AbuseIPDB » 136.144.35.158

136.144.35.158 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 82%: ?

82%

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396356
Domain Name	vpnconsumer.com
Country	United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 136.144.35.158

Whois 136.144.35.158

IP Abuse Reports for 136.144.35.158:

This IP address has been reported a total of 136 times from 78 distinct sources. 136.144.35.158 was first reported on October 15th 2022, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
BestFans.com	2025-06-30 04:27:15 (1 week ago)	Credential brute-force attacks on webpage logins	Brute-Force
teamsecure	2025-06-17 06:26:13 (2 weeks ago)	Banned for trying to access env	Web App Attack
jcbriar	2025-06-16 02:29:11 (3 weeks ago)	Searching for vulnerable scripts	Hacking Web App Attack
AWW-Admin	2025-06-15 19:25:15 (3 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 136.144.35.158 (US/United States/-)	SQL Injection
clapper	2025-06-15 17:34:50 (3 weeks ago)	(mod_security) mod_security (id:949110) triggered by 136.144.35.158 (US/United States/-): 3 in the l ... show more(mod_security) mod_security (id:949110) triggered by 136.144.35.158 (US/United States/-): 3 in the last 3600 secs; ID: LUC show less	Brute-Force Bad Web Bot
Vaction	2025-06-15 13:31:57 (3 weeks ago)	136.144.35.158 - - [15/Jun/2025:15:31:57 +0200] "GET /ws-config.json HTTP/1.1" 404 397 "-" "Mozilla/ ... show more136.144.35.158 - - [15/Jun/2025:15:31:57 +0200] "GET /ws-config.json HTTP/1.1" 404 397 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0" show less	Hacking Bad Web Bot Web App Attack
ut-addicted.com	2025-06-15 12:05:41 (3 weeks ago)	\[15/Jun/2025:14:03:17 +0200\] aE62hR2S4CeS7IEgS4Y7fQAAAMQ 136.144.35.158 26941 78.46.187.162 80<br ... show more\[15/Jun/2025:14:03:17 +0200\] aE62hR2S4CeS7IEgS4Y7fQAAAMQ 136.144.35.158 26941 78.46.187.162 80 \[15/Jun/2025:14:05:00 +0200\] aE627B2S4CeS7IEgS4Y7mwAAANY 136.144.35.158 41067 78.46.187.162 80 \[15/Jun/2025:14:05:39 +0200\] aE63Ex2S4CeS7IEgS4Y7oAAAANM 136.144.35.158 24113 78.46.187.162 80 show less	Brute-Force Web App Attack
clapper	2025-06-15 11:40:41 (3 weeks ago)	(mod_security) mod_security (id:949110) triggered by 136.144.35.158 (US/United States/-): 5 in the l ... show more(mod_security) mod_security (id:949110) triggered by 136.144.35.158 (US/United States/-): 5 in the last 3600 secs; ID: rub show less	Brute-Force Bad Web Bot
Shouddy Tarano	2025-06-15 08:41:32 (3 weeks ago)	[Sun Jun 15 02:40:11.502211 2025] [authz_core:error] [pid 4125217:tid 140520282105600] [client 136.1 ... show more[Sun Jun 15 02:40:11.502211 2025] [authz_core:error] [pid 4125217:tid 140520282105600] [client 136.144.35.158:48269] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/.DS_Store [Sun Jun 15 02:40:36.018189 2025] [authz_core:error] [pid 4125217:tid 140519493584640] [client 136.144.35.158:11815] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/cp [Sun Jun 15 02:40:40.866296 2025] [authz_core:error] [pid 4125217:tid 140520181458688] [client 136.144.35.158:52205] AH01630: client denied by server configuration: /var/www/html/redmine [Sun Jun 15 02:40:48.040704 2025] [authz_core:error] [pid 4124970:tid 140520697485056] [client 136.144.35.158:59623] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/live_env [Sun Jun 15 02:41:30.609809 2025] [authz_core:error] [pid 4124969:tid 140520475039488] [client 136.144.35.158:8471] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/deb ... show less	DDoS Attack Web Spam Brute-Force Web App Attack
Hary74656	2025-06-15 06:59:19 (3 weeks ago)	[Sun Jun 15 08:59:04.907335 2025] [:error] [pid 261022:tid 261134] [client 136.144.35.158:61355] [cl ... show more[Sun Jun 15 08:59:04.907335 2025] [:error] [pid 261022:tid 261134] [client 136.144.35.158:61355] [client 136.144.35.158] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "124"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env.production"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "78.46.107.184"] [uri "/.env.production"] [unique_id "aE5vOM1XWPMECPEE9ad56gAABCc"] [Sun Jun 15 08:59:06.826691 2025] [:error] [pid 260739:tid 260846] [client 136.144.35.158:48191] [client 136.144.35.158] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILENAME. [file "/usr/share/ ... show less	Web App Attack
octageeks.com	2025-06-15 04:07:26 (3 weeks ago)	Wordpress malicious attack:[octa404]	Web App Attack
PulseServers	2025-06-14 18:27:12 (3 weeks ago)	Probing a honeypot for vulnerabilities. Ignored robots.txt - US10 Honeypot ...	Hacking Web App Attack
masterguru	2025-06-14 15:45:20 (3 weeks ago)	. Matched phrase "/.env" at REQUEST_URI. (210492-145)	Web App Attack
Roper123	2025-06-14 08:19:35 (3 weeks ago)	Web exploits	Hacking Web App Attack
Anonymous	2025-06-14 05:39:56 (3 weeks ago)	136.144.35.158 - - [14/Jun/2025:05:38:49 +0000] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Macintosh ... show more136.144.35.158 - - [14/Jun/2025:05:38:49 +0000] "GET / HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" 136.144.35.158 - - [14/Jun/2025:05:38:57 +0000] "POST /.env.development%20 HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" 136.144.35.158 - - [14/Jun/2025:05:39:07 +0000] "POST /development/.env%20 HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" 136.144.35.158 - - [14/Jun/2025:05:39:19 +0000] "GET /api/.env HTTP/1.1" 403 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0" 136.144.35.158 - - [14/Jun/2025:05:39:39 +0000] "POST /docker/.env HTTP/1.1" 403 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" 136.144.35.1 ... show less	FTP Brute-Force Port Scan Hacking Brute-Force Bad Web Bot Web App Attack SSH

Showing 1 to 15 of 136 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

45.148.10.35

147.139.164.196

172.234.237.236

152.32.235.90

206.168.34.161

172.234.217.192

45.131.155.253

161.35.129.160

80.94.95.112

45.188.200.26

172.234.217.129

78.110.65.33

172.234.162.31

206.168.34.95

176.65.150.55

172.232.159.13

60.35.109.185

118.223.178.217

162.142.125.224

206.168.34.163