JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.35.120.167

213.35.120.167 was found in our database!

This IP was reported 221 times. Confidence of Abuse is 100%: ?

100%

ISP	Oracle Svenska AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracle.com
Country	🇸🇬 Singapore
City	Kampong Loyang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.35.120.167

Whois 213.35.120.167

IP Abuse Reports for 213.35.120.167:

This IP address has been reported a total of 221 times from 118 distinct sources. 213.35.120.167 was first reported on April 24th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-10 17:44:37 (1 week ago)	ICS Labs identified 213.35.120.167 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇫🇷 masterguru	2026-05-27 10:25:59 (3 weeks ago)	(modsec_900004) ModSec 900004: WSO Shell password hash from 213.35.120.167 (SG/Singapore/-): 1 in th ... show more (modsec_900004) ModSec 900004: WSO Shell password hash from 213.35.120.167 (SG/Singapore/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇳🇱 Sonar	2026-05-26 22:31:37 (3 weeks ago)	Bad_host	Brute-Force
🇺🇸 gu-alvareza	2026-05-20 07:05:03 (4 weeks ago)	PHPUnit.Eval-stdin.PHP.Remote.Code.Execution	Hacking Web App Attack
🇺🇸 rdpguard.com	2026-05-19 17:30:44 (4 weeks ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 rsa	2026-05-19 15:33:00 (4 weeks ago)	.env	Web App Attack
Anonymous	2026-05-19 10:52:09 (4 weeks ago)	Port Scan detected from 213.35.120.167 (SG/Singapore/-). 5 hits in the last 35 seconds	Brute-Force Port Scan
🇩🇪 ghostwarriors	2026-05-19 09:50:17 (4 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-19 08:56:43 (4 weeks ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇺🇸 fazar	2026-05-19 08:06:39 (4 weeks ago)	crowdsecurity/http-admin-interface-probing on node: us01	Web App Attack Hacking
🇪🇸 el-brujo	2026-05-19 07:45:25 (4 weeks ago)	Cloudflare WAF: Request Path: /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php Request Query: Ho ... show more Cloudflare WAF: Request Path: /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php Request Query: Host: wiki.elhacker.net userAgent: python-requests/2.27.1 Action: block Source: firewallManaged ASN Description: Oracle Corporation Country: SG Method: GET Timestamp: 2026-05-19T07:45:25Z ruleId: db1f213645904ab9b16b227b4a6a7b3a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
Anonymous	2026-05-19 07:08:03 (4 weeks ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-includes/js/jquery/jquery.js	Web App Attack
🇺🇸 gu-alvareza	2026-05-19 07:05:07 (4 weeks ago)	PHPUnit.Eval-stdin.PHP.Remote.Code.Execution	Hacking Web App Attack
🇺🇸 fazar	2026-05-19 04:29:43 (4 weeks ago)	crowdsecurity/CVE-2017-9841 on node: us01	Web App Attack
🇺🇸 ipblock.com	2026-05-19 04:17:00 (4 weeks ago)	IPBlock protected site ID [669-fx]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 221 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 203.25.124.148

🇬🇧 193.163.125.96

🇸🇬 152.32.218.149

🇭🇰 118.193.47.155

🇬🇧 35.203.210.60

🇺🇸 3.232.39.98

🇺🇸 2607:f8b0:4001:c5f::124

🇨🇴 201.184.105.100

🇻🇳 171.237.176.209

🇦🇹 159.100.25.241

🇭🇰 154.221.20.215

🇨🇳 106.38.195.164

🇹🇷 89.252.131.17

🇨🇦 85.217.149.14

🇺🇸 52.242.128.238

🇬🇧 35.203.211.234

🇺🇸 192.166.82.120

🇳🇱 176.65.139.183

🇺🇸 162.216.150.41

🇺🇸 162.216.149.179