JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 176.65.144.128

176.65.144.128 was found in our database!

This IP was reported 173 times. Confidence of Abuse is 100%: ?

100%

ISP	DEDIK SERVICES LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209413
Domain Name	dedik.io
Country	🇨🇭 Switzerland
City	Bellinzona, Ticino

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 176.65.144.128

Whois 176.65.144.128

IP Abuse Reports for 176.65.144.128:

This IP address has been reported a total of 173 times from 135 distinct sources. 176.65.144.128 was first reported on May 29th 2026, and the most recent report was 56 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇿🇦 slartybartfast69420blazit	2026-06-04 20:18:07 (56 minutes ago)	Fail2ban picked up 176.65.144.128 attacking nginx	Web App Attack
Anonymous	2026-06-04 20:13:55 (1 hour ago)	"GET /api/.env HTTP/1.1"	Hacking Web App Attack
🇩🇪 ramazan	2026-06-04 19:18:45 (1 hour ago)	Fail2Ban: nginx-4xx \| Failures: 10 \| Log: /config.inc.php /config.php /config/app.php /config/config ... show more Fail2Ban: nginx-4xx \| Failures: 10 \| Log: /config.inc.php /config.php /config/app.php /config/config.php /config/database.php show less	Web App Attack Hacking
🇩🇪 tuxiano	2026-06-04 19:11:20 (2 hours ago)	176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../../../.env HTTP/1.1" 400 150 "-" "-" "-" 17 ... show more 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../../../.env HTTP/1.1" 400 150 "-" "-" "-" 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../../../../.env HTTP/1.1" 400 150 "-" "-" "-" 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../.env.local HTTP/1.1" 400 150 "-" "-" "-" 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../../.env.local HTTP/1.1" 400 150 "-" "-" "-" 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../.env.production HTTP/1.1" 400 150 "-" "-" "-" 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../.env HTTP/1.1" 400 150 "-" "-" "-" 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../../.env HTTP/1.1" 400 150 "-" "-" "-" 176.65.144.128 - - [04/Jun/2026:19:11:19 +0000] "GET /../../.env HTTP/1.1" 400 150 "-" "-" "-" show less	Web App Attack
Anonymous	2026-06-04 18:50:49 (2 hours ago)	"Malicius Bot Scanner"	Web App Attack
🇩🇪 Viveronese	2026-06-04 17:14:18 (4 hours ago)	HTTP vulnerability scanning	Web App Attack
🇩🇪 ut-addicted.com	2026-06-04 16:28:24 (4 hours ago)	\[Thu Jun 04 18:28:22.866384 2026\] \[:error\] \[pid 1377:tid 139785706333952\] \[client 176.65.144. ... show more \[Thu Jun 04 18:28:22.866384 2026\] \[:error\] \[pid 1377:tid 139785706333952\] \[client 176.65.144.128:47816\] \[client 176.65.144.128\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/wp-config.php\~"\] \[unique_id "aiGnpnq-OTiONKDhQm2qnwAAARM"\] show less	Brute-Force Web App Attack
🇩🇪 initsol	2026-06-04 15:31:11 (5 hours ago)	[Thu Jun 04 17:31:09.505667 2026] [php:error] [pid 2183328:tid 2183328] [client 176.65.144.128:16416 ... show more [Thu Jun 04 17:31:09.505667 2026] [php:error] [pid 2183328:tid 2183328] [client 176.65.144.128:16416] script '/var/www/html/settings.php' not found or unable to stat [Thu Jun 04 17:31:09.922309 2026] [php:error] [pid 2129249:tid 2129249] [client 176.65.144.128:16686] script '/var/www/html/configuration.php' not found or unable to stat [Thu Jun 04 17:31:10.770969 2026] [php:error] [pid 2183974:tid 2183974] [client 176.65.144.128:16710] script '/var/www/html/config.inc.php' not found or unable to stat ... show less	Brute-Force
Anonymous	2026-06-04 15:25:20 (5 hours ago)	Web App Attack	Brute-Force Web App Attack
🇩🇪 piticu iuli	2026-06-04 14:57:43 (6 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 176.65.144.128 (DE/Germany/-)	SQL Injection
🇨🇭 TheCoon	2026-06-04 14:15:01 (7 hours ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇺🇸 MPL	2026-06-04 13:26:58 (7 hours ago)	tcp ports: 80,443 (4 or more attempts)	Port Scan
🇩🇪 iRaphi05	2026-06-04 12:42:45 (8 hours ago)	Honeypot detection: GET request on /.dockerenv \| User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; ... show more Honeypot detection: GET request on /.dockerenv \| User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) show less	Hacking Web App Attack
🇳🇴 Bots.go.to.hell	2026-06-04 10:32:38 (10 hours ago)	This IP was detected by CrowdSec triggering custom/ip-honeypot	Web App Attack Bad Web Bot
Anonymous	2026-06-04 09:28:35 (11 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking

Showing 1 to 15 of 173 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.100

🇪🇸 185.121.15.184

🇭🇰 172.253.6.16

🇺🇸 147.182.183.153

🇧🇩 103.137.143.34

🇳🇱 81.19.216.105

🇷🇺 45.91.64.6

🇮🇩 36.93.249.106

🇩🇪 167.94.145.24

🇺🇸 162.216.150.15

🇷🇴 80.94.92.177

🇩🇪 78.111.67.242

🇷🇴 2.57.121.112

🇰🇷 210.105.125.200

🇺🇸 153.92.214.3

🇮🇹 93.92.76.92

🇮🇷 85.133.157.129

🇷🇴 80.94.92.171

🇩🇪 45.131.109.76

🇺🇸 40.77.167.49