JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 69.164.253.78

69.164.253.78 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 100%: ?

100%

ISP	Host Department NJ, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26666
Hostname(s)	vps3409906.trouble-free.net
Domain Name	interserver.net
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 69.164.253.78

Whois 69.164.253.78

IP Abuse Reports for 69.164.253.78:

This IP address has been reported a total of 60 times from 37 distinct sources. 69.164.253.78 was first reported on May 28th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 oisecnet	2026-06-02 21:02:15 (2 days ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-02. 5 requests from this I ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-02. 5 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 infra-monitor	2026-06-02 20:00:04 (2 days ago)	Automated ban via infra-monitor: suspicious-probe, crowdsecurity/http-cve-probing, crowdsecurity/CVE ... show more Automated ban via infra-monitor: suspicious-probe, crowdsecurity/http-cve-probing, crowdsecurity/CVE-2017-9841 show less	Port Scan Hacking Web App Attack
🇺🇸 kosada.com	2026-06-02 19:53:53 (2 days ago)	Web vulnerability probing: /_ignition/execute-solution	Web App Attack
🇨🇭 leo1305	2026-06-02 15:13:50 (3 days ago)	CrowdSec detection \| scenario: http-cve-probing	Web App Attack Exploited Host
Anonymous	2026-06-02 15:03:48 (3 days ago)	Fail2Ban: 2026/06/02 15:03:41 [info] 81#81: 11560 client sent no required SSL certificate while rea ... show more Fail2Ban: 2026/06/02 15:03:41 [info] 81#81: 11560 client sent no required SSL certificate while reading client request headers, client: 69.164.253.78, server: dash.ddns.schauwecker.eu, request: "GET / HTTP/1.1", host: "dash.ddns.schauwecker.eu" 2026/06/02 15:03:45 [info] 81#81: 11561 client sent no required SSL certificate while reading client request headers, client: 69.164.253.78, server: dash.ddns.schauwecker.eu, request: "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1", host: "dash.ddns.schauwecker.eu" 2026/06/02 15:03:47 [info] 81#81: 11562 client sent no required SSL certificate while reading client request headers, client: 69.164.253.78, server: dash.ddns.schauwecker.eu, request: "GET /vendor/laravel-filemanager/js/script.js HTTP/1.1", host: "dash.ddns.schauwecker.eu" show less	Hacking
🇺🇸 agenciahypelab.com.br	2026-06-02 14:52:29 (3 days ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇫🇷 900cm	2026-06-02 14:01:29 (3 days ago)	[Tue Jun 02 16:01:27.295769 2026] [access_compat:error] [pid 2805660:tid 2805660] [client 69.164.253 ... show more [Tue Jun 02 16:01:27.295769 2026] [access_compat:error] [pid 2805660:tid 2805660] [client 69.164.253.78:30022] AH01797: client denied by server configuration: /var/www/darkintruder/.env [Tue Jun 02 16:01:27.545353 2026] [access_compat:error] [pid 2098312:tid 2098312] [client 69.164.253.78:30034] AH01797: client denied by server configuration: /var/www/darkintruder/.env [Tue Jun 02 16:01:28.465507 2026] [access_compat:error] [pid 2805660:tid 2805660] [client 69.164.253.78:30022] AH01797: client denied by server configuration: /var/www/darkintruder/.git ... show less	Port Scan Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-02 13:30:21 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 69.164.253.78 (vps3409906.trouble-free.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 69.164.253.78 (vps3409906.trouble-free.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:30:15.044999 2026] [security2:error] [pid 2886:tid 2886] [client 69.164.253.78:55772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daprototype.desertalfas.org"] [uri "/.env"] [unique_id "ah7a56twrRcv60HUp1s9yQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 walnuts	2026-06-02 12:46:55 (3 days ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇩🇪 Kreapptivo	2026-06-02 12:25:28 (3 days ago)	[02/Jun/2026:14:25:25 +0200] Web-Request: "GET /.git/config", User-Agent: "Mozilla/5.0 (Windows NT 1 ... show more [02/Jun/2026:14:25:25 +0200] Web-Request: "GET /.git/config", User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 12:24:56 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 69.164.253.78 (vps3409906.trouble-free.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 69.164.253.78 (vps3409906.trouble-free.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 08:24:51.910106 2026] [security2:error] [pid 15015:tid 15015] [client 69.164.253.78:23542] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "danieljensen.org"] [uri "/.env"] [unique_id "ah7Lk3eET35JAtNFdLxmxwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 11:47:33 (3 days ago)	(mod_security) mod_security (id:949110) triggered by 69.164.253.78 (vps3409906.trouble-free.net): 1 ... show more (mod_security) mod_security (id:949110) triggered by 69.164.253.78 (vps3409906.trouble-free.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:47:27.420692 2026] [security2:error] [pid 12982:tid 12982] [client 69.164.253.78:59518] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "danchujkoassoc.com"] [uri "/.env"] [unique_id "ah7Cz1Ev2AHZKUCTbvCilgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-02 10:15:49 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 FeG Deutschland	2026-06-02 09:08:07 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇫🇷 IRISIO	2026-06-02 08:31:57 (3 days ago)	scans/SQL injection/spam posts : 22 queries	Web App Attack SQL Injection

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.123

🇮🇹 93.92.79.87

🇷🇴 92.118.39.236

🇫🇮 91.227.114.42

🇬🇧 35.203.211.109

🇺🇸 13.90.206.6

🇯🇵 212.32.76.53

🇺🇸 198.98.62.211

🇮🇳 103.183.45.23

🇳🇱 45.148.10.183

🇬🇧 35.189.77.184

🇺🇸 2a04:c606:409:91:9999::230

🇺🇸 205.210.31.87

🇦🇷 181.0.214.136

🇮🇹 151.95.211.132

🇬🇧 94.156.250.197

🇳🇱 45.148.10.151

🇯🇵 2406:da16:b16:bb01:5c50:60b:c8b0:cd69

🇨🇳 203.2.114.29

🇺🇸 103.143.231.2