JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 96.44.159.148

96.44.159.148 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 58%: ?

58%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Domain Name	hostpapa.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 96.44.159.148

Whois 96.44.159.148

IP Abuse Reports for 96.44.159.148:

This IP address has been reported a total of 11 times from 9 distinct sources. 96.44.159.148 was first reported on June 3rd 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 08:53:32 (6 hours ago)	(mod_security) mod_security (id:225170) triggered by 96.44.159.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 96.44.159.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:53:27.272274 2026] [security2:error] [pid 7836:tid 7836] [client 96.44.159.148:55176] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kentsavagelaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kentsavagelaw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiE9B8eD4thxbkw9mW-hugAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-04 04:57:36 (10 hours ago)	Blocked by UFW (TCP on 47160) Source port: 9100 TTL: 51 Packet length: 76 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 47160) Source port: 9100 TTL: 51 Packet length: 76 TOS: 0x08 This report (for 96.44.159.148) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-04 04:48:17 (10 hours ago)		Web Spam Bad Web Bot
🇩🇪 Martin Lundstrom	2026-06-04 04:26:13 (11 hours ago)	https://www.eagleeye-intelligence.com — WordPress attack. Automatically detected and blocked.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 02:20:54 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 96.44.159.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 96.44.159.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 22:20:47.581814 2026] [security2:error] [pid 2137:tid 2137] [client 96.44.159.148:28746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.michaelgatley.com"] [uri "/.git/config"] [unique_id "aiDg_-AcTGGH-YZUdHu_TgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 01:55:44 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 96.44.159.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 96.44.159.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 21:55:40.438645 2026] [security2:error] [pid 25939:tid 25939] [client 96.44.159.148:31172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.brbcash.com.bamedica.com"] [uri "/.git/config"] [unique_id "aiDbHOhS7brq4KAVDhCJgAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 SiliSoftware	2026-06-03 18:40:32 (21 hours ago)	/phpBB3/viewtopic.php?f=3&t=1371	Web App Attack
🇫🇷 polido	2026-06-03 13:21:27 (1 day ago)	Unauthorized connection attempt to port 443 from 96.44.159.148	Port Scan
🇩🇪 big-cloud.nl	2026-06-03 11:21:19 (1 day ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-06-03 08:00:33 (1 day ago)	2026-06-03 00:00:45,289 fail2ban.actions [3625835]: NOTICE [tor] Ban 96.44.159.148 2026-06-0 ... show more 2026-06-03 00:00:45,289 fail2ban.actions [3625835]: NOTICE [tor] Ban 96.44.159.148 2026-06-03 03:00:31,655 fail2ban.actions [3625835]: NOTICE [tor] Ban 96.44.159.148 2026-06-03 06:00:15,387 fail2ban.actions [3625835]: NOTICE [tor] Ban 96.44.159.148 2026-06-03 08:01:23,857 fail2ban.actions [3625835]: NOTICE [tor] Ban 96.44.159.148 2026-06-03 11:00:33,002 fail2ban.actions [3625835]: NOTICE [tor] Ban 96.44.159.148 show less	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-03 04:25:23 (1 day ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN US/United States/-	Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 179.126.184.88

🇮🇳 172.217.38.22

🇺🇸 165.154.182.10

🇺🇸 162.216.149.214

🇺🇸 147.185.132.191

🇹🇼 111.253.92.137

🇨🇳 61.146.129.133

🇺🇸 50.116.40.254

🇻🇳 45.119.84.196

🇸🇳 41.214.10.178

🇨🇳 223.166.22.184

🇺🇸 162.216.150.195

🇮🇳 152.52.232.174

🇧🇷 129.121.54.208

🇮🇳 66.116.225.113

🇳🇱 45.134.225.250

🇷🇺 31.173.7.121

🇨🇳 14.103.118.140

🇫🇷 213.156.134.103

🇳🇱 176.65.139.217