JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 84.20.16.168

84.20.16.168 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 22%: ?

22%

ISP	GTT Communications Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-84-20-16-168.datapacket.com
Domain Name	gtt.net
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 84.20.16.168

Whois 84.20.16.168

IP Abuse Reports for 84.20.16.168:

This IP address has been reported a total of 68 times from 35 distinct sources. 84.20.16.168 was first reported on October 23rd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇴 AF	2026-06-19 18:14:05 (2 days ago)	Reporte automatizado de actividad sospechosa	DDoS Attack
🇨🇴 Dricci	2026-06-19 17:12:56 (2 days ago)	Reporte automatizado de actividad sospechosa	Port Scan
🇺🇸 xmission.com	2026-05-17 09:27:59 (1 month ago)	Blocked by UFW (TCP on 6881) Source port: 61701 TTL: 44 Packet length: 52 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 6881) Source port: 61701 TTL: 44 Packet length: 52 TOS: 0x08 This report (for 84.20.16.168) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-12 17:26:00 (1 month ago)	(mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 13:25:57.658154 2026] [security2:error] [pid 14636:tid 14636] [client 84.20.16.168:57114] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|musiclips4spotify.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "musiclips4spotify.com"] [uri "/images/stories/themes.php"] [unique_id "agNipS4VJC8UlxCchbGtCAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 plzenskypruvodce.cz	2026-05-06 12:28:38 (1 month ago)	2026-05-06T14:28:33.221418+02:00 web wordpress(choteborky.cz)[1103879]: Authentication attempt for u ... show more 2026-05-06T14:28:33.221418+02:00 web wordpress(choteborky.cz)[1103879]: Authentication attempt for unknown user Support from 84.20.16.168 2026-05-06T14:28:34.580394+02:00 web wordpress(choteborky.cz)[1103930]: Authentication attempt for unknown user 0123456989 from 84.20.16.168 2026-05-06T14:28:37.396465+02:00 web wordpress(choteborky.cz)[1103879]: Authentication attempt for unknown user administrator from 84.20.16.168 ... show less	Brute-Force
🇺🇸 Charlesiv	2026-05-02 08:01:38 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK ASN: 212238 (Datacamp Limited ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK ASN: 212238 (Datacamp Limited) Protocol: HTTP/2 (GET method) Endpoint: /key Query: ?v=133 Timestamp: 2026-05-02T06:37:03Z Ray ID: 9f5503df6ec8de04 UA: Go-http-client/2.0 show less	Bad Web Bot
🇫🇷 masterguru	2026-04-30 16:11:19 (1 month ago)	(wordpress) Apache: Failed WordPress login from 84.20.16.168 (CA/Canada/-): 10 in the last 3600 secs ... show more (wordpress) Apache: Failed WordPress login from 84.20.16.168 (CA/Canada/-): 10 in the last 3600 secs (0-193) show less	Hacking
🇳🇱 middelkoopcc	2026-04-26 12:05:04 (1 month ago)	2026-04-26 13:57:32 WordPress login error from 84.20.16.168: invalid_username && 2026-04-26 13:57:36 ... show more 2026-04-26 13:57:32 WordPress login error from 84.20.16.168: invalid_username && 2026-04-26 13:57:36 WordPress login error from 84.20.16.168: invalid_email && 2026-04-26 13:57:37 WordPress login error from 84.20.16.168: invalid_username && 27 more within 20 minutes show less	Brute-Force
🇨🇳 pengpeng	2026-04-13 04:57:10 (2 months ago)	monitor: on VM-0-7-ubuntu \| port: 60942 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 60942 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇿 Antinson	2026-04-11 02:16:32 (2 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-10 11:13:24 (2 months ago)	(mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 07:13:19.180733 2026] [security2:error] [pid 763476:tid 763476] [client 84.20.16.168:0] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|www.socialstudiesforkids.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.socialstudiesforkids.com"] [uri "/images/stories/themes.php"] [unique_id "adjbT6kcSSKGDeRPq8J1GgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-09 12:06:29 (2 months ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (35/60 min)'; Requests=35	Port Scan
🇺🇸 TPI-Abuse	2026-04-09 04:59:24 (2 months ago)	(mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 00:59:19.407291 2026] [security2:error] [pid 71621:tid 71621] [client 84.20.16.168:49184] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|eissenstat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "eissenstat.com"] [uri "/images/stories/themes.php"] [unique_id "adcyJy_S1E1cG1Ygefx0aQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-09 03:02:52 (2 months ago)	(mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 84.20.16.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 23:02:48.754962 2026] [security2:error] [pid 710604:tid 710604] [client 84.20.16.168:45788] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|eweddingsupplies.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "eweddingsupplies.com"] [uri "/images/stories/themes.php"] [unique_id "adcW2P4vYZHAwqa45cP8DQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-04-07 22:00:43 (2 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 165.99.16.135

🇩🇪 69.5.169.55

🇨🇳 47.120.56.129

🇨🇭 179.43.186.241

🇨🇳 123.56.83.180

🇺🇿 62.164.148.87

🇳🇱 45.198.224.115

🇸🇬 43.173.177.103

🇧🇷 43.164.197.146

🇺🇸 2602:80d:1007::1d

🇰🇷 221.165.6.102

🇨🇭 195.15.227.114

🇨🇳 180.102.110.163

🇩🇪 167.94.146.32

🇯🇵 152.32.146.235

🇺🇸 104.234.53.101

🇫🇷 91.231.89.4

🇳🇱 45.156.87.166

🇳🇱 45.153.34.16

🇪🇬 196.202.80.96