JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.34.35.245

161.34.35.245 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	Server Hosting Service (NTTPCCommunications,Inc.)
Usage Type	Fixed Line ISP
ASN	AS2514
Hostname(s)	161-34-35-245.indigo.static.arena.ne.jp
Domain Name	nttpc.co.jp
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.34.35.245

Whois 161.34.35.245

IP Abuse Reports for 161.34.35.245:

This IP address has been reported a total of 11 times from 6 distinct sources. 161.34.35.245 was first reported on August 29th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-10-14 07:52:29 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.aren ... show more (mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.arena.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 03:52:26.341723 2024] [security2:error] [pid 20746:tid 20746] [client 161.34.35.245:40148] [client 161.34.35.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 161.34.35.245 (+1 hits since last alert)\|www.unladenswallow.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.unladenswallow.us"] [uri "/xmlrpc.php"] [unique_id "ZwzNukcOm_4RoKMAM_2MxgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-09 22:26:58 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.aren ... show more (mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.arena.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 18:26:51.809772 2024] [security2:error] [pid 32397:tid 32397] [client 161.34.35.245:48782] [client 161.34.35.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.152.161.69 (0+1 hits since last alert)\|nickp.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nickp.us"] [uri "/xmlrpc.php"] [unique_id "ZwcDKy99Pcg0ygdenXfYOQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 nyuuzyou	2024-10-07 21:45:32 (1 year ago)	Intensive scraping: /web?s=%22Immutable%20Page%22%20Info%20Attachments&country=ps-ps&scraper=margina ... show more Intensive scraping: /web?s=%22Immutable%20Page%22%20Info%20Attachments&country=ps-ps&scraper=marginalia. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68. show less	Bad Web Bot
🇺🇸 TPI-Abuse	2024-10-07 13:40:18 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.aren ... show more (mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.arena.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 07 09:40:12.972461 2024] [security2:error] [pid 30695:tid 30695] [client 161.34.35.245:39072] [client 161.34.35.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.152.161.25 (0+1 hits since last alert)\|www.speedysremodeling.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.speedysremodeling.com"] [uri "/xmlrpc.php"] [unique_id "ZwPkvCFAnrYsWiOrFjsu6AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-10-06 21:09:47 (1 year ago)	161.34.35.245 - - [06/Oct/2024:23:09:47 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 161.34.35.245 - - [06/Oct/2024:23:09:47 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-10-06 12:53:09 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.aren ... show more (mod_security) mod_security (id:240335) triggered by 161.34.35.245 (161-34-35-245.indigo.static.arena.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 06 08:53:02.516804 2024] [security2:error] [pid 17887:tid 17887] [client 161.34.35.245:39534] [client 161.34.35.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 161.34.35.245 (+1 hits since last alert)\|www.arsenaultartistmanagement.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.arsenaultartistmanagement.com"] [uri "/xmlrpc.php"] [unique_id "ZwKILpI-aSAMKpVq8tNvHQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-06 05:19:55 (1 year ago)	apache-wordpress-login	Brute-Force Web App Attack
🇩🇪 Florian Kolb	2024-09-03 15:26:08 (1 year ago)	Layer 7 Flood with 3433 requests	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2024-09-02 09:36:15 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 Packets-Decreaser.NET	2024-08-30 14:44:22 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 Packets-Decreaser.NET	2024-08-29 13:57:39 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.92.117.221

🇳🇱 176.65.148.215

🇮🇳 103.173.204.239

🇺🇦 91.222.39.161

🇺🇸 17.132.70.130

🇺🇸 206.72.242.12

🇹🇳 196.178.120.17

🇺🇿 185.203.238.86

🇨🇳 182.92.94.19

🇰🇷 175.198.62.180

🇺🇸 138.68.228.4

🇨🇳 117.72.98.89

🇿🇦 102.129.51.152

🇺🇸 66.249.84.35

🇨🇳 60.166.82.29

🇱🇹 45.227.254.170

🇳🇱 45.148.10.240

🇪🇬 41.128.181.199

🇺🇸 17.132.70.160

🇮🇳 2a02:4780:11:1661:0:23de:8b2d:1