AbuseIPDB » 81.17.19.74

81.17.19.74 was found in our database!

This IP was reported 175 times. Confidence of Abuse is 100%: ?

100%

ISP	Private Layer Inc
Usage Type	Data Center/Web Hosting/Transit
Hostname(s)	swz3.enduserexp.com
Domain Name	privatelayer.com
Country	Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 81.17.19.74

Whois 81.17.19.74

IP Abuse Reports for 81.17.19.74:

This IP address has been reported a total of 175 times from 94 distinct sources. 81.17.19.74 was first reported on April 10th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
jasperedv.de	08 Aug 2022	Apache Login - Brutforcing	Brute-Force Web App Attack
Clapper	08 Aug 2022	(mod_security) mod_security (id:949110) triggered by 81.17.19.74 (CH/Switzerland/swz3.enduserexp.com ... show more(mod_security) mod_security (id:949110) triggered by 81.17.19.74 (CH/Switzerland/swz3.enduserexp.com): 5 in the last 14400 secs; ID: rub show less	Brute-Force Bad Web Bot
el-brujo	08 Aug 2022	09/Aug/2022:00:40:59 +0200Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 81.17.1 ... show more09/Aug/2022:00:40:59 +0200Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 81.17.19.74] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "124"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.git/ found within REQUEST_FILENAME: /.git/head"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "ns2.elhacker.net"] [uri "/.git/HEAD"] [unique_id "[email protected]"] ... show less	Hacking Web App Attack
GeekOnTheHill	08 Aug 2022	GET /.git/HEAD HTTP/1.1	Hacking Web App Attack
Sofibox Cyberwatch	08 Aug 2022	[bad_ip: 81.17.19.74 [alert_level: High Risk [inbound(0)+outbound(2): 2 [target_port: 34112 [class: ... show more[bad_ip: 81.17.19.74 [alert_level: High Risk [inbound(0)+outbound(2): 2 [target_port: 34112 [class: Attempted Information Leak [msg: GPL WEB_SERVER 403 Forbidden [csf_block_status: ip-already-blocked [blcheck_ip_score: 94.62% (10/186) [blcheck_domain: "dunk.dnsbl.tuxad.de,hartkore.dnsbl.tuxad.de,bl.fmb.la,all.s5h.net,cbl.abuseat.org,b.barracudacentra [blcheck_comment: "blcheck IPv4+IPv6 scanner v0.7.8 @ github.com/sofibox/blcheck" [log_suspicious_score: 15.79% [mod_security_alert: false [has_cidr24_network: false(1) show less	Web App Attack
someone	08 Aug 2022	*:80 81.17.19.74 - - [08/Aug/2022:22:35:09 +0200] "GET /.git/HEAD HTTP/1.1" 301 431 "-" "Mozilla/5.0 ... show more*:80 81.17.19.74 - - [08/Aug/2022:22:35:09 +0200] "GET /.git/HEAD HTTP/1.1" 301 431 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0" show less	Web App Attack
Sofibox Cyberwatch	08 Aug 2022	[bad_ip: 81.17.19.74 [alert_level: High Risk [inbound(0)+outbound(1): 1 [target_port: 51350 [class: ... show more[bad_ip: 81.17.19.74 [alert_level: High Risk [inbound(0)+outbound(1): 1 [target_port: 51350 [class: Attempted Information Leak [msg: GPL WEB_SERVER 403 Forbidden [csf_block_status: ok-ip-block-success [blcheck_ip_score: 94.62% (10/186) [blcheck_domain: "dunk.dnsbl.tuxad.de,hartkore.dnsbl.tuxad.de,bl.fmb.la,all.s5h.net,cbl.abuseat.org,b.barracudacentra [blcheck_comment: "blcheck IPv4+IPv6 scanner v0.7.8 @ github.com/sofibox/blcheck" [log_suspicious_score: 10.53% [mod_security_alert: false [has_cidr24_network: false(0) show less	Web App Attack
Anonymous	08 Aug 2022	79.172.201.32:80 81.17.19.74 - - [08/Aug/2022:21:17:39 +0200] "GET /.git/HEAD HTTP/1.1" 404 470 "-" ... show more79.172.201.32:80 81.17.19.74 - - [08/Aug/2022:21:17:39 +0200] "GET /.git/HEAD HTTP/1.1" 404 470 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0" show less	Web App Attack
webbfabriken	08 Aug 2022	Posting spam/hacking or other abusive activity. Attack reported by Webbfabiken Security API - ... show morePosting spam/hacking or other abusive activity. Attack reported by Webbfabiken Security API - WFSecAPI show less	Hacking
el-brujo	08 Aug 2022	08/Aug/2022:20:03:05 +0200Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 81.17.1 ... show more08/Aug/2022:20:03:05 +0200Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 81.17.19.74] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "124"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.git/ found within REQUEST_FILENAME: /.git/head"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "www.hostench.eu"] [uri "/.git/HEAD"] [unique_id "YvFP2WfjlMU2PqtC8l0bxwAAABU"] ... show less	Hacking Web App Attack
debaba	08 Aug 2022		Brute-Force Web App Attack
Anonymous	08 Aug 2022	81.17.19.74 - sliver85.eu - [08/Aug/2022:17:13:26 +0200] "GET /.git/HEAD HTTP/1.1" 444 "Mozilla/5.0 ... show more81.17.19.74 - sliver85.eu - [08/Aug/2022:17:13:26 +0200] "GET /.git/HEAD HTTP/1.1" 444 "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0" 81.17.19.74 - autoconfig.sliver85.eu - [08/Aug/2022:17:54:30 +0200] "GET /.git/HEAD HTTP/1.1" 444 "Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0" ... show less	Brute-Force Web App Attack
Trueforce Threat Report	08 Aug 2022	Automated report, trolling for resource vulnerabilities	Bad Web Bot Web App Attack
pa4080	05 Aug 2022	Detected by ModSecurity. Request URI: /.git/HEAD	Web App Attack
Anonymous	05 Aug 2022	81.2.198.4:80 81.17.19.74 - - [05/Aug/2022:19:24:10 +0200] "GET /.git/HEAD HTTP/1.1" 302 494 "-" "Mo ... show more81.2.198.4:80 81.17.19.74 - - [05/Aug/2022:19:24:10 +0200] "GET /.git/HEAD HTTP/1.1" 302 494 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0" show less	Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩