-44-223-12-109.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 19:23:32.475780 2026] [security2:error] [pid 30872:tid 30872] [client 44.223.12.109:50948] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.199"] [uri "/.git/config"] [unique_id "ajMsdMOllRDKV5c6f-ieaAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Feelautom	2026-06-17 23:20:44 (2 hours ago)	[FeelAutom Auto-Ban] PathScan: /.env.save (Score: 200)	Port Scan
🇧🇷 Halux	2026-06-17 23:11:38 (2 hours ago)	44.223.12.109 Probing protected path or service	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 23:00:38 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 44.223.12.109 (ec2-44-223-12-109.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 44.223.12.109 (ec2-44-223-12-109.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 19:00:30.274167 2026] [security2:error] [pid 21790:tid 21790] [client 44.223.12.109:57026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.228"] [uri "/.git/HEAD"] [unique_id "ajMnDgif-0bZvteS3YwSsQAAADU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 216.226.76.10

🇬🇧 193.163.125.246

🇫🇷 85.69.240.210

🇧🇬 78.128.114.174

🇳🇱 195.178.110.102

🇷🇺 185.42.40.98

🇨🇮 154.0.30.137

🇨🇳 121.40.23.29

🇨🇳 115.190.211.57

🇧🇬 79.124.40.170

🇧🇷 45.232.244.9

🇳🇱 34.34.121.137

🇩🇪 217.160.190.176

🇻🇪 200.75.100.170

🇷🇺 185.70.130.249

🇩🇪 167.94.145.19

🇺🇸 150.107.36.249

🇰🇷 112.216.129.27

🇵🇱 87.251.64.149

🇬🇧 86.156.20.79