JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 80.76.49.205

80.76.49.205 was found in our database!

This IP was reported 248 times. Confidence of Abuse is 0%: ?

ISP	Virtuo Networks France SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS399486
Domain Name	virtuo.host
Country	🇺🇸 United States of America
City	Edison, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 80.76.49.205

Whois 80.76.49.205

IP Abuse Reports for 80.76.49.205:

This IP address has been reported a total of 248 times from 175 distinct sources. 80.76.49.205 was first reported on June 7th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-04-08 23:26:22 (2 months ago)	989 requests with url.path *.env	Brute-Force Bad Web Bot
🇬🇧 Axel	2026-04-08 22:44:56 (2 months ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇵🇱 lns.bz	2026-04-08 22:44:40 (2 months ago)	Web app attack [PL.Lu]	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 22:18:03 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 18:17:56.088969 2026] [security2:error] [pid 2652419:tid 2652419] [client 80.76.49.205:54318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "78cardsofthetarot-tarotmancy-tarot-cards-and-tarot-readings.com"] [uri "/.env"] [unique_id "adbUFH8umO0qJNqQnMHDRAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-04-08 22:06:21 (2 months ago)	Too many Status 40X (11) Scanning/Probing (12)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-08 22:00:53 (2 months ago)	Auto-ban: >3000 req/min op 2026-04-08	Web App Attack SSH Hacking
🇩🇪 Ba-Yu	2026-04-08 21:54:28 (2 months ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 21:51:27 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:51:22.491354 2026] [security2:error] [pid 3890926:tid 3890926] [client 80.76.49.205:52597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "48consultancy.com"] [uri "/.env"] [unique_id "adbN2vK00e2nAd0ZCm7nMgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 21:34:56 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:34:52.245926 2026] [security2:error] [pid 3280204:tid 3280204] [client 80.76.49.205:51652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2massociatesllc.com"] [uri "/.env"] [unique_id "adbJ_MSOn8pInwXw-RhjjQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-04-08 21:25:52 (2 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇩🇪 FeG Deutschland	2026-04-08 21:24:44 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 21:15:05 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 80.76.49.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:14:59.802263 2026] [security2:error] [pid 382410:tid 382410] [client 80.76.49.205:63075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10bestattorneys.com"] [uri "/.env"] [unique_id "adbFUyNv0Rd9_W2Vrn5-QQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-04-08 21:14:18 (2 months ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
Anonymous	2024-06-30 21:31:03 (1 year ago)	lfd: (sshd) Failed SSH login	Brute-Force SSH
🇨🇦 KIsmay	2024-06-30 19:24:52 (1 year ago)	Jun 30 15:24:44 www4 sshd[3585371]: Failed password for root from 80.76.49.205 port 53984 ssh2 Jun 3 ... show more Jun 30 15:24:44 www4 sshd[3585371]: Failed password for root from 80.76.49.205 port 53984 ssh2 Jun 30 15:24:45 www4 sshd[3585385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.76.49.205 user=root Jun 30 15:24:48 www4 sshd[3585385]: Failed password for root from 80.76.49.205 port 33824 ssh2 Jun 30 15:24:50 www4 sshd[3585405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.76.49.205 user=root Jun 30 15:24:52 www4 sshd[3585405]: Failed password for root from 80.76.49.205 port 33840 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 248 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 119.203.109.69

🇪🇸 90.162.13.50

🇬🇧 35.203.211.244

🇧🇷 34.95.220.139

🇬🇧 2a00:23c8:15b2:fa01:40d1:7269:b40e:354e

🇺🇸 216.25.89.125

🇩🇪 213.209.159.11

🇸🇪 172.234.104.44

🇳🇱 151.245.92.194

🇿🇦 105.233.67.36

🇮🇳 103.91.72.237

🇫🇷 85.217.140.10

🇬🇧 35.203.211.107

🇮🇳 34.131.221.41

🇻🇳 14.225.206.171

🇩🇪 213.209.159.56

🇷🇴 193.46.255.86

🇺🇸 165.154.36.71

🇸🇬 152.32.218.244

🇫🇮 147.185.133.5