JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.93.23.148

147.93.23.148 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	Hostinger International Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	hostinger.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.93.23.148

Whois 147.93.23.148

IP Abuse Reports for 147.93.23.148:

This IP address has been reported a total of 32 times from 25 distinct sources. 147.93.23.148 was first reported on June 6th 2026, and the most recent report was 30 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 13:18:33 (30 minutes ago)	(mod_security) mod_security (id:949110) triggered by 147.93.23.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:949110) triggered by 147.93.23.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 09:18:27.441073 2026] [security2:error] [pid 17151:tid 17151] [client 147.93.23.148:65068] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "letahaabooking.com"] [uri "/app/.env"] [unique_id "aiVvo8t9A_D6511uXt_xfgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-07 12:20:30 (1 hour ago)	[SunJun0714:20:25.7229382026][security2:error][pid3820220:tid3820245][client147.93.23.148:0]ModSecur ... show more [SunJun0714:20:25.7229382026][security2:error][pid3820220:tid3820245][client147.93.23.148:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"titraslochi.ch\"][uri\"/member/.env\"][unique_id\"aiViCbS4yxAFKJDXEXoMMgAAAAI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 SYSMarshal	2026-06-07 12:15:50 (1 hour ago)	SYSMarshal detection: Port Scanning, Web Application Attack, DDoS Attack, DNS Attack, Bad Bot [Port: ... show more SYSMarshal detection: Port Scanning, Web Application Attack, DDoS Attack, DNS Attack, Bad Bot [Port:443, Proto:TCP, EventID:5152] show less	Port Scan Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-07 10:23:14 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 147.93.23.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 147.93.23.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 06:23:09.581191 2026] [security2:error] [pid 8085:tid 8085] [client 147.93.23.148:52158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "safeharbourfund.com"] [uri "/app/.env"] [unique_id "aiVGjRP_lgj-fTXTA050DwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-07 09:15:04 (4 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 Viveronese	2026-06-07 07:13:46 (6 hours ago)	HTTP vulnerability scanning	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 06:38:38 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 147.93.23.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 147.93.23.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:38:34.211297 2026] [security2:error] [pid 16958:tid 16960] [client 147.93.23.148:49374] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "giogalati.com"] [uri "/core/.env"] [unique_id "aiUR6vvsRyIwIRZkemNK7QAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 05:25:14 (8 hours ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
Anonymous	2026-06-07 04:47:21 (9 hours ago)	Blocked by ModSec and CSF	Port Scan
🇷🇺 DZBOT	2026-06-07 04:38:41 (9 hours ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 Victor López	2026-06-07 04:01:51 (9 hours ago)	lavadodepisosbogota.com 147.93.23.148 - - [06/Jun/2026:23:01:50 -0500] "GET /admin/.env HTTP/1.1" 40 ... show more lavadodepisosbogota.com 147.93.23.148 - - [06/Jun/2026:23:01:50 -0500] "GET /admin/.env HTTP/1.1" 404 46019 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" lavadodepisosbogota.com 147.93.23.148 - - [06/Jun/2026:23:01:50 -0500] "GET /api/.env HTTP/1.1" 404 46027 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" lavadodepisosbogota.com 147.93.23.148 - - [06/Jun/2026:23:01:51 -0500] "GET /laravel/.env HTTP/1.1" 404 46027 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Hacking Web App Attack
🇨🇭 TheCoon	2026-06-07 04:00:02 (9 hours ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
Anonymous	2026-06-07 03:36:40 (10 hours ago)	(caddyscan) Scanner path probe from 147.93.23.148 (IN/India/-): 5 in the last 3600 secs; Ports: ; D ... show more (caddyscan) Scanner path probe from 147.93.23.148 (IN/India/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 147.93.23.148 - - [07/Jun/2026:03:36:39 +0000] "GET /dev/.env HTTP/1.1" [REDACTED] 200 2627 147.93.23.148 - - [07/Jun/2026:03:36:39 +0000] "GET /backend/.env HTTP/1.1" [REDACTED] 200 2627 147.93.23.148 - - [07/Jun/2026:03:36:39 +0000] "GET /core/.env HTTP/1.1" [REDACTED] 200 2627 147.93.23.148 - - [07/Jun/2026:03:36:39 +0000] "GET /laravel/.env HTTP/1.1" [REDACTED] 200 2627 147.93.23.148 - - [07/Jun/2026:03:36:39 +0000] "GET /member/.env HTTP/1.1" show less	Port Scan
🇬🇧 poundawebsiteltd	2026-06-07 02:51:47 (10 hours ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 147.93.23.148 - - [07/Jun/2026:0 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 147.93.23.148 - - [07/Jun/2026:03:51:44 +0100] GET /app/.env HTTP/1.1 403 2796 - Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 show less	Web App Attack
🇫🇮 stinpriza	2026-06-06 23:56:42 (13 hours ago)	Web App Attack	Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 146.56.197.150

🇷🇴 92.118.39.62

🇺🇸 20.65.217.70

🇦🇿 212.47.138.10

🇻🇳 210.211.125.205

🇦🇷 186.122.177.140

🇧🇷 164.163.24.11

🇺🇸 162.216.149.133

🇭🇰 103.230.240.59

🇧🇩 103.72.61.105

🇫🇷 91.196.152.113

🇸🇪 77.53.195.148

🇺🇸 65.49.20.102

🇺🇸 64.225.7.95

🇺🇸 64.62.156.212

🇸🇬 193.37.32.187

🇧🇷 187.8.17.38

🇨🇦 144.217.252.106

🇨🇳 121.224.6.48

🇺🇸 66.132.186.137