JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.98.136.79

141.98.136.79 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 100%: ?

100%

ISP	level66.network UG (haftungsbeschraenkt)
Usage Type	Data Center/Web Hosting/Transit
ASN	AS56381
Hostname(s)	nat64.level66.services
Domain Name	level66.network
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.98.136.79

Whois 141.98.136.79

IP Abuse Reports for 141.98.136.79:

This IP address has been reported a total of 68 times from 39 distinct sources. 141.98.136.79 was first reported on February 6th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-25 01:28:10 (1 day ago)	141.98.136.79 - - [25/Jun/2026:04:28:10 +0300] "GET /public/.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 ... show more 141.98.136.79 - - [25/Jun/2026:04:28:10 +0300] "GET /public/.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Web App Attack
🇺🇸 agenciahypelab.com.br	2026-06-24 20:06:32 (1 day ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇺🇦 URAN Publishing Service	2026-06-24 19:56:41 (1 day ago)	141.98.136.79 - - [24/Jun/2026:22:56:40 +0300] "GET /wp-config.php.bak HTTP/1.1" 404 4592 "-" "anthr ... show more 141.98.136.79 - - [24/Jun/2026:22:56:40 +0300] "GET /wp-config.php.bak HTTP/1.1" 404 4592 "-" "anthropic-ai" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-24 14:32:47 (1 day ago)	141.98.136.79 - - [24/Jun/2026:17:32:47 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "CCBot/2.0 (http ... show more 141.98.136.79 - - [24/Jun/2026:17:32:47 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" ... show less	Web App Attack
Anonymous	2026-06-24 07:35:09 (1 day ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇦 URAN Publishing Service	2026-06-24 06:42:06 (1 day ago)	141.98.136.79 - - [24/Jun/2026:09:42:04 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compat ... show more 141.98.136.79 - - [24/Jun/2026:09:42:04 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" 141.98.136.79 - - [24/Jun/2026:09:42:06 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Web App Attack
🇩🇪 gadix	2026-06-24 06:27:18 (1 day ago)	[24/Jun/2026:08:27:11.438161 +0200] ajt4v6FVHKCCTIiyOhZBmAAAAIM 141.98.136.79 51090 127.0.0.1 7080 [ ... show more [24/Jun/2026:08:27:11.438161 +0200] ajt4v6FVHKCCTIiyOhZBmAAAAIM 141.98.136.79 51090 127.0.0.1 7080 [24/Jun/2026:08:27:15.413045 +0200] ajt4w0dOMlTqhyizsqHPvwAAAMA 141.98.136.79 51098 127.0.0.1 7080 [24/Jun/2026:08:27:18.098007 +0200] ajt4xqFVHKCCTIiyOhZBmgAAAJU 141.98.136.79 44340 127.0.0.1 7080 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 04:40:10 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 141.98.136.79 (nat64.level66.services): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 141.98.136.79 (nat64.level66.services): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:40:00.317554 2026] [security2:error] [pid 17742:tid 17742] [client 141.98.136.79:52838] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.northernlightsbev.com"] [uri "/api/.env"] [unique_id "ajtfoNL9hJPz10bb8sQNxQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 02:54:55 (2 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 mnsf	2026-06-24 02:32:55 (2 days ago)	Abuse Detected (5)	Brute-Force Web App Attack
🇪🇸 masterguru	2026-06-24 01:17:07 (2 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "amazonbot" at REQUEST_HEADERS:user-agent. (1100000- ... show more BAD BOT - Detected and Blocked.. Matched phrase "amazonbot" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-24 01:01:40 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 141.98.136.79 (nat64.level66.services): 1 in th ... show more (mod_security) mod_security (id:210730) triggered by 141.98.136.79 (nat64.level66.services): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:01:33.176297 2026] [security2:error] [pid 955:tid 955] [client 141.98.136.79:50426] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dinsbach.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dinsbach.net"] [uri "/wp-content/debug.log"] [unique_id "ajssbYsbaowfP3Ea7eLshQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-06-24 01:00:54 (2 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 00:26:13 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 141.98.136.79 (nat64.level66.services): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 141.98.136.79 (nat64.level66.services): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 20:26:09.409480 2026] [security2:error] [pid 14039:tid 14039] [client 141.98.136.79:45556] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andiamorun.com"] [uri "/api/.env"] [unique_id "ajskIfJUzGfvL4Z3vyEtZAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-23 23:20:20 (2 days ago)	Blocked by CSF 13 firewall - Rule: config-dotfile DE/Germany/nat64.level66.services	Web App Attack

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2409:40e5:104f:e653:61cb:b8b:b24b:5799

🇬🇧 194.50.235.157

🇺🇸 184.105.139.125

🇺🇸 172.217.36.22

🇺🇸 165.154.36.102

🇮🇩 103.99.214.16

🇨🇳 101.96.195.253

🇨🇦 82.38.158.83

🇰🇷 1.214.214.114

🇮🇳 223.230.174.43

🇹🇼 198.235.24.85

🇬🇧 193.163.125.98

🇬🇧 193.163.125.71

🇹🇷 185.85.205.91

🇨🇳 183.167.217.86

🇩🇪 151.243.11.35

🇮🇳 117.203.18.168

🇨🇦 85.217.149.63

🇰🇷 59.27.123.101

🇳🇱 46.151.178.13