๐บ๐ธ
mnsf
2026-06-17 00:18:21
(2 weeks ago)
Too many Status 50X (16)
Scanning/Probing (15)
Brute-Force
Web App Attack
๐ฌ๐ง
djboddington
2026-06-16 08:05:23
(2 weeks ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
Anonymous
2026-06-16 06:11:04
(2 weeks ago)
52.173.163.128 detected on srv02
Port Scan
Anonymous
2026-06-14 16:21:16
(2 weeks ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐บ๐ธ
anon333
2026-06-14 08:36:24
(2 weeks ago)
Invalid HTTP port 80 probes to server T0436
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-06-14 06:21:52
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:21:44.956963 2026] [security2:error] [pid 22863:tid 22863] [client 52.173.163.128:55300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.218"] [uri "/.env"] [unique_id "ai5IeNo3YN9YNEz0Wu9ehgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-06-14 05:25:46
(2 weeks ago)
Blocked by UFW (TCP on 2078)
Source port: 54374
TTL: 51
Packet length: 60
TOS: 0x00
This report (fo ...
show more
Blocked by UFW (TCP on 2078)
Source port: 54374
TTL: 51
Packet length: 60
TOS: 0x00
This report (for 52.173.163.128) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ซ๐ท
dynamix
2026-06-14 04:55:45
(2 weeks ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 04:11:15
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:11:06.668794 2026] [security2:error] [pid 16313:tid 16313] [client 52.173.163.128:55503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.238"] [uri "/.git/HEAD"] [unique_id "ai4p2paxlAb93VdMrs-uKQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Rayulcifer
2026-04-18 05:08:36
(2 months ago)
52.173.163.128 - - [18/Apr/2026:00:08:32 -0500] "GET https://cloud.xiliancloud.cn HTTP/1.1" 200 8567 ...
show more
52.173.163.128 - - [18/Apr/2026:00:08:32 -0500] "GET https://cloud.xiliancloud.cn HTTP/1.1" 200 85676 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0"
52.173.163.128 - - [18/Apr/2026:00:08:35 -0500] "GET https://cloud.xiliancloud.cn HTTP/1.1" 200 85675 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0"
...
show less
Open Proxy
Port Scan
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-04-10 13:33:59
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 09:33:55.066141 2026] [security2:error] [pid 2952156:tid 2952195] [client 52.173.163.128:48064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomskrodzki.com"] [uri "/@fs/app/.git/config"] [unique_id "adj8Q-mG6NWgeR2Zwy-4vQAAAk0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-10 12:53:13
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 08:53:08.473051 2026] [security2:error] [pid 2901631:tid 2901666] [client 52.173.163.128:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.mindgardens.com"] [uri "/@fs/.git/config"] [unique_id "adjytC3_s9tFljj7_BS6BgAAANU"], referer: https://www.linkedin.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-10 11:49:24
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 07:49:19.918061 2026] [security2:error] [pid 1898388:tid 1898388] [client 52.173.163.128:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "betiqos.com"] [uri "/@fs/app/.git/config"] [unique_id "adjjv2IOi7tjmpjWuYVIAwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-10 09:42:23
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 05:42:17.916401 2026] [security2:error] [pid 1897471:tid 1897471] [client 52.173.163.128:48064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "benwoodwv.com.mmldesign.com"] [uri "/@fs/app/.git/config"] [unique_id "adjF-TzlU08RTeNdCgloFwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-10 08:17:59
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.173.163.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 04:17:53.468607 2026] [security2:error] [pid 1428931:tid 1428931] [client 52.173.163.128:48064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cygnetsilks.com"] [uri "/@fs/.git/config"] [unique_id "adiyMY2ahKzxUL2GuGQbEgAAAAo"], referer: https://www.reddit.com/
show less
Brute-Force
Bad Web Bot
Web App Attack