JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 69.164.253.121

69.164.253.121 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 100%: ?

100%

ISP	Host Department NJ, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26666
Hostname(s)	vps3449765.trouble-free.net
Domain Name	interserver.net
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 69.164.253.121

Whois 69.164.253.121

IP Abuse Reports for 69.164.253.121:

This IP address has been reported a total of 47 times from 34 distinct sources. 69.164.253.121 was first reported on May 29th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 paulshipley.com.au	2026-06-02 19:54:19 (2 weeks ago)	[Wed Jun 03 05:54:18.854739 2026] [security2:error] [pid 270980] [client 69.164.253.121:32946] [clie ... show more [Wed Jun 03 05:54:18.854739 2026] [security2:error] [pid 270980] [client 69.164.253.121:32946] [client 69.164.253.121] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dlcarterauthor.com"] [uri "/.env"] [unique_id "ah806hc57Lg29YZcj5YyNAAAAAM"] ... show less	Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-02 19:47:47 (2 weeks ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-mnz6-5)	Hacking Web App Attack
🇳🇱 i-turnradio.nl	2026-06-02 18:41:18 (2 weeks ago)	2026-06-02 @ 20:41:18 (CET) ~ Blocked for trying to access: /vendor/phpunit/phpunit/src/Util/PHP/eva ... show more 2026-06-02 @ 20:41:18 (CET) ~ Blocked for trying to access: /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php show less	Web App Attack
🇬🇧 Oakley	2026-06-02 18:38:35 (2 weeks ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇩🇪 Nevermind	2026-06-02 17:56:47 (2 weeks ago)	69.164.253.121 - - [02/Jun/2026:19:56:46 +0200] "GET /.env HTTP/1.1" 404 468 "-" "Mozilla/5.0 (Windo ... show more 69.164.253.121 - - [02/Jun/2026:19:56:46 +0200] "GET /.env HTTP/1.1" 404 468 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 69.164.253.121 - - [02/Jun/2026:19:56:46 +0200] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 468 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 69.164.253.121 - - [02/Jun/2026:19:56:46 +0200] "GET /vendor/laravel-filemanager/js/script.js HTTP/1.1" 404 468 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 69.164.253.121 - - [02/Jun/2026:19:56:47 +0200] "GET /.git/config HTTP/1.1" 404 468 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 CollideTech	2026-06-02 16:53:58 (2 weeks ago)	probing for vulnerabilities	Web App Attack
🇮🇩 Burayot	2026-06-02 16:39:41 (2 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 69.164.253.121 (US/United States/vp ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 69.164.253.121 (US/United States/vps3409912.trouble-free.net): 1 in the last 3600 secs show less	Web App Attack
🇬🇧 Aetherweb Ark	2026-06-02 16:21:20 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 69.164.253.121 (US/United States/vps3409912.tro ... show more (mod_security) mod_security (id:949110) triggered by 69.164.253.121 (US/United States/vps3409912.trouble-free.net): N in the last X secs show less	Web App Attack
🇩🇪 raph	2026-06-02 13:22:25 (2 weeks ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-02 12:09:45 (2 weeks ago)	Web vulnerability probing: /public/vendor/laravel-filemanager/js/script.js	Web App Attack
🇩🇪 sdos.es	2026-06-02 12:03:33 (2 weeks ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
🇮🇹 [email protected]	2026-06-02 11:45:14 (2 weeks ago)	69.164.253.121 - - [02/Jun/2026:12:10:49 +0200] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdi ... show more 69.164.253.121 - - [02/Jun/2026:12:10:49 +0200] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 2293 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 11:12:09 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 69.164.253.121 (vps3409912.trouble-free.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 69.164.253.121 (vps3409912.trouble-free.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:12:05.956281 2026] [security2:error] [pid 22211:tid 22211] [client 69.164.253.121:51874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digifonics.com"] [uri "/.env"] [unique_id "ah66hecBS6XNYHrxE0Y4SAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 [email protected]	2026-06-02 10:10:49 (2 weeks ago)	[Tue Jun 02 12:10:49.105821 2026] [authz_core:error] [pid 1780993:tid 1781097] [client 69.164.253.12 ... show more [Tue Jun 02 12:10:49.105821 2026] [authz_core:error] [pid 1780993:tid 1781097] [client 69.164.253.121:35170] AH01630: client denied by server configuration: /var/www/html/MyWeb/Public_www/.env show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 09:06:19 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 69.164.253.121 (vps3409912.trouble-free.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 69.164.253.121 (vps3409912.trouble-free.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:06:16.193903 2026] [security2:error] [pid 10695:tid 10695] [client 69.164.253.121:23136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diarrheawolves.com"] [uri "/.env"] [unique_id "ah6dCFMnc5_5g8vSU3OaeQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:10ff:4d::

🇨🇳 219.153.103.109

🇮🇳 182.70.255.242

🇳🇬 102.90.117.158

🇺🇸 20.102.98.53

🇰🇷 211.253.31.143

🇸🇬 152.42.240.74

🇻🇳 113.190.15.190

🇵🇱 109.206.219.9

🇨🇳 106.75.77.231

🇨🇦 99.248.75.50

🇫🇷 88.183.91.155

🇺🇸 74.114.29.219

🇨🇦 72.251.8.112

🇮🇶 65.20.166.171

🇳🇱 45.148.10.230

🇳🇱 45.148.10.121

🇨🇳 180.167.128.203

🇺🇸 165.154.134.190

🇪🇬 156.205.221.186