AbuseIPDB » 157.254.164.49

157.254.164.49 was found in our database!

This IP was reported 667 times. Confidence of Abuse is 0%: ?

0%

ISP	Virtuo Holdings Inc
Usage Type	Data Center/Web Hosting/Transit
ASN	AS399486
Domain Name	virtu.nl
Country	United States of America
City	Edison, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 157.254.164.49

Whois 157.254.164.49

IP Abuse Reports for 157.254.164.49:

This IP address has been reported a total of 667 times from 119 distinct sources. 157.254.164.49 was first reported on May 27th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
alternat0r	2024-07-21 10:27:47 (11 months ago)	Potential web attack/ddos/bot/spam. Apache access log report.	Web App Attack
alternat0r	2024-07-20 10:22:03 (11 months ago)	Potential web attack/ddos/bot/spam. Apache access log report.	Web App Attack
Mr-Money	2024-07-20 06:33:42 (11 months ago)	157.254.164.49 - - [20/Jul/2024:08:33:41 +0200] "GET /.env HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Macin ... show more157.254.164.49 - - [20/Jul/2024:08:33:41 +0200] "GET /.env HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
sdos.es	2024-07-20 06:22:29 (11 months ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
Bedios GmbH	2024-07-20 06:21:52 (11 months ago)	Login credentials theft attempt	Hacking
RoboAbuseCheck	2024-07-20 05:58:37 (11 months ago)	Unsolicited connection attempts to port 80	Hacking
Mr-Money	2024-07-19 14:33:56 (11 months ago)	157.254.164.49 - - [19/Jul/2024:16:33:56 +0200] "GET /.env HTTP/1.1" 404 462 "-" "Mozilla/5.0 (Macin ... show more157.254.164.49 - - [19/Jul/2024:16:33:56 +0200] "GET /.env HTTP/1.1" 404 462 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
ut-addicted.com	2024-07-19 14:28:58 (11 months ago)	\[Fri Jul 19 16:28:56.652775 2024\] \[:error\] \[pid 31995:tid 140075255932672\] \[client 157.254.16 ... show more\[Fri Jul 19 16:28:56.652775 2024\] \[:error\] \[pid 31995:tid 140075255932672\] \[client 157.254.164.49:52281\] \[client 157.254.164.49\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.env"\] \[unique_id "Zpp4KGAluZbgvCfo1oRACAAAAM0"\] show less	Brute-Force Web App Attack
Block_Steady_Crew	2024-07-19 14:05:27 (11 months ago)	Honeypot snared from 157.254.164.49	Port Scan Web App Attack
oonux.net	2024-07-19 14:02:11 (11 months ago)	RouterOS: Scanning detected TCP 157.254.164.49:57138 > x.x.x.x:80	Port Scan
geot	2024-07-19 12:06:49 (11 months ago)	GET /.env HTTP/1.1	Hacking Web App Attack
alternat0r	2024-07-19 10:16:10 (11 months ago)	Potential web attack/ddos/bot/spam. Apache access log report.	Web App Attack
Security_Whaller	2024-07-19 06:09:07 (11 months ago)	Malicious activity detected on Honeypot.	Hacking Brute-Force Web App Attack
Mr-Money	2024-07-19 05:32:49 (11 months ago)	157.254.164.49 - - [19/Jul/2024:07:32:48 +0200] "GET /.env HTTP/1.1" 404 461 "-" "Mozilla/5.0 (Macin ... show more157.254.164.49 - - [19/Jul/2024:07:32:48 +0200] "GET /.env HTTP/1.1" 404 461 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
ANTI SCANNER	2024-07-19 04:44:48 (11 months ago)	Scanner : /.env	Web Spam

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩