AbuseIPDB » 161.35.204.136

161.35.204.136 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 50%: ?

50%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 161.35.204.136

Whois 161.35.204.136

IP Abuse Reports for 161.35.204.136:

This IP address has been reported a total of 55 times from 36 distinct sources. 161.35.204.136 was first reported on February 2nd 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
rtbh.com.tr	2025-02-14 20:49:50 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
ATV	2025-02-14 03:04:05 (1 month ago)	Unsolicited connection attempts to port 443	Hacking
mr_whitehat	2025-02-14 00:36:22 (1 month ago)	Probed for vulnerable web application: request line: /.env (Possible exploit:Unprotected .env files)	Web App Attack
rtbh.com.tr	2025-02-13 20:49:52 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
TPI-Abuse	2025-02-13 08:09:14 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 13 03:09:09.252918 2025] [security2:error] [pid 30508:tid 30508] [client 161.35.204.136:43352] [client 161.35.204.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.64"] [uri "/.env"] [unique_id "Z62opV5HDYlLIEOnmFBFtgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
ingroscart.it	2025-02-13 07:38:51 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 161.35.204.136 (DE/Germany/-)	SQL Injection
TPI-Abuse	2025-02-13 07:32:03 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 13 02:31:59.869304 2025] [security2:error] [pid 6734:tid 6734] [client 161.35.204.136:42354] [client 161.35.204.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.209"] [uri "/.env"] [unique_id "Z62f79aznsm9GQxN_IwFJAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anymous	2025-02-13 07:22:15 (1 month ago)	GET /.env HTTP/1.1 403 4438 "-" "Mozilla/5.0 Keydrop"	Bad Web Bot
Bedios GmbH	2025-02-13 07:16:12 (1 month ago)	Login credentials theft attempt	Hacking
TPI-Abuse	2025-02-13 07:11:35 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 13 02:11:30.449968 2025] [security2:error] [pid 2309193:tid 2309193] [client 161.35.204.136:44056] [client 161.35.204.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.60"] [uri "/.env"] [unique_id "Z62bIgGKKDDQ1HscoYaIiQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Mr-Money	2025-02-13 07:03:14 (1 month ago)	161.35.204.136 - - [13/Feb/2025:08:03:14 +0100] "GET /.env HTTP/1.1" 404 3270 "-" "Mozilla/5.0 Keydr ... show more161.35.204.136 - - [13/Feb/2025:08:03:14 +0100] "GET /.env HTTP/1.1" 404 3270 "-" "Mozilla/5.0 Keydrop" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
TPI-Abuse	2025-02-13 06:46:22 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 13 01:46:15.999092 2025] [security2:error] [pid 25785:tid 25785] [client 161.35.204.136:60282] [client 161.35.204.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.27"] [uri "/.env"] [unique_id "Z62VN6Ys_O9zdVQiGgoSngAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
myintarweb	2025-02-13 06:32:09 (1 month ago)	161.35.204.136 - - [13/Feb/2025:06:32:08 +0000] 443 "GET /.env HTTP/1.1" 404 29078 "-" "Mozilla/5.0 ... show more161.35.204.136 - - [13/Feb/2025:06:32:08 +0000] 443 "GET /.env HTTP/1.1" 404 29078 "-" "Mozilla/5.0 Keydrop" ... show less	Hacking Bad Web Bot Web App Attack
TPI-Abuse	2025-02-13 06:25:28 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:210492) triggered by 161.35.204.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 13 01:25:21.961171 2025] [security2:error] [pid 13476:tid 13476] [client 161.35.204.136:51244] [client 161.35.204.136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.185"] [uri "/.env"] [unique_id "Z62QUTyx_aEwHrj1bHkG3gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
FEWA	2025-02-13 06:17:07 (1 month ago)	Fail2Ban Ban Triggered	Hacking Bad Web Bot Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩