JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 81.17.20.58

81.17.20.58 was found in our database!

This IP was reported 1,054 times. Confidence of Abuse is 0%: ?

ISP	CLIENT7605
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51852
Hostname(s)	hostedby.privatelayer.com
Domain Name	privatelayer.com
Country	🇨🇭 Switzerland
City	Bellinzona, Ticino

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 81.17.20.58

Whois 81.17.20.58

IP Abuse Reports for 81.17.20.58:

This IP address has been reported a total of 1,054 times from 148 distinct sources. 81.17.20.58 was first reported on December 9th 2022, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-08-22 15:11:27 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 11:11:20.977872 2024] [security2:error] [pid 17892:tid 17892] [client 81.17.20.58:55324] [client 81.17.20.58] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "86mountaineers.net"] [uri "/.git/config"] [unique_id "ZsdVGIbEzpcH8r4j4pyyVQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-22 02:38:47 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 22:38:39.020904 2024] [security2:error] [pid 4761:tid 4761] [client 81.17.20.58:46046] [client 81.17.20.58] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|fgrotary.org\|F\|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fgrotary.org"] [uri "/wp-config.cfg"] [unique_id "Zsakr7JqNEpjoWLHGKqsYwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 NyaljBe	2024-08-17 09:20:00 (1 year ago)	heavy wp-login.php & xmlrpc.php attack	Web App Attack
🇸🇬 oncord	2024-08-14 07:18:20 (1 year ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2024-08-14 03:39:14 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 23:39:07.112090 2024] [security2:error] [pid 27204:tid 27204] [client 81.17.20.58:52546] [client 81.17.20.58] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artbytracyjane.com"] [uri "/wp-config.phpd"] [unique_id "Zrwm27zv5EsQh5ySNEnopAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-11 19:58:48 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 15:58:44.216284 2024] [security2:error] [pid 25923:tid 25956] [client 81.17.20.58:43750] [client 81.17.20.58] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|condo.management\|F\|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "condo.management"] [uri "/wp-config.backup"] [unique_id "ZrkX9KDkTuUF61js3TByCgAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2024-08-11 18:55:29 (1 year ago)	Form spam	Web Spam
🇦🇺 MAGIC	2024-08-11 16:04:49 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2024-08-09 01:11:03 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-08-05 23:25:21 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 19:25:14.306646 2024] [security2:error] [pid 26740:tid 26740] [client 81.17.20.58:44250] [client 81.17.20.58] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "famagustacyprus.eu"] [uri "/wp-config.phpa"] [unique_id "ZrFfWuU_g8e2guXdFHcvHAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2024-08-05 20:01:13 (1 year ago)	Xmlrpc Caught (10)	Brute-Force Web App Attack
🇺🇸 rsiddall	2024-08-05 17:28:26 (1 year ago)	81.17.20.58 - - [05/Aug/2024:13:28:25 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 ( ... show more 81.17.20.58 - - [05/Aug/2024:13:28:25 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393" 81.17.20.58 - - [05/Aug/2024:13:28:25 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393" ... show less	Brute-Force
🇩🇪 Bedios GmbH	2024-08-05 15:54:29 (1 year ago)	Wordpress hacking attempt	Web App Attack
🇸🇬 oncord	2024-08-04 18:15:01 (1 year ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2024-08-04 10:10:55 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 81.17.20.58 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 06:10:47.036133 2024] [security2:error] [pid 2764:tid 2764] [client 81.17.20.58:43900] [client 81.17.20.58] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.schonfashion.com"] [uri "/.git/config"] [unique_id "Zq9TpwWlC66J4HrQGj1wlgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 1054 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.58

🇨🇦 40.85.218.222

🇨🇳 183.251.241.55

🇺🇸 95.164.234.160

🇺🇸 20.42.92.153

🇩🇪 5.231.119.244

🇨🇳 222.241.248.117

🇧🇷 205.210.31.186

🇳🇱 185.236.20.134

🇫🇮 147.185.133.161

🇩🇪 144.76.151.45

🇹🇼 198.235.24.78

🇳🇱 192.253.248.169

🇦🇷 190.181.101.160

🇺🇸 172.59.113.16

🇸🇬 167.172.93.203

🇨🇳 115.190.115.238

🇫🇷 107.191.46.144

🇺🇸 104.28.233.73

🇳🇱 91.92.40.4