JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.136.158.30

135.136.158.30 was found in our database!

This IP was reported 79 times. Confidence of Abuse is 100%: ?

100%

ISP	Hyonix UK Public 1
Usage Type	Data Center/Web Hosting/Transit
ASN	AS931
Domain Name	krixe.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.136.158.30

Whois 135.136.158.30

IP Abuse Reports for 135.136.158.30:

This IP address has been reported a total of 79 times from 43 distinct sources. 135.136.158.30 was first reported on June 20th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 boxed-it	2026-06-23 05:13:03 (1 day ago)	GET /.env (Tarpitted for 1d15h8m30s, wasted 8.06MB)	Web App Attack
🇧🇪 boxed-it	2026-06-23 01:29:48 (1 day ago)	GET /.env (Tarpitted for 1d15h8m32s, wasted 8.06MB)	Web App Attack
🇧🇪 boxed-it	2026-06-22 18:01:45 (1 day ago)	GET /.env (Tarpitted for 1d15h8m29s, wasted 8.06MB)	Web App Attack
🇧🇪 boxed-it	2026-06-22 15:47:13 (1 day ago)	GET /.env (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇺🇸 chronos	2026-06-22 06:55:01 (2 days ago)	[AUTORAVALT][[22/06/2026 - 03:55:00 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [135. ... show more [AUTORAVALT][[22/06/2026 - 03:55:00 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [135.136.158.30] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various oth] ... show less	Hacking Web App Attack
🇺🇸 chronos	2026-06-22 06:16:49 (2 days ago)	[AUTORAVALT][[22/06/2026 - 03:16:48 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [135. ... show more [AUTORAVALT][[22/06/2026 - 03:16:48 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [135.136.158.30] Action: BLocKed Bad Web Bot -> Webpage scraping (email extraction, content, etc.) crawlers that do not respect robots.txt. Excessive requests and user agent spoofing. ] ... show less	Bad Web Bot
Anonymous	2026-06-21 16:49:00 (2 days ago)	"GET /.env HTTP/1.1" "POST / HTTP/1.1" "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e ... show more "GET /.env HTTP/1.1" "POST / HTTP/1.1" "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 487 "-" "libredtail-http" "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 internetworld	2026-06-21 15:36:33 (2 days ago)	135.136.158.30 - - [21/Jun/2026:15:36:31 +0000] "GET /.env HTTP/1.1" 200 330 "-" "Mozilla/5.0 (Linux ... show more 135.136.158.30 - - [21/Jun/2026:15:36:31 +0000] "GET /.env HTTP/1.1" 200 330 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" ... show less	Bad Web Bot Web App Attack
🇮🇪 AutosOnShow	2026-06-21 11:17:05 (2 days ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-21 11:16:37.204 \|	Web App Attack
🇺🇸 pixiekat	2026-06-21 11:02:29 (2 days ago)	[Sun Jun 21 11:02:28.870439 2026] [authz_core:error] [pid 243484:tid 243490] [client 135.136.158.30: ... show more [Sun Jun 21 11:02:28.870439 2026] [authz_core:error] [pid 243484:tid 243490] [client 135.136.158.30:63715] AH01630: client denied by server configuration: /var/www/html/.env [Sun Jun 21 11:02:28.943247 2026] [authz_core:error] [pid 243484:tid 243500] [client 135.136.158.30:63743] AH01630: client denied by server configuration: /var/www/html/ [Sun Jun 21 11:02:29.054320 2026] [authz_core:error] [pid 243456:tid 243463] [client 135.136.158.30:63754] AH01630: client denied by server configuration: /var/www/html/.env [Sun Jun 21 11:02:29.152253 2026] [authz_core:error] [pid 243456:tid 243464] [client 135.136.158.30:63795] AH01630: client denied by server configuration: /var/www/html/ [Sun Jun 21 11:02:29.200017 2026] [authz_core:error] [pid 243484:tid 243491] [client 135.136.158.30:63825] AH01630: client denied by server configuration: /var/www/html/vendor ... show less	Brute-Force
🇩🇪 srtzero	2026-06-21 11:00:33 (2 days ago)	135.136.158.30 - - [21/Jun/2026:13:00:32 +0200] "GET /.env HTTP/1.1" 404 162 "-" "Mozilla/5.0 (Linux ... show more 135.136.158.30 - - [21/Jun/2026:13:00:32 +0200] "GET /.env HTTP/1.1" 404 162 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" ... show less	Port Scan Bad Web Bot Web App Attack
🇩🇪 mygcode.de	2026-06-21 10:55:43 (2 days ago)	Scanning for Exploits	Bad Web Bot
🇵🇱 nfsec.pl	2026-06-21 10:44:57 (2 days ago)	135.136.158.30 - - [21/Jun/2026:10:44:55 +0000] "GET /.env HTTP/1.1" 403 443 "-" "Mozilla/5.0 (Linux ... show more 135.136.158.30 - - [21/Jun/2026:10:44:55 +0000] "GET /.env HTTP/1.1" 403 443 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 135.136.158.30 - - [21/Jun/2026:10:44:56 +0000] "POST / HTTP/1.1" 403 443 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 135.136.158.30 - - [21/Jun/2026:10:44:56 +0000] "GET /.env HTTP/1.1" 403 5437 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 135.136.158.30 - - [21/Jun/2026:10:44:57 +0000] "POST / HTTP/1.1" 403 5575 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile ... show less	Web App Attack Exploited Host
🇦🇱 router.al	2026-06-21 10:06:51 (2 days ago)	06/21/2026-10:06:51.421845 135.136.158.30 Protocol: 6 ET SCAN Laravel Debug Mode Information Disclos ... show more 06/21/2026-10:06:51.421845 135.136.158.30 Protocol: 6 ET SCAN Laravel Debug Mode Information Disclosure Probe Inbound show less	Port Scan
🇩🇪 JLKnoch.com	2026-06-21 09:38:33 (2 days ago)	CrowdSec crowdsecurity/CVE-2017-9841	Brute-Force Web App Attack

Showing 1 to 15 of 79 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.61

🇺🇸 147.185.132.175

🇫🇮 135.181.59.116

🇮🇳 103.218.106.42

🇸🇬 101.47.159.125

🇺🇸 91.230.168.184

🇩🇪 51.75.64.35

🇨🇭 34.65.103.44

🇰🇷 121.78.125.123

🇵🇭 115.85.57.55

🇸🇬 114.119.143.247

🇨🇦 76.71.94.122

🇻🇳 27.71.230.31

🇯🇵 8.221.137.151

🇯🇵 203.25.124.140

🇵🇱 185.79.139.16

🇷🇺 176.112.128.143

🇺🇸 170.106.105.15

🇸🇬 114.119.145.169

🇺🇸 66.132.186.247