JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.230.250.138

157.230.250.138 was found in our database!

This IP was reported 96 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.230.250.138

Whois 157.230.250.138

IP Abuse Reports for 157.230.250.138:

This IP address has been reported a total of 96 times from 24 distinct sources. 157.230.250.138 was first reported on June 19th 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-25 05:42:34 (12 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 05:21:08 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:21:02.799218 2026] [security2:error] [pid 20192:tid 20192] [client 2002:9de6:fa8a::9de6:fa8a:63213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elmawamarine.com"] [uri "/sftp-config.json"] [unique_id "ajy6vhhYZGAZO6_5bHKybwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-25 03:30:09 (14 hours ago)	[ThuJun2505:30:02.6083702026][security2:error][pid3861280:tid3861297][client157.230.250.138:0]ModSec ... show more [ThuJun2505:30:02.6083702026][security2:error][pid3861280:tid3861297][client157.230.250.138:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"edomustech.ch\"][uri\"/sftp-config.json\"][unique_id\"ajygulBU6BT31xZ-ASsbVgAAAIc\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 03:15:51 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 23:15:44.530838 2026] [security2:error] [pid 20950:tid 20950] [client 2002:9de6:fa8a::9de6:fa8a:51742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dimitri.daras.name"] [uri "/sftp-config.json"] [unique_id "ajydYK7qcW3G8bBvj6PqPQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 22:23:56 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:23:48.141533 2026] [security2:error] [pid 6827:tid 6827] [client 2002:9de6:fa8a::9de6:fa8a:60737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edscontracting.com"] [uri "/sftp-config.json"] [unique_id "ajxY9LJGgdM7JN6q23R8IgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 todix	2026-06-24 21:05:30 (20 hours ago)	WebAttack or semilar from 157.230.250.138	Web App Attack
🇪🇸 alferez	2026-06-24 19:56:17 (21 hours ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 17:57:37 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 13:57:30.230407 2026] [security2:error] [pid 22953:tid 22953] [client 2002:9de6:fa8a::9de6:fa8a:51760] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.al-harbi.com"] [uri "/sftp-config.json"] [unique_id "ajwaikGCvAklGU5fe40i2QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 05:05:38 (1 day ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-24 02:35:18 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Lezetho	2026-06-24 02:00:12 (1 day ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-06-23 23:00:55 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 19:00:51.112315 2026] [security2:error] [pid 3248:tid 3248] [client 2002:9de6:fa8a::9de6:fa8a:65485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eb3d.net"] [uri "/sftp-config.json"] [unique_id "ajsQIz89ZBskfUAmNYdMSgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hugopvigo	2026-06-23 21:59:47 (1 day ago)	[Tue Jun 23 23:59:36.444360 2026] [authz_core:error] [pid 1599140:tid 134680414353088] [client 157.2 ... show more [Tue Jun 23 23:59:36.444360 2026] [authz_core:error] [pid 1599140:tid 134680414353088] [client 157.230.250.138:0] AH01630: client denied by server configuration: /var/www/html/wordpress/sftp-config.json [Tue Jun 23 23:59:46.019627 2026] [authz_core:error] [pid 1613202:tid 134680414353088] [client 157.230.250.138:0] AH01630: client denied by server configuration: /var/www/html/wordpress/.sftp-config.json [Tue Jun 23 23:59:46.733855 2026] [authz_core:error] [pid 1599141:tid 134680328267456] [client 157.230.250.138:0] AH01630: client denied by server configuration: /var/www/html/wordpress/ftp-sync.json ... show less	Hacking Brute-Force Web App Attack SSH
🇩🇪 4server	2026-06-23 20:53:12 (1 day ago)	[TueJun2322:53:07.3295942026][security2:error][pid3880602:tid3880697][client157.230.250.138:0]ModSec ... show more [TueJun2322:53:07.3295942026][security2:error][pid3880602:tid3880697][client157.230.250.138:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"domoticaswiss.ch\"][uri\"/.vscode/ftp-config.json\"][unique_id\"ajryM6sHzta1eT7iu06w5AAAANg\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 19:54:17 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9de6:fa8a::9de6:fa8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 15:54:12.021393 2026] [security2:error] [pid 28899:tid 28899] [client 2002:9de6:fa8a::9de6:fa8a:59233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drgas.com"] [uri "/sftp-config.json"] [unique_id "ajrkZPnnWxPnptdxPQSfDAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 96 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.51.148.194

🇹🇷 198.145.118.122

🇮🇩 163.7.11.69

🇬🇧 152.32.198.93

🇨🇳 124.223.184.191

🇱🇻 81.30.98.158

🇸🇬 43.160.212.102

🇵🇦 190.35.44.199

🇦🇷 181.41.245.141

🇦🇷 181.30.39.44

🇳🇱 176.65.131.189

🇱🇻 81.30.98.44

🇧🇬 79.124.56.146

🇷🇺 77.88.47.31

🇰🇷 58.224.62.29

🇸🇬 45.78.201.248

🇺🇸 44.92.182.136

🇺🇸 44.77.197.56

🇨🇦 20.220.225.45

🇫🇷 194.35.120.93