AbuseIPDB » 194.61.9.16
194.61.9.16 was found in our database!
This IP was reported 15 times. Confidence of
Abuse
is 0%: ?
| ISP |
ExSyst Group Ltd.
|
| Usage Type |
Data Center/Web Hosting/Transit
|
| ASN |
AS19318
|
| Domain Name |
exsyst-group.biz
|
| Country |
๐บ๐ธ
United States of America
|
| City |
New York City, New York
|
IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
IP Abuse Reports for 194.61.9.16:
This IP address has been reported a total of
15
times from
7 distinct
sources.
194.61.9.16 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
| Reporter |
IoA Timestamp (UTC)
|
Comment |
Categories |
|
|
Anonymous
|
|
suspicious request in access.log
|
Web App Attack
|
|
|
๐ท๐บ
DZBOT
|
|
Website Scanning / Scraping
|
Bad Web Bot
Exploited Host
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 194.61.9.16 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 194.61.9.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 08:48:52.517507 2026] [security2:error] [pid 27599:tid 27599] [client 194.61.9.16:46947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.performingartsguild.com"] [uri "/.env"] [unique_id "aYiURGCG-Nd1Yre1eB3RFwAAABE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 194.61.9.16 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 194.61.9.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 15:44:35.396447 2026] [security2:error] [pid 551118:tid 551118] [client 194.61.9.16:32737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.backstore.com"] [uri "/.env"] [unique_id "aXaAs2YlamENvV_nvk0S8gAAAAo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
IT Support
|
|
Credential Stuffing
|
Hacking
Brute-Force
|
|
|
๐บ๐ธ
IT Support
|
|
Credential stuffing
|
Hacking
Brute-Force
|
|
|
๐บ๐ธ
IT Support
|
|
Credential stuffing
|
Hacking
Brute-Force
|
|
|
๐บ๐ธ
IT Support
|
|
Credential stuffing
|
Hacking
Brute-Force
|
|
|
๐บ๐ธ
IT Support
|
|
Credential stuffing
|
Hacking
Brute-Force
|
|
|
๐บ๐ธ
IT Support
|
|
Credential stuffing
|
Hacking
Brute-Force
|
|
|
๐ฉ๐ช
SH89
|
|
Login Attemps to VPN / Network & Scanning IPs
|
Port Scan
Brute-Force
Bad Web Bot
|
|
|
๐บ๐ธ
VSM Networks
|
|
Credential Stuffing
|
Brute-Force
|
|
|
๐บ๐ธ
VSM Networks
|
|
Credential Stuffing
|
Brute-Force
|
|
|
๐บ๐ธ
VSM Networks
|
|
Credential Stuffing
|
Brute-Force
|
|
|
๐ฎ๐ฉ
hermawan
|
|
[Fri May 21 19:08:09.853739 2021] [:error] [pid 11773:tid 140535716742912] [client 194.61.9.16:45291 ...
show more
[Fri May 21 19:08:09.853739 2021] [:error] [pid 11773:tid 140535716742912] [client 194.61.9.16:45291] [client 194.61.9.16] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1041"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-probabilistik-curah-hujan-dasarian-provinsi-jawa-timur/555558706-prakiraan-dasarian-probabilistik-curah-hujan-dasarian-i-tanggal-1-10-mei-2021-provinsi-jawa-timur-update-30-april-2021"] [unique_id "YKeiqQwcz5uxWyWv
...
show less
|
Hacking
Web App Attack
|
|
Showing 1 to
15
of 15 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: