JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 163.245.192.20

163.245.192.20 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 100%: ?

100%

ISP	Interserver, Inc
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26666
Domain Name	interserver.net
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 163.245.192.20

Whois 163.245.192.20

IP Abuse Reports for 163.245.192.20:

This IP address has been reported a total of 64 times from 56 distinct sources. 163.245.192.20 was first reported on May 28th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Artelis	2026-06-02 19:11:31 (2 weeks ago)	163.245.192.20 - - [02/Jun/2026:19:11:31 +0000] "GET /.env HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windo ... show more 163.245.192.20 - - [02/Jun/2026:19:11:31 +0000] "GET /.env HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" ... show less	Web App Attack
🇫🇷 tecnoacquisti.com	2026-06-02 19:10:28 (2 weeks ago)	PrestaShop Security Module: AbuseIPDB high confidence score AND local web-app-attack detected (Abuse ... show more PrestaShop Security Module: AbuseIPDB high confidence score AND local web-app-attack detected (AbuseIPDB score: 100% (cached)) show less	Web App Attack
🇺🇸 Major Hostility	2026-06-02 19:03:52 (2 weeks ago)	"GET /.env HTTP/1.1" 404 "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 "GE ... show more "GET /.env HTTP/1.1" 404 "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 "GET /vendor/laravel-filemanager/js/script.js HTTP/1.1" 404 show less	Web App Attack
🇫🇷 Jimbo67	2026-06-02 16:50:34 (2 weeks ago)	CrowdSec: crowdsecurity/http-cve-probing [US] (INTERSERVER-LAX)	Web App Attack
🇬🇧 Aetherweb Ark	2026-06-02 16:31:13 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 163.245.192.20 (US/United States/vps3406497.tro ... show more (mod_security) mod_security (id:949110) triggered by 163.245.192.20 (US/United States/vps3406497.trouble-free.net): N in the last X secs show less	Web App Attack
🇷🇺 sms.ru	2026-06-02 16:31:02 (2 weeks ago)	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	Web App Attack
🇫🇷 polarolouis	2026-06-02 15:49:40 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/CVE-2017-9841	Web App Attack
🇦🇺 2000cn.com.au	2026-06-02 14:12:26 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-02 13:59:19 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 163.245.192.20 (vps3406497.trouble-free.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 163.245.192.20 (vps3406497.trouble-free.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:59:14.155160 2026] [security2:error] [pid 12653:tid 12653] [client 163.245.192.20:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ard.global"] [uri "/.env"] [unique_id "ah7hsm8buk0zTUFYGwVnLAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 13:29:43 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 163.245.192.20 (vps3406497.trouble-free.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 163.245.192.20 (vps3406497.trouble-free.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:29:37.884817 2026] [security2:error] [pid 4590:tid 4590] [client 163.245.192.20:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archive.yggdrasil.org"] [uri "/.env"] [unique_id "ah7awbbn5_HvawaLA0ipkAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 xyz.rip	2026-06-02 13:25:01 (2 weeks ago)	WAF Violation ...	Hacking Web App Attack
🇫🇷 Lunix	2026-06-02 13:19:26 (2 weeks ago)		Brute-Force Web App Attack
🇺🇸 alecj.com	2026-06-02 13:15:43 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch	Web App Attack
🇩🇪 XICTRON	2026-06-02 13:15:04 (2 weeks ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇫🇷 Guardian	2026-06-02 13:08:30 (2 weeks ago)	Multi abuses [2]: Unauthorized connection attempt / Port scanning, Unauthorized attempt to retrieve ... show more Multi abuses [2]: Unauthorized connection attempt / Port scanning, Unauthorized attempt to retrieve configuration file 163.245.192.20 [02/Jun/2026:13:08:29] "GET / HTTP/1.1" 163.245.192.20 [02/Jun/2026:13:08:30] "GET /.env HTTP/1.1" show less	Port Scan Web App Attack

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.126

🇺🇸 198.98.56.227

🇺🇸 195.184.76.162

🇺🇸 185.226.196.29

🇨🇴 181.61.245.81

🇩🇪 178.104.190.157

🇮🇳 74.125.178.209

🇺🇸 66.132.186.241

🇩🇪 47.254.156.248

🇳🇱 34.178.21.247

🇺🇸 23.29.118.224

🇬🇧 2a06:4880:6000::7b

🇧🇪 198.235.24.173

🇺🇸 195.184.76.171

🇺🇸 195.184.76.68

🇦🇷 190.122.91.14

🇻🇪 190.121.239.197

🇨🇳 183.213.151.211

🇸🇻 179.51.60.11

🇸🇬 156.67.221.49