JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.177.94.99

195.177.94.99 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 81%: ?

81%

ISP	Pitline Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214961
Hostname(s)	99.94.177.195.in-addr.arpa
Domain Name	pitline.net
Country	🇫🇷 France
City	Marseille, Provence-Alpes-Cote d'Azur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.177.94.99

Whois 195.177.94.99

IP Abuse Reports for 195.177.94.99:

This IP address has been reported a total of 34 times from 16 distinct sources. 195.177.94.99 was first reported on June 4th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-12 22:00:44 (6 days ago)	[SatJun1300:00:40.3507642026][security2:error][pid152282:tid152363][client195.177.94.99:0]ModSecurit ... show more [SatJun1300:00:40.3507642026][security2:error][pid152282:tid152363][client195.177.94.99:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"www.allegraravizza.it\"][uri\"/sendgrid/.env\"][unique_id\"aiyBiNdR1R0gADT90KSkAwAAAIk\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:57:10 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:57:05.226522 2026] [security2:error] [pid 18093:tid 18093] [client 195.177.94.99:54563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stinnetthomeinspection.com"] [uri "/.env"] [unique_id "aiyAsczJREvAeeaMxzF0UwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-12 21:40:48 (6 days ago)	195.177.94.99 - - [13/Jun/2026:00:40:48 +0300] "GET /.env HTTP/1.1" 404 758 "-" "Mozilla/5.0 (X11; L ... show more 195.177.94.99 - - [13/Jun/2026:00:40:48 +0300] "GET /.env HTTP/1.1" 404 758 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:09:05 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:08:57.794015 2026] [security2:error] [pid 19870:tid 19885] [client 195.177.94.99:61603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tnccivic.org"] [uri "/.env"] [unique_id "aix1aQ24Y33zc7zbSXeacgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-06-12 21:06:58 (6 days ago)	Login credentials theft attempt	Hacking
Anonymous	2026-06-12 21:05:28 (6 days ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=16	Hacking
🇺🇸 TPI-Abuse	2026-06-12 17:59:47 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 13:59:40.658499 2026] [security2:error] [pid 10305:tid 10305] [client 195.177.94.99:60798] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.localpetsitters.com"] [uri "/.env"] [unique_id "aixJDP574ow_P_PJWi3GfQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 17:43:05 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 13:42:57.776012 2026] [security2:error] [pid 1549:tid 1549] [client 195.177.94.99:62505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dhsgrad.net"] [uri "/.env"] [unique_id "aixFIZszVznJXvmjJRPyogAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-12 17:36:19 (1 week ago)	195.177.94.99 - - [12/Jun/2026:20:36:19 +0300] "GET /.env HTTP/1.1" 404 763 "-" "Mozilla/5.0 (X11; L ... show more 195.177.94.99 - - [12/Jun/2026:20:36:19 +0300] "GET /.env HTTP/1.1" 404 763 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Web App Attack
🇩🇪 conseilgouz	2026-06-12 17:06:40 (1 week ago)	doe-17 : Block hidden directories=>/.env(/)	Hacking
🇺🇸 TPI-Abuse	2026-06-12 16:50:21 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:50:14.020356 2026] [security2:error] [pid 12633:tid 12633] [client 195.177.94.99:56311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.circleway.org"] [uri "/.env"] [unique_id "aiw4xs8BuJL_Z03-q-YxugAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 16:13:50 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:13:45.268702 2026] [security2:error] [pid 24602:tid 24602] [client 195.177.94.99:57115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thebarringtongroup.org"] [uri "/.env"] [unique_id "aiwwOZ333WQu_-DG-t97YwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-06-12 15:45:58 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from FR. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from FR. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /sendgrid/.env \| UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 BlueWire Hosting	2026-06-12 15:37:54 (1 week ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 15:37:03 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 195.177.94.99 (99.94.177.195.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 11:36:57.599943 2026] [security2:error] [pid 2920:tid 2920] [client 195.177.94.99:54713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rootsofwellnessayurveda.com"] [uri "/.env"] [unique_id "aiwnmZK9kX9KuHjSYXkv4QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 210.245.32.192

🇺🇸 198.62.7.218

🇳🇱 176.65.139.181

🇺🇸 172.236.239.55

🇺🇸 143.198.174.13

🇺🇸 20.168.121.152

🇯🇵 8.209.240.251

🇳🇱 5.187.35.26

🇮🇳 183.82.111.224

🇲🇦 154.144.243.93

🇫🇷 151.80.141.196

🇺🇸 103.168.67.159

🇭🇺 89.134.210.182

🇳🇱 45.148.10.152

🇪🇸 2.138.146.55

🇷🇺 212.3.155.8

🇺🇸 194.62.107.249

🇪🇸 162.158.120.204

🇲🇾 47.250.14.85

🇳🇱 45.148.10.151