JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 84.17.48.68

84.17.48.68 was found in our database!

This IP was reported 357 times. Confidence of Abuse is 0%: ?

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-84-17-48-68.cdn77.com
Domain Name	datacamp.co.uk
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 84.17.48.68

Whois 84.17.48.68

IP Abuse Reports for 84.17.48.68:

This IP address has been reported a total of 357 times from 62 distinct sources. 84.17.48.68 was first reported on November 28th 2020, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Skyrider	2025-10-04 13:30:42 (8 months ago)	84.17.48.68 - - [04/Oct/2025:15:30:41 +0200] "GET /impressum.html HTTP/2.0" 404 162 "-" "Mozilla/5.0 ... show more 84.17.48.68 - - [04/Oct/2025:15:30:41 +0200] "GET /impressum.html HTTP/2.0" 404 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 84.17.48.68 - - [04/Oct/2025:15:30:41 +0200] "GET /impressum.htm HTTP/2.0" 404 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 84.17.48.68 - - [04/Oct/2025:15:30:41 +0200] "GET /impressum.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 84.17.48.68 - - [04/Oct/2025:15:30:42 +0200] "GET /impressum/ HTTP/2.0" 404 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" 84.17.48.68 - - [04/Oct/2025:15:30:42 +0200] "GET /impressum HTTP/2.0" 404 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0" show less	Bad Web Bot Web App Attack
🇨🇭 ranklord	2025-02-17 11:00:30 (1 year ago)	Feb 17 10:24:32 webo sshd[592906]: Received disconnect from 84.17.48.68 port 61954:11: disconnected ... show more Feb 17 10:24:32 webo sshd[592906]: Received disconnect from 84.17.48.68 port 61954:11: disconnected by user Feb 17 11:00:29 webo sshd[592983]: Received disconnect from 84.17.48.68 port 62054:11: disconnected by user ... show less	Brute-Force SSH
Anonymous	2024-11-28 19:37:26 (1 year ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
🇮🇩 Incidents Response Neptus Team	2024-11-24 02:40:00 (1 year ago)	Report Abuse IP	Hacking SQL Injection Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2024-10-25 05:04:56 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 84.17.48.68 (unn-84-17-48-68.cdn77.com): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 84.17.48.68 (unn-84-17-48-68.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 25 01:04:51.142433 2024] [security2:error] [pid 23551:tid 23551] [client 84.17.48.68:64876] [client 84.17.48.68] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|web25.dnchosting.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "web25.dnchosting.com"] [uri "/moveitisapi/moveitisapi.dll"] [unique_id "Zxsm84lnfGFBAKK3T2QEjwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-15 12:36:05 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 84.17.48.68 (unn-84-17-48-68.cdn77.com): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 84.17.48.68 (unn-84-17-48-68.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 15 08:35:59.372647 2024] [security2:error] [pid 1401:tid 1401] [client 84.17.48.68:58875] [client 84.17.48.68] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|192.64.150.227\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.150.227"] [uri "/moveitisapi/moveitisapi.dll"] [unique_id "Zw5hrziQffBajHbZK3rwXAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-14 04:46:50 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 84.17.48.68 (unn-84-17-48-68.cdn77.com): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 84.17.48.68 (unn-84-17-48-68.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 00:46:44.715085 2024] [security2:error] [pid 11391:tid 11544] [client 84.17.48.68:9199] [client 84.17.48.68] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.gilesrentalcars.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.gilesrentalcars.com"] [uri "/moveitisapi/moveitisapi.dll"] [unique_id "ZwyiNDUu_62S0kyp5vqBBgAAARA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 diego	2024-09-30 16:41:56 (1 year ago)	Events: TCP SYN Discovery or Flooding, Seen 5 times in the last 10800 seconds	DDoS Attack
🇺🇸 snappic	2024-09-27 01:47:19 (1 year ago)	Malicious query string [GET /filter/jmol/js/jsmol/php/jsmol.php?call=getRawDataFromDatabase&query=fi ... show more Malicious query string [GET /filter/jmol/js/jsmol/php/jsmol.php?call=getRawDataFromDatabase&query=file:///etc/profile] [Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36] Reported from WAF sampled requests show less	Bad Web Bot Web App Attack
🇳🇱 frits west	2024-09-26 23:43:09 (1 year ago)	(mod_security) mod_security triggered on hostname [redacted] 84.17.48.68 (DE/Germany/unn-84-17-48-68 ... show more (mod_security) mod_security triggered on hostname [redacted] 84.17.48.68 (DE/Germany/unn-84-17-48-68.cdn77.com) show less	SQL Injection
Anonymous	2024-09-26 20:21:33 (1 year ago)	wordpress-trap	Web App Attack
Anonymous	2024-09-26 20:02:44 (1 year ago)	Aggressive web scan	Web App Attack
🇺🇸 snappic	2024-09-16 23:39:45 (1 year ago)	Malicious URI path [GET /actuator/] [Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Ge ... show more Malicious URI path [GET /actuator/] [Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36] Reported from WAF sampled requests show less	Bad Web Bot Web App Attack
🇫🇷 Nicolmn	2024-09-06 18:59:58 (1 year ago)	Web form spam ( id mmssr.l )	Web Spam
🇸🇬 oncord	2024-09-06 18:49:26 (1 year ago)	Form spam	Web Spam

Showing 1 to 15 of 357 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.88

🇻🇳 103.60.242.169

🇭🇰 199.45.154.184

🇦🇷 190.192.122.5

🇭🇰 154.221.20.92

🇮🇳 136.232.11.10

🇺🇸 66.198.221.50

🇨🇳 220.197.14.60

🇨🇦 167.114.156.169

🇵🇭 136.158.62.179

🇨🇳 123.160.175.187

🇺🇸 97.171.106.56

🇺🇸 71.162.241.169

🇺🇸 65.49.20.124

🇺🇸 52.248.43.121

🇸🇪 20.91.198.61

🇰🇷 14.63.196.175

🇳🇱 178.16.54.137

🇺🇸 172.236.228.220

🇺🇸 172.203.134.70