JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.93.109.169

147.93.109.169 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 81%: ?

81%

ISP	Hostinger International Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	hostinger.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.93.109.169

Whois 147.93.109.169

IP Abuse Reports for 147.93.109.169:

This IP address has been reported a total of 42 times from 22 distinct sources. 147.93.109.169 was first reported on June 6th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-09 04:09:25 (2 weeks ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇨🇭 4server	2026-06-08 12:44:37 (2 weeks ago)	[MonJun0814:44:35.2458632026][security2:error][pid67747:tid68137][client147.93.109.169:0]ModSecurity ... show more [MonJun0814:44:35.2458632026][security2:error][pid67747:tid68137][client147.93.109.169:0]ModSecurity:Accessdeniedwithcode403$phase1$.Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"npdesign360.ch\"][uri\"/.env\"][unique_id\"aia5MyTM1GLy5aae7MlkcAAAARc\"] show less	Hacking Web App Attack
Anonymous	2026-06-08 12:40:03 (2 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 12:38:30 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:949110) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:38:27.314913 2026] [security2:error] [pid 17410:tid 17410] [client 147.93.109.169:29538] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dulcebebe.net"] [uri "/core/.env"] [unique_id "aia3w8NlZA8JwcYAVX3tGgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-08 12:17:54 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 10:30:17 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:30:06.267364 2026] [security2:error] [pid 11317:tid 11317] [client 147.93.109.169:57228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leviwalkerportfolio.com"] [uri "/app/.env"] [unique_id "aiaZrq3UWQo02gXGQwRwVgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 10:06:52 (2 weeks ago)	147.93.109.169 - - [08/Jun/2026:18:06:50 +0800] "GET /app/.env HTTP/1.1" 404 293 "https://itdefence. ... show more 147.93.109.169 - - [08/Jun/2026:18:06:50 +0800] "GET /app/.env HTTP/1.1" 404 293 "https://itdefence.asia/app/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "-" 147.93.109.169 - - [08/Jun/2026:18:06:50 +0800] "GET /api/.env.save HTTP/1.1" 404 293 "https://itdefence.asia/api/.env.save" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "-" 147.93.109.169 - - [08/Jun/2026:18:06:50 +0800] "GET /.env HTTP/1.1" 404 293 "https://itdefence.asia/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "-" 147.93.109.169 - - [08/Jun/2026:18:06:50 +0800] "GET /laravel/.env HTTP/1.1" 404 293 "https://itdefence.asia/laravel/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "-" 147.93.109.169 - - ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:52:29 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:52:24.842468 2026] [security2:error] [pid 3221:tid 3221] [client 147.93.109.169:51338] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dshgraphics.com"] [uri "/laravel/.env"] [unique_id "aiaQ2D8jtVEudWR-lS1bSwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:23:46 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:23:41.302321 2026] [security2:error] [pid 9438:tid 9438] [client 147.93.109.169:18982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pathpa.org"] [uri "/api/.env"] [unique_id "aiaKHUkeCy3-Aoofy70TtAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-08 09:05:22 (2 weeks ago)	[MonJun0811:05:17.3587572026][security2:error][pid997374:tid997535][client147.93.109.169:0]ModSecuri ... show more [MonJun0811:05:17.3587572026][security2:error][pid997374:tid997535][client147.93.109.169:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"bianchitecno.ch\"][uri\"/api/.env\"][unique_id\"aiaFzb33l7mVsQpG6tCdzAAAARg\"] show less	Port Scan Brute-Force Web App Attack
🇯🇵 Valhalla	2026-06-08 07:31:24 (2 weeks ago)	/dev/.env	Hacking Web App Attack
🇳🇱 e.fierstra	2026-06-08 05:52:09 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-08 03:23:19 (2 weeks ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 03:11:21 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:11:15.097328 2026] [security2:error] [pid 6973:tid 6973] [client 147.93.109.169:40896] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yaseminomer.com"] [uri "/api/.env"] [unique_id "aiYy09WkHGMn-_SgdcbZOwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:48:26 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 147.93.109.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:48:22.120601 2026] [security2:error] [pid 3144:tid 3144] [client 147.93.109.169:20878] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bfpsamoa.com"] [uri "/.env"] [unique_id "aiYtdp7X4P2P6bhnOvf-UwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 159.89.1.53

🇩🇪 89.58.31.106

🇺🇸 71.6.134.235

🇬🇧 35.203.211.196

🇺🇸 13.218.149.133

🇺🇸 2607:f8b0:4864:20::1232

🇳🇱 176.65.139.181

🇨🇳 113.64.121.150

🇷🇺 95.215.108.47

🇨🇦 85.217.149.7

🇭🇰 43.129.193.109

🇧🇷 205.210.31.194

🇸🇬 193.37.32.204

🇬🇹 181.209.203.202

🇮🇳 167.71.225.225

🇺🇸 147.185.132.41

🇩🇪 45.135.141.9

🇸🇬 45.82.78.107

🇬🇧 193.163.125.219

🇻🇪 190.73.221.129