JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.230.106.35

157.230.106.35 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.230.106.35

Whois 157.230.106.35

IP Abuse Reports for 157.230.106.35:

This IP address has been reported a total of 24 times from 14 distinct sources. 157.230.106.35 was first reported on September 4th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 Rosh	2026-02-18 19:18:01 (4 months ago)	[02/18/26 20:18:01] Unauthorized request HTTP/1.1 404 on port 80	Hacking Web App Attack
🇵🇱 sefinek.net	2026-02-18 17:50:14 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-13 22:59:55 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 17:59:47.963484 2026] [security2:error] [pid 8475:tid 8475] [client 157.230.106.35:41406] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.instagram.com:443\|F\|4"] [data "CONNECT www.instagram.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.instagram.com"] [uri "/"] [unique_id "aY-s4_3Aywf6Zt3QGxdnCQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇳 liveaspankaj	2026-02-12 11:28:38 (4 months ago)	DDoS attack on learngeeta.com: 323 requests of GET / HTTP/1.1 over plain HTTP with no referrer. Auto ... show more DDoS attack on learngeeta.com: 323 requests of GET / HTTP/1.1 over plain HTTP with no referrer. Automated bot attack with randomized User-Agents (outdated Chrome 127-129). show less	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-07 19:13:00 (4 months ago)	(mod_security) mod_security (id:210410) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210410) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 14:12:52.859821 2026] [security2:error] [pid 12615:tid 12615] [client 157.230.106.35:40038] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:services outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|amoriotech.com\|F\|3"] [data "ARGS:services=\\x00Client Services & Operations Support"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "amoriotech.com"] [uri "/contact"] [unique_id "aYeOtFIDovChDx-m3LYGQAAAABE"], referer: https://amoriotech.com/contact show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-02-06 17:41:46 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-05 11:30:59 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 05 06:30:53.922663 2026] [security2:error] [pid 15707:tid 15707] [client 157.230.106.35:60522] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|hhccgy.com:443\|F\|4"] [data "CONNECT hhccgy.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hhccgy.com"] [uri "/"] [unique_id "aYR_bZHhCAyDRv2ALbleDgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-05 04:20:16 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 23:20:08.946277 2026] [security2:error] [pid 414032:tid 414032] [client 157.230.106.35:50868] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|user.anycast.ooo:443\|F\|4"] [data "CONNECT user.anycast.ooo:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "user.anycast.ooo"] [uri "/"] [unique_id "aYQaeGaxRYtBrcTJ0mjCFQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-02 18:26:15 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 13:26:10.713622 2026] [security2:error] [pid 17679:tid 17679] [client 157.230.106.35:56562] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|flixbet.bet:443\|F\|4"] [data "CONNECT flixbet.bet:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "flixbet.bet"] [uri "/"] [unique_id "aYDsQttNNdocGPmqPK2Y6AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-31 21:47:36 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 16:47:28.973478 2026] [security2:error] [pid 13415:tid 13415] [client 157.230.106.35:51230] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|flixbet.bet.bet:443\|F\|4"] [data "CONNECT flixbet.bet.bet:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "flixbet.bet.bet"] [uri "/"] [unique_id "aX54cHjCgiE7VxuhKqs72QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-28 17:41:44 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 28 12:41:36.873505 2026] [security2:error] [pid 2378596:tid 2378596] [client 157.230.106.35:34126] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|jetarackiralama.com:443\|F\|4"] [data "CONNECT jetarackiralama.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jetarackiralama.com"] [uri "/"] [unique_id "aXpKUE5TG9qJucxCnli4kgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-28 08:24:22 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇩🇪 ardexter	2026-01-28 01:15:04 (4 months ago)	Wordpress attack and DDOS	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-01-28 00:27:40 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 27 19:27:36.187274 2026] [security2:error] [pid 17175:tid 17196] [client 157.230.106.35:53086] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|umcontractors.com:443\|F\|4"] [data "CONNECT umcontractors.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "umcontractors.com"] [uri "/"] [unique_id "aXlX-MwLOy5aMwiD5nJ3EwAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-27 15:42:13 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 157.230.106.35 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 27 10:42:09.180407 2026] [security2:error] [pid 1652983:tid 1653104] [client 157.230.106.35:40376] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.huohucdn.com:443\|F\|4"] [data "CONNECT www.huohucdn.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.huohucdn.com"] [uri "/"] [unique_id "aXjc0e18YsjXbo9Y7rYi7QAAAcY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇴 200.58.84.193

🇬🇧 193.32.209.243

🇲🇽 187.191.48.4

🇹🇭 110.77.131.229

🇫🇷 85.217.140.9

🇩🇪 83.135.191.158

🇮🇳 49.204.74.149

🇷🇴 2.57.121.25

🇩🇪 213.209.159.238

🇬🇧 195.206.182.201

🇬🇧 193.163.125.241

🇲🇾 180.73.200.163

🇹🇼 165.154.227.8

🇺🇸 162.216.150.214

🇺🇸 136.56.39.101

🇸🇬 118.139.164.171

🇨🇳 106.13.74.207

🇮🇳 103.216.145.2

🇰🇿 92.47.46.174

🇺🇸 65.49.1.34