JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.46.167.76

94.46.167.76 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 0%: ?

ISP	LIS DEDICATED SERVERS IP SPACE
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24768
Hostname(s)	sv04.invisual.pt
Domain Name	ptisp.pt
Country	🇵🇹 Portugal
City	Lisbon, Lisbon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.46.167.76

Whois 94.46.167.76

IP Abuse Reports for 94.46.167.76:

This IP address has been reported a total of 148 times from 49 distinct sources. 94.46.167.76 was first reported on November 29th 2020, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 ipreporter1	2025-09-01 16:00:37 (9 months ago)	Bruteforce webapp with combolist	VPN IP Hacking Brute-Force
🇩🇪 hbrks	2024-04-17 16:47:20 (2 years ago)	HEAD http://marche-be.com/back/bak.gz * statusCode: 503 *	Web Spam Hacking Bad Web Bot
🇩🇪 hbrks	2024-04-17 16:26:09 (2 years ago)	HEAD http://crm.marche-be.com/backups/public_html.rar * statusCode: 503 *	Web Spam Hacking Bad Web Bot
🇩🇪 hbrks	2024-04-13 09:34:32 (2 years ago)	HEAD http://techtronicgambia.com/backups/www.sql * statusCode: 503 *	Web Spam Hacking Bad Web Bot
🇩🇪 hbrks	2024-04-08 03:32:54 (2 years ago)	HEAD http://marche-be.com/restore/well-known.zip * statusCode: 503 *	Web Spam Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2024-04-03 18:51:52 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 03 14:51:45.494503 2024] [security2:error] [pid 29639:tid 47764761478912] [client 94.46.167.76:20461] [client 94.46.167.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|seattlebasketballservices.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "seattlebasketballservices.com"] [uri "/backups/sql.sql"] [unique_id "Zg2lQUMbCuCCUcnq7J_NRQAAAUk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-04-01 18:49:39 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 01 14:49:34.004342 2024] [security2:error] [pid 17453] [client 94.46.167.76:51759] [client 94.46.167.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jfexpressfr8.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jfexpressfr8.com"] [uri "/backups/sql.sql"] [unique_id "ZgsBvohQNNsK1lcFitb_bwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-04-01 07:00:50 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 TPI-Abuse	2024-03-28 05:06:35 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 28 01:06:29.062277 2024] [security2:error] [pid 20676] [client 94.46.167.76:32235] [client 94.46.167.76] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boat-accessories.net"] [uri "/back/sftp-config.json"] [unique_id "ZgT61Vn0jW1x83Z8HusTbwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2024-03-27 23:05:22 (2 years ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇸 TheMadBeaker	2024-03-26 14:57:59 (2 years ago)	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	Hacking SQL Injection
🇺🇸 TPI-Abuse	2024-03-15 13:03:19 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 15 09:03:13.572837 2024] [security2:error] [pid 455596:tid 47759616009984] [client 94.46.167.76:5431] [client 94.46.167.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dpscsde.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dpscsde.com"] [uri "/BlockCypher.log"] [unique_id "ZfRHEcnULMR1Ru0mEB5XbQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-03-13 15:58:33 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 94.46.167.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 13 11:58:28.836967 2024] [security2:error] [pid 8617] [client 94.46.167.76:33137] [client 94.46.167.76] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bitcointradingsquare.com"] [uri "/old/.env"] [unique_id "ZfHNJF68sYGsjefIVGX9-wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 hbrks	2024-03-13 09:27:43 (2 years ago)	HEAD http://techtronicgambia.com/restore/website.zip statusCode: 503	Web Spam Hacking Bad Web Bot
🇩🇪 hbrks	2024-03-13 09:12:04 (2 years ago)	HEAD http://techtronicgambia.com/bak/config.js statusCode: 503	Web Spam Hacking Bad Web Bot

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.120.41

🇦🇷 138.117.16.125

🇵🇱 87.251.64.144

🇩🇪 43.157.98.118

🇩🇪 2.26.64.64

🇩🇪 2a03:4000:28:26d:3880:acff:fe59:581

🇧🇷 201.17.133.138

🇺🇸 193.34.74.12

🇺🇸 192.3.96.60

🇲🇽 187.216.224.85

🇫🇮 147.185.133.138

🇨🇳 139.199.225.96

🇨🇳 124.223.78.215

🇹🇭 118.194.250.95

🇺🇸 107.167.34.125

🇬🇧 45.198.224.46

🇳🇵 27.34.110.114

🇺🇸 2602:fb54:1a00::1c3

🇺🇸 207.246.106.68

🇬🇧 185.247.137.49