JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.98.136.76

141.98.136.76 was found in our database!

This IP was reported 59 times. Confidence of Abuse is 100%: ?

100%

ISP	level66.network UG (haftungsbeschraenkt)
Usage Type	Data Center/Web Hosting/Transit
ASN	AS56381
Hostname(s)	nat64.level66.services
Domain Name	level66.network
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.98.136.76

Whois 141.98.136.76

IP Abuse Reports for 141.98.136.76:

This IP address has been reported a total of 59 times from 33 distinct sources. 141.98.136.76 was first reported on May 25th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 findlab	2026-06-24 21:40:02 (1 day ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-24 21:21:32 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
Anonymous	2026-06-24 13:52:53 (1 day ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-config.php.old	Web App Attack
🇩🇪 gadix	2026-06-24 06:27:05 (2 days ago)	[24/Jun/2026:08:26:58.343318 +0200] ajt4skdOMlTqhyizsqHPsQAAAMA 141.98.136.76 60828 127.0.0.1 7080 [ ... show more [24/Jun/2026:08:26:58.343318 +0200] ajt4skdOMlTqhyizsqHPsQAAAMA 141.98.136.76 60828 127.0.0.1 7080 [24/Jun/2026:08:27:03.042184 +0200] ajt4t0dOMlTqhyizsqHPtgAAAMI 141.98.136.76 60880 127.0.0.1 7080 [24/Jun/2026:08:27:04.866714 +0200] ajt4uEdOMlTqhyizsqHPuAAAAM8 141.98.136.76 60906 127.0.0.1 7080 ... show less	Web App Attack
🇫🇷 masterguru	2026-06-24 05:56:35 (2 days ago)	Restricted File Access Attempt. Matched phrase ".aws/" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
Anonymous	2026-06-24 05:55:05 (2 days ago)	Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-24 05:04:55 (2 days ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 04:40:09 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 141.98.136.76 (nat64.level66.services): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 141.98.136.76 (nat64.level66.services): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:40:03.093671 2026] [security2:error] [pid 10386:tid 10386] [client 141.98.136.76:59780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.northernlightsbev.com"] [uri "/.env.backup"] [unique_id "ajtfo49uVTfKEBXd9An8zAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 04:16:27 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 141.98.136.76 (nat64.level66.services): 1 in th ... show more (mod_security) mod_security (id:210730) triggered by 141.98.136.76 (nat64.level66.services): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:16:20.904474 2026] [security2:error] [pid 18685:tid 18685] [client 141.98.136.76:47314] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|asiancommoditiescorporation.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "asiancommoditiescorporation.com"] [uri "/wp-content/debug.log"] [unique_id "ajtaFO5qsQGmi7mUn6AYpAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 02:54:34 (2 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 mnsf	2026-06-24 02:32:55 (2 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-24 01:17:08 (2 days ago)	Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 00:26:13 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 141.98.136.76 (nat64.level66.services): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 141.98.136.76 (nat64.level66.services): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 20:26:09.291622 2026] [security2:error] [pid 19106:tid 19106] [client 141.98.136.76:45484] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andiamorun.com"] [uri "/.env.example"] [unique_id "ajskIY17NZtq4H4kfozMSQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 mondor.ro	2026-06-23 22:37:10 (2 days ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 141.98.136.76, Reason: ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 141.98.136.76, Reason:[(mod_security) mod_security (id:210832) triggered by 141.98.136.76 (DE/Germany/nat64.level66.services): 3 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-23 22:17:29 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 141.98.136.76 (nat64.level66.services): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 141.98.136.76 (nat64.level66.services): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:17:24.243214 2026] [security2:error] [pid 6111:tid 6111] [client 141.98.136.76:42678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adamsclothiers.com"] [uri "/.env"] [unique_id "ajsF9IbFbqmiKZLWeCY9TAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 59 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇧🇷 191.254.91.78

🇻🇳 171.251.239.20

🇩🇪 148.251.47.87

🇲🇾 118.101.207.193

🇳🇱 91.92.40.13

🇩🇪 87.122.21.81

🇩🇪 87.106.204.59

🇺🇸 23.227.187.220

🇻🇳 14.191.215.205

🇬🇧 5.226.140.70

🇧🇬 5.188.206.34

🇮🇳 223.181.35.53

🇨🇳 218.25.89.208

🇬🇧 194.50.235.145

🇺🇸 174.166.227.197

🇪🇸 158.158.43.25

🇨🇳 120.48.78.121

🇮🇳 103.206.97.150

🇱🇻 81.30.98.49