JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.71.196.82

167.71.196.82 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.71.196.82

Whois 167.71.196.82

IP Abuse Reports for 167.71.196.82:

This IP address has been reported a total of 32 times from 24 distinct sources. 167.71.196.82 was first reported on November 11th 2025, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2025-11-13 06:14:00 (7 months ago)	5 attacks on Laravel URLs, PHP URLs, env grabbing URLs: GET /_ignition/execute-solution HTTP/1.1 POS ... show more 5 attacks on Laravel URLs, PHP URLs, env grabbing URLs: GET /_ignition/execute-solution HTTP/1.1 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 GET /.env HTTP/1.1 show less	Hacking Web App Attack
🇳🇱 jjnxpct	2025-11-13 04:46:42 (7 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: / (Rule ID: 920340) - Request Containing Content, but Missing Content-Type header show less	Web App Attack
🇬🇧 [email protected]	2025-11-13 00:41:06 (7 months ago)	...	Brute-Force SSH
🇳🇱 homeshowdomain.nl	2025-11-12 22:59:23 (7 months ago)	Auto-ban: 662 malicious requests on 2025-11-11 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 662 malicious requests on 2025-11-11 (e.g., env/backup probes, brute-force, or error bursts). show less	Hacking Web App Attack SSH
🇩🇪 Vegascosmetics	2025-11-12 22:51:34 (7 months ago)	Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.	Bad Web Bot
Anonymous	2025-11-12 16:30:38 (7 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 Charlesiv	2025-11-12 07:52:05 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 14061 (DIGITALOCEAN-ASN) ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 14061 (DIGITALOCEAN-ASN) Protocol: HTTP/1.1 (GET method) Endpoint: /.env Timestamp: 2025-11-12T07:04:08Z Ray ID: 99d42c6c69fbfd23 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4859.172 Safari/537.36 show less	Bad Web Bot
🇩🇪 jasperedv.de	2025-11-12 07:05:57 (7 months ago)	Apache Login - Brutforcing	Brute-Force Web App Attack
🇪🇸 el-brujo	2025-11-12 06:59:54 (7 months ago)	12/Nov/2025:07:59:54.489239 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ... show more 12/Nov/2025:07:59:54.489239 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 167.71.196.82] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "hostench.eu"] [uri "/.env"] [unique_id "aRQwatoHJfjyKdnRaBnKBwACyj4"] ... show less	Hacking Web App Attack
🇺🇸 stvnrdg.me	2025-11-12 06:55:24 (7 months ago)	167.71.196.82 - - [12/Nov/2025:06:55:24 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin ... show more 167.71.196.82 - - [12/Nov/2025:06:55:24 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4859.172 Safari/537.36" ... show less	Hacking
🇳🇱 jaapeldoorn	2025-11-12 06:16:10 (7 months ago)	[Wed Nov 12 07:16:07.476650 2025] [authz_core:error] [pid 1740313:tid 1740348] [client 167.71.196.82 ... show more [Wed Nov 12 07:16:07.476650 2025] [authz_core:error] [pid 1740313:tid 1740348] [client 167.71.196.82:49170] AH01630: client denied by server configuration: /var/www [Wed Nov 12 07:16:07.798434 2025] [authz_core:error] [pid 1740313:tid 1740345] [client 167.71.196.82:49170] AH01630: client denied by server configuration: /var/www [Wed Nov 12 07:16:09.077638 2025] [authz_core:error] [pid 1740313:tid 1740316] [client 167.71.196.82:49170] AH01630: client denied by server configuration: /var/www ... show less	Brute-Force
🇬🇧 findlab	2025-11-12 06:10:02 (7 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
Anonymous	2025-11-12 05:21:08 (7 months ago)	fail2ban_hh apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [uri "/"]	Web App Attack
Anonymous	2025-11-12 05:05:22 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-12 04:56:43 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 167.71.196.82 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 167.71.196.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 23:56:39.080588 2025] [security2:error] [pid 2690:tid 2690] [client 167.71.196.82:59200] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horizonmusicgroup.independentmusicconference.com"] [uri "/.env"] [unique_id "aRQTh5RYV0yyPoR72v3ZiwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.84.100.177

🇮🇶 169.224.125.62

🇦🇷 153.67.15.58

🇫🇷 144.91.106.106

🇫🇷 88.172.108.229

🇷🇴 80.94.92.165

🇱🇹 77.90.185.100

🇺🇸 54.167.43.134

🇫🇷 46.105.46.221

🇳🇱 45.148.10.152

🇺🇸 34.205.163.103

🇰🇷 218.149.228.145

🇻🇳 113.184.96.39

🇺🇸 72.215.37.98

🇺🇸 65.110.40.95

🇰🇷 39.115.195.164

🇺🇸 2606:65c0:40:362:8572:1418:c0ae:be83

🇲🇦 196.65.25.140

🇳🇱 195.178.110.26

🇨🇳 183.232.212.197