JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.11.36.53

141.11.36.53 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 43%: ?

43%

ISP	Vantiva SA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vantiva.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.11.36.53

Whois 141.11.36.53

IP Abuse Reports for 141.11.36.53:

This IP address has been reported a total of 53 times from 37 distinct sources. 141.11.36.53 was first reported on September 25th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-09 12:59:25 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 Lino Project	2026-06-09 05:22:53 (4 days ago)	141.11.36.53 - - [09/Jun/2026:07:22:50 +0200] "GET /wp-includes/users.php HTTP/2.0" 403 282 "http:// ... show more 141.11.36.53 - - [09/Jun/2026:07:22:50 +0200] "GET /wp-includes/users.php HTTP/2.0" 403 282 "http://www.biomakeup.it/wp-includes/users.php" "Go-http-client/2.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-30 08:44:24 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇯🇵 SentinalX by uzumaru	2026-05-30 07:00:17 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: www.expressapisv2.net:443 show less	Open Proxy Port Scan
🇳🇱 wlt-blocker	2026-05-30 04:01:40 (2 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇪🇸 masterguru	2026-05-30 01:33:08 (2 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇿🇦 Tokolosh Hunters	2026-05-26 15:47:23 (2 weeks ago)	AutoBlockWindow-Known bad useragent query-2026-05-26 15:47:22	Bad Web Bot
🇩🇪 findlab	2026-04-24 03:00:14 (1 month ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇨🇱 Denis Chavez	2026-04-23 19:48:50 (1 month ago)	Fail2Ban detected malicious activity on Nginx	Brute-Force SSH Web App Attack
🇺🇸 TPI-Abuse	2026-04-22 08:31:47 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 141.11.36.53 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 141.11.36.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 04:31:41.098910 2026] [security2:error] [pid 3218110:tid 3218110] [client 141.11.36.53:62989] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|cephedanisman.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "cephedanisman.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aeiHbYDOPob9bL9OMGkQAgAAAAc"], referer: http://fmtfacade.com/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-22 06:17:03 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 141.11.36.53 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 141.11.36.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 02:16:59.365977 2026] [security2:error] [pid 2195755:tid 2195755] [client 141.11.36.53:57239] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|innovacionesnimba.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "innovacionesnimba.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aehn2xZkXMC8g5Fc5UvgnwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-04-21 13:19:17 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 nyt	2026-04-18 13:13:05 (1 month ago)	Web Shell Upload	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 12:22:46 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 141.11.36.53 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 141.11.36.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 08:22:38.425249 2026] [security2:error] [pid 1236607:tid 1236737] [client 141.11.36.53:23551] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|koalacogs.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "koalacogs.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aeN3jncj5pqT_lpM_zVQrwAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-18 00:35:03 (1 month ago)	suspicious behavior	Blog Spam Brute-Force Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 203.121.40.210

🇳🇱 45.148.10.152

🇨🇳 27.8.44.168

🇫🇷 2a02:c207:2325:5516::1

🇪🇪 213.35.128.24

🇸🇬 194.233.76.171

🇬🇧 193.163.125.131

🇨🇳 182.142.52.46

🇨🇳 180.106.83.59

🇳🇱 176.65.148.205

🇸🇦 142.154.91.129

🇬🇧 86.158.58.118

🇷🇺 79.135.251.82

🇺🇸 64.44.115.178

🇳🇱 45.148.10.157

🇩🇪 43.228.157.10

🇰🇷 222.104.76.94

🇯🇵 202.182.103.175

🇸🇬 188.166.215.16

🇮🇳 182.95.63.10