JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.35.89.152

161.35.89.152 was found in our database!

This IP was reported 65 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.35.89.152

Whois 161.35.89.152

IP Abuse Reports for 161.35.89.152:

This IP address has been reported a total of 65 times from 48 distinct sources. 161.35.89.152 was first reported on March 7th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 gmills	2026-04-30 20:27:32 (1 month ago)	May 1 08:27:29 box postfix/submission/smtpd[828869]: lost connection after CONNECT from unknown[161 ... show more May 1 08:27:29 box postfix/submission/smtpd[828869]: lost connection after CONNECT from unknown[161.35.89.152] ... show less	Brute-Force
🇫🇷 tavis.page	2026-03-30 01:51:07 (2 months ago)	Blocked by UFW on server [8443/tcp] Source port: 61004 TTL: 244 Packet length: 44 TOS: 0x00 This re ... show more Blocked by UFW on server [8443/tcp] Source port: 61004 TTL: 244 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 masterguru	2026-03-30 01:25:55 (2 months ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 161.35.89.152 (NL/The Netherlands/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 161.35.89.152 (NL/The Netherlands/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 sefinek.net	2026-03-30 01:25:16 (2 months ago)	Blocked by UFW on NY01 [8000/tcp] \| SPT: 61003 \| TTL: 243 \| LEN: 44 \| TOS: 0x08 • Reported by: githu ... show more Blocked by UFW on NY01 [8000/tcp] \| SPT: 61003 \| TTL: 243 \| LEN: 44 \| TOS: 0x08 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇪🇸 Gem	2025-03-11 16:35:51 (1 year ago)	Unauthorized web scan.	Web App Attack
🇨🇭 Peter-Johann Sarbach	2025-03-08 10:30:11 (1 year ago)	hacking	Hacking
🇺🇸 chronos	2025-03-07 17:52:38 (1 year ago)	[AUTORAVALT][[07/03/2025 - 14:52:38 -03:00 UTC] Attack from [DigitalOcean, LLC] [161.35.89.152] Acti ... show more [AUTORAVALT][[07/03/2025 - 14:52:38 -03:00 UTC] Attack from [DigitalOcean, LLC] [161.35.89.152] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software plug] ... show less	Hacking Web App Attack
🇮🇹 LTM	2025-03-07 07:20:01 (1 year ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
Anonymous	2025-03-07 07:15:02 (1 year ago)	Configuration snooping (/.env), accessed by IP not domain: 161.35.89.152 - - [07/Mar/2025:07:00:56 ... show more Configuration snooping (/.env), accessed by IP not domain: 161.35.89.152 - - [07/Mar/2025:07:00:56 +0000] "GET /.env HTTP/1.1" 404 321 "-" "Mozilla/5.0 Keydrop" show less	Hacking Web App Attack
🇺🇸 WebRanger	2025-03-07 07:04:59 (1 year ago)	GET /.env HTTP/1.1 403 146 "- GET /.env HTTP/1.1" 403 146 "-" "Mozilla/5.0 Keydrop" "-	Web App Attack
🇯🇵 VXG-NET	2025-03-07 07:04:55 (1 year ago)	port=443, indicator_type=info-leak	Hacking
🇺🇸 chronos	2025-03-07 07:03:38 (1 year ago)	[AUTORAVALT][[07/03/2025 - 04:03:38 -03:00 UTC] Attack from [DigitalOcean, LLC] [161.35.89.152] Acti ... show more [AUTORAVALT][[07/03/2025 - 04:03:38 -03:00 UTC] Attack from [DigitalOcean, LLC] [161.35.89.152] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam -> CMS blog comment spam. Web App Attack -> Attempts to probe f] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
🇺🇸 TPI-Abuse	2025-03-07 07:00:22 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 161.35.89.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.89.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 07 02:00:17.120349 2025] [security2:error] [pid 27055:tid 27055] [client 161.35.89.152:36868] [client 161.35.89.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.39"] [uri "/.env"] [unique_id "Z8qZgYTyLBuWiaP9J1GQWgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 LRNP	2025-03-07 06:36:18 (1 year ago)	_:443 161.35.89.152 - - [07/Mar/2025:06:36:07 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 K ... show more _:443 161.35.89.152 - - [07/Mar/2025:06:36:07 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 Keydrop" ... show less	Bad Web Bot Web App Attack
🇩🇪 PaulSep	2025-03-07 06:36:00 (1 year ago)	161.35.89.152 - - [07/Mar/2025:07:35:59 +0100] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 Keydrop ... show more 161.35.89.152 - - [07/Mar/2025:07:35:59 +0100] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 Keydrop" "-" show less	Hacking

Showing 1 to 15 of 65 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 158.173.77.149

🇺🇸 204.14.106.69

🇦🇷 200.13.47.186

🇧🇷 177.11.196.79

🇮🇹 158.173.77.111

🇮🇹 158.173.77.106

🇲🇦 102.100.72.9

🇺🇿 84.54.71.15

🇺🇸 76.79.213.70

🇬🇧 31.14.254.39

🇩🇪 167.94.146.63

🇮🇹 158.173.77.103

🇺🇸 107.150.103.12

🇮🇳 103.54.101.216

🇮🇹 93.92.79.26

🇫🇷 91.231.89.189

🇷🇴 80.94.95.242

🇩🇪 185.201.163.7

🇸🇪 176.10.204.72

🇸🇪 176.10.203.54