JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 208.84.101.148

208.84.101.148 was found in our database!

This IP was reported 93 times. Confidence of Abuse is 38%: ?

38%

ISP	Fro LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	fro.email
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 208.84.101.148

Whois 208.84.101.148

IP Abuse Reports for 208.84.101.148:

This IP address has been reported a total of 93 times from 23 distinct sources. 208.84.101.148 was first reported on November 1st 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 10:48:57 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 208.84.101.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 208.84.101.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 06:48:52.724440 2026] [security2:error] [pid 4683:tid 4683] [client 208.84.101.148:52620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thebradleyclinic.com"] [uri "/.env.development"] [unique_id "aiFYFGe1GiZbT7PrY1z9vwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-06-03 18:35:03 (1 week ago)	Probing for exploits 208.84.101.148 - - [03/Jun/2026:20:35:02 +0200] "GET /cms/.env HTTP/1.1" 422 0 ... show more Probing for exploits 208.84.101.148 - - [03/Jun/2026:20:35:02 +0200] "GET /cms/.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36" 208.84.101.148 - - [03/Jun/2026:20:35:02 +0200] "GET /backend/.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36" show less	Hacking Web App Attack
🇩🇪 MusicLibrary	2026-06-03 13:08:32 (1 week ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
Anonymous	2026-06-02 02:00:08 (1 week ago)	WordPress vulnerability scanning and Lottery/prize scamming detected	Bad Web Bot Web App Attack
🇮🇩 soc-yk	2026-05-30 02:18:12 (1 week ago)	Type: suspicious_network_activity Threat: unknown Risk: 100 Events: 81 Evidence: - Persistent suspi ... show more Type: suspicious_network_activity Threat: unknown Risk: 100 Events: 81 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇮🇩 penjaga BRIN	2026-05-25 06:56:58 (2 weeks ago)	Web application attack	Web App Attack
🇮🇩 penjaga BRIN	2026-05-20 23:00:35 (3 weeks ago)	Web application attack	Web App Attack
🇮🇩 Burayot	2026-05-04 09:01:30 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 208.84.101.148 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 208.84.101.148 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇮🇩 sockominfo	2026-04-26 11:00:48 (1 month ago)	CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes, Suspicious URL access.. Th ... show more CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes, Suspicious URL access.. Threat Score: 7.8/10 (HIGH). Confidence: 60%. CVSS v3.1: 7.3/10 (High). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 93%. MITRE ATT&CK: T1071 (Application Layer Protocol). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-26 10:00:51 (1 month ago)	CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes, Suspicious URL access.. Th ... show more CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes, Suspicious URL access.. Threat Score: 7.9/10 (HIGH). Confidence: 60%. CVSS v3.1: 7.3/10 (High). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 96%. MITRE ATT&CK: T1071 (Application Layer Protocol). Tactic: TA0001. Freshness: Fresh. Source Reputation: SUSPICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-26 08:00:43 (1 month ago)	CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes. Threat Score: 7.8/10 (HIGH ... show more CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes. Threat Score: 7.8/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 penjaga BRIN	2026-04-24 21:48:14 (1 month ago)	Web application attack	Web App Attack
🇮🇩 sockominfo	2026-04-24 03:00:37 (1 month ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Brute-Force
🇮🇩 sockominfo	2026-04-24 02:00:14 (1 month ago)	CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes. Threat Score: 7.8/10 (HIGH ... show more CRITICAL: Persistent attacker 208.84.101.148 - 10 attempts in 30 minutes. Threat Score: 7.8/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-24 01:00:38 (1 month ago)	TheHive Threat Scoring assessment: 208.84.101.148 CVSS v3.1: 0/10 (None) CVSS Vector: CVSS:3.1/AV:un ... show more TheHive Threat Scoring assessment: 208.84.101.148 CVSS v3.1: 0/10 (None) CVSS Vector: CVSS:3.1/AV:undefined/AC:undefined/PR:undefined/UI:undefined/S:undefined/C:undefined/I:undefined/A:undefined Bayesian Probability: 80% MITRE ATT&CK: Exploit Public-Facing Application, Valid Accounts, Command and Scripting Interpreter, Application Layer Protocol, Brute Force, Account Manipulation OWASP Risk: High (L:8, I:6) Combined Score: 4.92/10 Confidence Interval: ±0.01 Status: Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Brute-Force

Showing 1 to 15 of 93 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 194.113.235.89

🇺🇸 172.217.107.21

🇧🇷 129.121.54.237

🇸🇬 103.189.235.93

🇷🇴 80.94.92.177

🇺🇸 74.235.100.130

🇺🇸 66.132.172.229

🇬🇧 35.203.210.245

🇿🇦 4.221.186.70

🇮🇳 2406:b400:b5:2a56:5885:dfe1:1758:bec

🇨🇳 221.10.42.66

🇩🇪 213.209.159.158

🇲🇳 203.23.199.88

🇧🇷 200.39.46.41

🇩🇪 194.187.176.103

🇻🇪 190.6.34.60

🇭🇰 172.253.4.25

🇭🇰 123.58.212.28

🇺🇸 98.18.252.73

🇸🇪 85.228.67.197