JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.138.69.231

195.138.69.231 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 0%: ?

ISP	TeNeT Networking Centre
Usage Type	Fixed Line ISP
ASN	AS6876
Hostname(s)	hosting7.tenet.ua
Domain Name	te.net.ua
Country	🇺🇦 Ukraine
City	Odesa, Odesa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.138.69.231

Whois 195.138.69.231

IP Abuse Reports for 195.138.69.231:

This IP address has been reported a total of 56 times from 34 distinct sources. 195.138.69.231 was first reported on August 25th 2021, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇹 Evag Touf	2024-02-22 00:44:22 (2 years ago)	(php-url-fopen) Failed php-url-fopen trigger from 195.138.69.231 (UA/Ukraine/hosting7.tenet.ua)	Web App Attack
🇫🇷 Laurent-1971	2024-02-21 17:03:16 (2 years ago)	/wp-content/cache/admin.php?520=1 [ Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KH ... show more /wp-content/cache/admin.php?520=1 [ Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 ] show less	Web App Attack
🇺🇸 TPI-Abuse	2024-02-21 06:14:44 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the la ... show more (mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 21 01:14:37.972881 2024] [security2:error] [pid 4022] [client 195.138.69.231:44780] [client 195.138.69.231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bethbachmann.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bethbachmann.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdWUzbAgZU-5ZyjKHIahyAAAABM"], referer: bethbachmann.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-20 22:17:57 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the la ... show more (mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 20 17:17:53.059919 2024] [security2:error] [pid 2574919] [client 195.138.69.231:57828] [client 195.138.69.231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|wfhsband.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wfhsband.com"] [uri "/wordpress/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdUlEeRBV9OoNRGSYwoNPgAAAAE"], referer: wfhsband.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-20 22:01:09 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the la ... show more (mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 20 17:01:04.853777 2024] [security2:error] [pid 22648] [client 195.138.69.231:46418] [client 195.138.69.231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dreamaudiotools.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dreamaudiotools.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdUhIPJqstA3o0sCdjEXGAAAAAY"], referer: dreamaudiotools.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 psauxit	2024-02-20 21:40:12 (2 years ago)	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show more Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-02-20 18:26:59 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the la ... show more (mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 20 13:26:52.948121 2024] [security2:error] [pid 20019] [client 195.138.69.231:54160] [client 195.138.69.231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|consolidatedoperationsgroup.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "consolidatedoperationsgroup.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdTu7LF2HOp8vExBB7sYYwAAAAA"], referer: consolidatedoperationsgroup.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-20 16:29:40 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the la ... show more (mod_security) mod_security (id:210730) triggered by 195.138.69.231 (hosting7.tenet.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 20 11:29:34.139204 2024] [security2:error] [pid 12346] [client 195.138.69.231:40538] [client 195.138.69.231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|guitarwisdom.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "guitarwisdom.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdTTbkzv9-0LRjzOWsyTvQAAAAE"], referer: guitarwisdom.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-02-20 15:17:17 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇧🇪 taivas.nl	2024-02-20 11:32:07 (2 years ago)	Wordpress_Attack	Web App Attack
🇳🇱 mawan	2024-02-20 11:13:28 (2 years ago)	Suspected of having performed illicit activity on AMS server.	Web App Attack
🇺🇸 myagent.site	2024-02-19 16:08:38 (2 years ago)	Blocking for trying to access an exploit file: /admin.php?520=1	Hacking
🇺🇸 mawan	2024-02-19 12:43:05 (2 years ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇺🇸 octageeks.com	2024-02-03 05:07:07 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2024-02-02 05:07:03 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇷 2a02:587:e20b:4d00:59ab:c7ef:2034:45d

🇰🇷 222.232.176.7

🇵🇰 202.47.57.115

🇧🇪 198.235.24.181

🇫🇮 147.185.133.14

🇮🇹 79.40.60.117

🇺🇸 45.79.207.129

🇬🇧 35.203.210.253

🇻🇳 14.161.179.3

🇰🇷 222.239.251.12

🇭🇰 172.253.4.26

🇲🇴 125.31.2.160

🇨🇳 116.179.33.210

🇳🇱 45.92.1.134

🇨🇳 39.175.147.214

🇬🇧 31.96.153.238

🇺🇸 185.243.5.46

🇺🇸 135.148.217.213

🇮🇳 103.116.137.190

🇳🇱 43.239.89.4