JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 69.5.20.93

69.5.20.93 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 100%: ?

100%

ISP	BYTEPLUS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS150436
Domain Name	bytedance.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 69.5.20.93

Whois 69.5.20.93

IP Abuse Reports for 69.5.20.93:

This IP address has been reported a total of 49 times from 43 distinct sources. 69.5.20.93 was first reported on June 14th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 bsoft.de	2026-06-15 07:56:31 (1 hour ago)	69.5.20.93 - - [15/Jun/2026:09:56:30 +0200] "HEAD / HTTP/1.1" 301 0 "-" "Googlebot/2.1 (+http://www. ... show more 69.5.20.93 - - [15/Jun/2026:09:56:30 +0200] "HEAD / HTTP/1.1" 301 0 "-" "Googlebot/2.1 (+http://www.google.com/bot.html)" show less	Bad Web Bot Web App Attack
🇧🇪 boxed-it	2026-06-15 07:38:33 (2 hours ago)	GET /.git/config (Tarpitted for , wasted 120B)	Web App Attack
🇩🇪 NxtGenIT	2026-06-15 05:48:30 (3 hours ago)	Tanner Honeypot hit, Event Type: , HTTP Method: GET, User Agent: , URI: /.gitlab-ci.js	SSH
🇺🇸 LSPCCU	2026-06-15 05:32:39 (4 hours ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Br ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: cowrie, ssh-telnet. Context: Attacker IP 69. show less	DDoS Attack Port Scan Hacking Brute-Force Web App Attack SSH
🇺🇸 eber965	2026-06-15 05:17:00 (4 hours ago)	[Mon Jun 15 01:16:53 2026] [authz_core:error] [pid 2656099:tid 140065888618240] [client 69.5.20.93:4 ... show more [Mon Jun 15 01:16:53 2026] [authz_core:error] [pid 2656099:tid 140065888618240] [client 69.5.20.93:40802] AH01630: client denied by server configuration: /var/www/html/.env [Mon Jun 15 01:16:56 2026] [authz_core:error] [pid 2656097:tid 140064336090880] [client 69.5.20.93:50218] AH01630: client denied by server configuration: /var/www/html/.env.production [Mon Jun 15 01:16:56 2026] [authz_core:error] [pid 2816418:tid 140065367901952] [client 69.5.20.93:50246] AH01630: client denied by server configuration: /var/www/html/.env [Mon Jun 15 01:16:56 2026] [authz_core:error] [pid 2656099:tid 140064570988288] [client 69.5.20.93:50306] AH01630: client denied by server configuration: /var/www/html/.aliyun [Mon Jun 15 01:16:56 2026] [authz_core:error] [pid 2656098:tid 140065502119680] [client 69.5.20.93:50292] AH01630: client denied by server configuration: /var/www/html/.env.staging ... show less	Brute-Force
🇺🇸 ChamberofCommerce.com	2026-06-15 04:49:55 (4 hours ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 03:48:33 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 69.5.20.93 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 69.5.20.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:48:26.520388 2026] [security2:error] [pid 17190:tid 17190] [client 69.5.20.93:38412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cmgpartners.com"] [uri "/.env.local"] [unique_id "ai92Cg9xYOHR4g1zU2wiIwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 03:16:31 (6 hours ago)	Sensitive file access attempt	Hacking
Anonymous	2026-06-15 03:09:48 (6 hours ago)	Aggressive web scan	Web App Attack
🇫🇷 maxxsense	2026-06-15 03:08:41 (6 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 69.5.20.93 (ID/Indonesia/-)	SQL Injection
🇩🇪 excill	2026-06-15 03:00:15 (6 hours ago)	Honeypot mesh observed 32637 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇫🇷 mouafiq	2026-06-15 02:08:39 (7 hours ago)	2026-06-15 02:08:38,195 8878 INFO ? werkzeug: 69.5.20.93 - - [15/Jun/2026 02:08:38] "GET /config.jso ... show more 2026-06-15 02:08:38,195 8878 INFO ? werkzeug: 69.5.20.93 - - [15/Jun/2026 02:08:38] "GET /config.json HTTP/1.0" 404 - 1 0.004 0.012 2026-06-15 02:08:38,204 15401 INFO ? werkzeug: 69.5.20.93 - - [15/Jun/2026 02:08:38] "GET /.env HTTP/1.0" 404 - 1 0.008 0.020 2026-06-15 02:08:38,222 15401 INFO ? werkzeug: 69.5.20.93 - - [15/Jun/2026 02:08:38] "GET /config.ini HTTP/1.0" 404 - 1 0.002 0.013 2026-06-15 02:08:38,231 8878 INFO ? werkzeug: 69.5.20.93 - - [15/Jun/2026 02:08:38] "GET /.env.local HTTP/1.0" 404 - 1 0.009 0.022 2026-06-15 02:08:38,248 15401 INFO ? werkzeug: 69.5.20.93 - - [15/Jun/2026 02:08:38] "GET /aliyun_config.json HTTP/1.0" 404 - 1 0.002 0.020 show less	Brute-Force SSH
🇩🇪 reznekcs	2026-06-15 01:47:32 (7 hours ago)	F2B apache-noscript ban. Logs: [Mon Jun 15 03:47:32.048548 2026] [proxy_fcgi:error] [pid 3016744] [c ... show more F2B apache-noscript ban. Logs: [Mon Jun 15 03:47:32.048548 2026] [proxy_fcgi:error] [pid 3016744] [client 69.5.20.93:49392] AH01071: Got error 'Primary script unknown' [Mon Jun 15 03:47:32.059690 2026] [proxy_fcgi:error] [pid 3025427] [client 69.5.20.93:49424] AH01071: Got error 'Primary script unknown' [Mon Jun 15 03:47:32.077078 2026] [proxy_fcgi:error] [pid 3025433] [client 69.5.20.93:49432] AH01071: Got error 'Primary script unknown' show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:36:53 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 69.5.20.93 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 69.5.20.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:36:47.883976 2026] [security2:error] [pid 18541:tid 18541] [client 69.5.20.93:48994] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.92"] [uri "/.git/config"] [unique_id "ai9XL8cAc-qrH926Ep2dEQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Hostynet	2026-06-15 01:22:43 (8 hours ago)	TCP SYN flood detected by MikroTik RouterOS filter (sustained half-open connection rate from single ... show more TCP SYN flood detected by MikroTik RouterOS filter (sustained half-open connection rate from single source). Source automatically blacklisted. show less	DDoS Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9639:4001

🇳🇱 176.65.149.236

🇳🇱 167.71.1.65

🇨🇳 120.236.49.131

🇫🇷 85.217.140.13

🇧🇬 45.88.138.45

🇺🇸 13.105.68.208

🇮🇳 125.16.27.190

🇳🇱 45.142.193.191

🇺🇸 34.125.133.185

🇫🇮 34.88.22.244

🇺🇸 18.118.199.35

🇺🇸 8.231.37.242

🇮🇷 2.180.232.55

🇪🇸 213.201.70.60

🇧🇩 103.112.62.144

🇳🇱 45.156.87.34

🇸🇬 43.156.229.55

🇷🇴 2.57.122.177

🇰🇷 211.216.58.204