JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.71.53.237

167.71.53.237 was found in our database!

This IP was reported 61 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.71.53.237

Whois 167.71.53.237

IP Abuse Reports for 167.71.53.237:

This IP address has been reported a total of 61 times from 47 distinct sources. 167.71.53.237 was first reported on May 3rd 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-17 15:48:12 (18 hours ago)	Bot / seems abusive / Apache connections: 23	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-17 13:31:19 (20 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 infra-monitor	2026-06-17 13:00:05 (21 hours ago)	Automated ban via infra-monitor: suspicious-probe	Port Scan
🇫🇷 Feelautom	2026-06-17 12:20:09 (22 hours ago)	[FeelAutom Auto-Ban] AI Analyst: Score 182 avec menaces PathScan sur app.t-ia-connect.com	Port Scan
🇩🇪 Ba-Yu	2026-06-17 11:07:00 (23 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
Anonymous	2026-06-17 10:34:22 (23 hours ago)	(caddyscan) Scanner path probe from 167.71.53.237 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; ... show more (caddyscan) Scanner path probe from 167.71.53.237 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 167.71.53.237 - - [17/Jun/2026:10:34:19 +0000] "GET /.aws/config HTTP/1.1" [REDACTED] 200 2627 167.71.53.237 - - [17/Jun/2026:10:34:20 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 167.71.53.237 - - [17/Jun/2026:10:34:20 +0000] "GET /.docker/.env HTTP/1.1" [REDACTED] 200 2627 167.71.53.237 - - [17/Jun/2026:10:34:20 +0000] "GET /.docker/laravel/app/.env HTTP/1.1" [REDACTED] 200 2627 167.71.53.237 - - [17/Jun/2026:10:34:20 +0000] "GET /.env.bak HTTP/1.1" show less	Port Scan
🇫🇷 masterguru	2026-06-17 10:32:25 (23 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇳🇱 wlt-blocker	2026-06-17 10:31:37 (23 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 Skyrider	2026-06-17 10:25:11 (23 hours ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 09:49:27 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 167.71.53.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 167.71.53.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 05:49:21.760501 2026] [security2:error] [pid 1125:tid 1125] [client 167.71.53.237:41376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circlehealthcaregroup.com"] [uri "/.docker/.env"] [unique_id "ajJtoY2hbaBVSqLvoQVtYwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 leo1305	2026-06-17 09:40:58 (1 day ago)	CrowdSec detection \| scenario: http-sensitive-files	Web App Attack Exploited Host
🇺🇦 URAN Publishing Service	2026-06-17 09:37:19 (1 day ago)	167.71.53.237 - - [17/Jun/2026:12:37:18 +0300] "GET /.docker/laravel/app/.env HTTP/1.1" 404 729 "-" ... show more 167.71.53.237 - - [17/Jun/2026:12:37:18 +0300] "GET /.docker/laravel/app/.env HTTP/1.1" 404 729 "-" "TLM-Audit-Scanner/1.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 09:21:36 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 167.71.53.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 167.71.53.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 05:21:33.272834 2026] [security2:error] [pid 31802:tid 31802] [client 167.71.53.237:42744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anngardner.net"] [uri "/.docker/.env"] [unique_id "ajJnHfEX8kv8xVmkkXy2XAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 VanKoh	2026-06-17 09:19:25 (1 day ago)	167.71.53.237 - - [17/Jun/2026:03:19:23 -0600] "GET /update.cgi HTTP/1.1" 301 162 "-" "TLM-Audit-S ... show more 167.71.53.237 - - [17/Jun/2026:03:19:23 -0600] "GET /update.cgi HTTP/1.1" 301 162 "-" "TLM-Audit-Scanner/1.0" 167.71.53.237 - - [17/Jun/2026:03:19:24 -0600] "GET /* HTTP/1.1" 301 162 "-" "TLM-Audit-Scanner/1.0" 167.71.53.237 - - [17/Jun/2026:03:19:24 -0600] "GET /.boto HTTP/1.1" 301 162 "-" "TLM-Audit-Scanner/1.0" ... show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 18:37:09 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 167.71.53.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 167.71.53.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 14:37:05.567886 2026] [security2:error] [pid 27652:tid 27652] [client 167.71.53.237:48386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zacharypowers.com"] [uri "/.docker/laravel/app/.env"] [unique_id "ajGX0eIWXQMs_X5c2Tzo4QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 61 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.120.41

🇦🇷 138.117.16.125

🇵🇱 87.251.64.144

🇩🇪 43.157.98.118

🇩🇪 2.26.64.64

🇩🇪 2a03:4000:28:26d:3880:acff:fe59:581

🇧🇷 201.17.133.138

🇺🇸 193.34.74.12

🇺🇸 192.3.96.60

🇲🇽 187.216.224.85

🇫🇮 147.185.133.138

🇨🇳 139.199.225.96

🇨🇳 124.223.78.215

🇹🇭 118.194.250.95

🇺🇸 107.167.34.125

🇬🇧 45.198.224.46

🇳🇵 27.34.110.114

🇺🇸 2602:fb54:1a00::1c3

🇺🇸 207.246.106.68

🇬🇧 185.247.137.49