JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.36.172.144

193.36.172.144 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	trafficforce, UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS264617
Domain Name	trafficforce.lt
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.36.172.144

Whois 193.36.172.144

IP Abuse Reports for 193.36.172.144:

This IP address has been reported a total of 8 times from 4 distinct sources. 193.36.172.144 was first reported on January 15th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-12-29 18:01:04 (5 months ago)	(mod_security) mod_security (id:217200) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217200) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:00:15.184306 2025] [security2:error] [pid 30263:tid 30487] [client 193.36.172.144:58239] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|www.kettlehill.kettlehill.com\|F\|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.kettlehill.kettlehill.com"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aVLBrztkR4PeLYDgQ4atrQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 11:05:28 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 06:05:18.506256 2025] [security2:error] [pid 1370:tid 1370] [client 193.36.172.144:57413] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/index.php"] [unique_id "aRW7bvULZ6fjDzl0Jn_F4QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:22:23 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:22:07.643966 2025] [security2:error] [pid 172499:tid 172619] [client 193.36.172.144:58301] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|staging.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/cgi-bin/stats"] [unique_id "aIVxL4En7YGnahfIo_jImAAAAU0"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 15:34:14 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 11:33:40.608681 2025] [security2:error] [pid 2889241:tid 2889241] [client 193.36.172.144:48829] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|autodiscover.farmers123.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmers123.com"] [uri "/ipecs-cm/download"] [unique_id "aDh-VEZfLMHOia50psutdAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dayda.net	2025-05-22 09:30:15 (1 year ago)	fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=1	Bad Web Bot
🇺🇸 TPI-Abuse	2025-04-19 03:12:06 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 193.36.172.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 23:10:14.031174 2025] [security2:error] [pid 14944:tid 14965] [client 193.36.172.144:40155] [client 193.36.172.144] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|blog.spinningdesigns.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?q=file:///etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/index.php"] [unique_id "aAMUFqlkjOMtrQ4IEmniwwAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-29 08:39:26 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2025-01-15 06:10:53 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇴 186.6.81.104

🇮🇩 157.15.40.77

🇳🇬 102.88.137.80

🇫🇷 91.238.181.26

🇬🇧 216.226.76.30

🇸🇬 194.164.107.6

🇨🇴 181.143.162.230

🇵🇪 179.6.2.202

🇳🇱 176.65.139.140

🇱🇻 81.30.98.144

🇵🇱 51.75.54.185

🇧🇪 35.189.209.157

🇬🇧 2a06:4880:6000::75

🇮🇷 185.206.94.208

🇳🇴 185.12.59.118

🇮🇷 176.65.240.242

🇧🇷 172.69.114.124

🇨🇳 111.26.167.166

🇱🇹 45.227.254.170

🇬🇧 217.154.35.203