JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 93.127.217.165

93.127.217.165 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 58%: ?

58%

ISP	IPFFM Internet Provider Frankfurt GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Hostname(s)	srv1688270.hstgr.cloud
Domain Name	ipffm.de
Country	🇺🇸 United States of America
City	Boston, Massachusetts

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 93.127.217.165

Whois 93.127.217.165

IP Abuse Reports for 93.127.217.165:

This IP address has been reported a total of 39 times from 19 distinct sources. 93.127.217.165 was first reported on May 20th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-31 16:02:04 (2 weeks ago)	Bot / scanning and/or hacking attempts: GET /.git/config HTTP/1.1, GET /.git/HEAD HTTP/1.1	Hacking Web App Attack
🇺🇸 mnsf	2026-05-31 15:05:36 (2 weeks ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇨🇭 4server	2026-05-31 06:04:33 (2 weeks ago)	[SunMay3108:04:29.3925852026][security2:error][pid2235413:tid2235818][client93.127.217.165:0]ModSecu ... show more [SunMay3108:04:29.3925852026][security2:error][pid2235413:tid2235818][client93.127.217.165:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"shadowdrummer.com\"][uri\"/.git/HEAD\"][unique_id\"ahvPbaJcKkLoGL09joeOdgAAAEk\"] show less	Hacking Web App Attack
🇦🇺 OneLuca	2026-05-31 05:50:13 (2 weeks ago)	performed GET request to /.git/config, probing for exposed or leaked files	Web App Attack
🇺🇸 interbiznw.com	2026-05-30 18:59:18 (3 weeks ago)	fail2ban-ban	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 FeG Deutschland	2026-05-30 15:26:57 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 13:01:23 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 09:01:18.680034 2026] [security2:error] [pid 7722:tid 7722] [client 93.127.217.165:55634] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emailaegis.axiomemail.net"] [uri "/.git/HEAD"] [unique_id "ahrfnkQ8LZwWRQQz9JELnQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 15:50:54 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 11:50:48.901904 2026] [security2:error] [pid 9008:tid 9008] [client 93.127.217.165:60168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amgstone.38floorsupply.com"] [uri "/.git/config"] [unique_id "ahm12JtdYtJgYccOsrEsbQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-05-29 04:28:17 (3 weeks ago)	2026/05/29 05:28:15 [error] 3402#3402: 8461689 access forbidden by rule, client: 93.127.217.165, se ... show more 2026/05/29 05:28:15 [error] 3402#3402: 8461689 access forbidden by rule, client: 93.127.217.165, server: getasecondlife.net, request: "GET /api/.env HTTP/1.1", host: "getasecondlife.net" 2026/05/29 05:28:15 [error] 3402#3402: *8461689 access forbidden by rule, client: 93.127.217.165, server: getasecondlife.net, request: "GET /.env HTTP/1.1", host: "getasecondlife.net" 93.127.217.165 - - [29/May/2026:05:28:15 +0100] "GET /.env HTTP/1.1" 403 1057 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" show less	Brute-Force Web App Attack
🇩🇪 Bedios GmbH	2026-05-29 00:32:07 (3 weeks ago)	Login credentials theft attempt	Hacking
🇨🇭 ALPHANET	2026-05-27 22:07:56 (3 weeks ago)	web exploits	Hacking Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 21:44:11 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 17:44:04.727528 2026] [security2:error] [pid 6236:tid 6236] [client 93.127.217.165:53548] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eagrant.com"] [uri "/.git/config"] [unique_id "ahdlpLW29UlLqVS4bQ_EAgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 17:53:16 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 13:53:09.526454 2026] [security2:error] [pid 29156:tid 29156] [client 93.127.217.165:47590] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "westernmassaa.net"] [uri "/.git/config"] [unique_id "ahcvhda3tZvWqXYxC54B8QAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 13:37:51 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 09:37:47.040241 2026] [security2:error] [pid 9828:tid 9828] [client 93.127.217.165:37486] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.meridianranchdrc.org"] [uri "/.git/HEAD"] [unique_id "ahWiK-UzUvu6JYROhBstwgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 09:28:20 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 93.127.217.165 (srv1688270.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 05:28:15.237265 2026] [security2:error] [pid 29444:tid 29444] [client 93.127.217.165:43474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "faeriefeelers.com"] [uri "/.git/HEAD"] [unique_id "ahVnrw-yg_-HRVJ690SmzQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.38

🇳🇱 195.178.110.30

🇺🇸 193.9.46.183

🇫🇷 176.134.202.238

🇩🇪 165.227.159.13

🇺🇸 2a0c:9f00:a000:20d1::1

🇭🇰 2404:6800:4005:c02::124

🇧🇷 205.210.31.241

🇨🇦 198.251.61.217

🇧🇪 198.235.24.255

🇺🇸 191.102.179.148

🇳🇮 190.212.126.2

🇳🇱 185.224.128.16

🇸🇪 185.195.233.161

🇪🇸 185.176.8.77

🇺🇸 165.154.182.207

🇸🇬 152.32.218.244

🇿🇦 105.187.231.247

🇹🇷 88.250.45.40

🇺🇸 64.62.197.47