AbuseIPDB » 192.241.182.240

192.241.182.240 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 47%: ?

47%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 192.241.182.240

Whois 192.241.182.240

IP Abuse Reports for 192.241.182.240:

This IP address has been reported a total of 47 times from 29 distinct sources. 192.241.182.240 was first reported on February 14th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
rtbh.com.tr	2025-02-16 20:49:46 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
rtbh.com.tr	2025-02-16 00:49:47 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
rtbh.com.tr	2025-02-15 20:49:48 (1 month ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
mr_whitehat	2025-02-15 00:36:22 (1 month ago)	Probed for vulnerable web application: request line: /.env (Possible exploit:Unprotected .env files)	Web App Attack
TPI-Abuse	2025-02-14 17:54:26 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 14 12:54:21.373973 2025] [security2:error] [pid 21792:tid 21792] [client 192.241.182.240:53052] [client 192.241.182.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.64"] [uri "/.env"] [unique_id "Z6-DTbPiidpfs1zZ4WUPmgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
ingroscart.it	2025-02-14 17:30:10 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 192.241.182.240 (US/United States/-)	SQL Injection
TPI-Abuse	2025-02-14 17:24:49 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 14 12:24:46.343236 2025] [security2:error] [pid 18677:tid 18677] [client 192.241.182.240:41930] [client 192.241.182.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.209"] [uri "/.env"] [unique_id "Z698XtLng9nb099avSD2cAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anymous	2025-02-14 17:16:58 (1 month ago)	GET /.env HTTP/1.1 403 4438 "-" "Mozilla/5.0 Keydrop"	Bad Web Bot
oonux.net	2025-02-14 17:12:41 (1 month ago)	RouterOS: Scanning detected TCP 192.241.182.240:42342 > x.x.x.x:443	Port Scan
Bedios GmbH	2025-02-14 17:12:06 (1 month ago)	Login credentials theft attempt	Hacking
TPI-Abuse	2025-02-14 17:08:15 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 14 12:08:11.130432 2025] [security2:error] [pid 3970307:tid 3970307] [client 192.241.182.240:60960] [client 192.241.182.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.60"] [uri "/.env"] [unique_id "Z694e0JR1ROZN8N1ug036QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Mr-Money	2025-02-14 17:01:25 (1 month ago)	192.241.182.240 - - [14/Feb/2025:18:01:25 +0100] "GET /.env HTTP/1.1" 404 3273 "-" "Mozilla/5.0 Keyd ... show more192.241.182.240 - - [14/Feb/2025:18:01:25 +0100] "GET /.env HTTP/1.1" 404 3273 "-" "Mozilla/5.0 Keydrop" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
Anonymous	2025-02-14 16:57:12 (1 month ago)	Fail2ban Nginx log integration.	Port Scan Brute-Force SSH
TPI-Abuse	2025-02-14 16:47:09 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210492) triggered by 192.241.182.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 14 11:47:01.984084 2025] [security2:error] [pid 5775:tid 5775] [client 192.241.182.240:57480] [client 192.241.182.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.27"] [uri "/.env"] [unique_id "Z69zhWWiM8yef4gQEQ_2EgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
myintarweb	2025-02-14 16:35:23 (1 month ago)	192.241.182.240 - - [14/Feb/2025:16:35:22 +0000] 443 "GET /.env HTTP/1.1" 404 29079 "-" "Mozilla/5.0 ... show more192.241.182.240 - - [14/Feb/2025:16:35:22 +0000] 443 "GET /.env HTTP/1.1" 404 29079 "-" "Mozilla/5.0 Keydrop" 192.241.182.240 - - [14/Feb/2025:16:35:22 +0000] 443 "GET / HTTP/1.0" 400 1671 "-" "-" ... show less	Hacking Bad Web Bot Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩