JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.108.35.68

65.108.35.68 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 79%: ?

79%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.68.35.108.65.clients.your-server.de
Domain Name	hetzner.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.108.35.68

Whois 65.108.35.68

IP Abuse Reports for 65.108.35.68:

This IP address has been reported a total of 45 times from 18 distinct sources. 65.108.35.68 was first reported on April 24th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Oakley	2026-06-13 13:30:32 (6 hours ago)	(antiscrape_rule) Web application abuse detected 65.108.35.68 (FI/Finland/static.68.35.108.65.client ... show more (antiscrape_rule) Web application abuse detected 65.108.35.68 (FI/Finland/static.68.35.108.65.clients.your-server.de): 5 in the last 900 secs show less	Hacking
Anonymous	2026-06-13 10:03:39 (9 hours ago)	PSCDE WEBFORM SPAM 65.108.35.68 (static.68.35.108.65.clients.your-server.de)	Web Spam
Anonymous	2026-06-10 14:12:36 (3 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: FI, Attack patterns: Auto ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: FI, Attack patterns: Automated scanning show less	Bad Web Bot Web App Attack
Anonymous	2026-06-09 14:08:59 (4 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: FI, Attack patterns: Auto ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: FI, Attack patterns: Automated scanning show less	Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-06-09 04:00:04 (4 days ago)	Probing for Exploits on ns200	Exploited Host Web App Attack
🇺🇸 SSH-Admin	2026-06-08 20:38:02 (4 days ago)	Probing for Exploits on ns007	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 22:17:38 (5 days ago)	(mod_security) mod_security (id:217210) triggered by 65.108.35.68 (static.68.35.108.65.clients.your- ... show more (mod_security) mod_security (id:217210) triggered by 65.108.35.68 (static.68.35.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:17:30.636169 2026] [security2:error] [pid 24832:tid 24855] [client 65.108.35.68:48678] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|batonrougegazette.com\|F\|4"] [data "GET ?C=S;O=A HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "batonrougegazette.com"] [uri "/"] [unique_id "aiXt-kc_wxJ1ghbg09GXvgAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 16:44:16 (6 days ago)	(mod_security) mod_security (id:217210) triggered by 65.108.35.68 (static.68.35.108.65.clients.your- ... show more (mod_security) mod_security (id:217210) triggered by 65.108.35.68 (static.68.35.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:44:09.324824 2026] [security2:error] [pid 7627:tid 7627] [client 65.108.35.68:37376] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|theartbrush.com\|F\|4"] [data "GET ?C=S;O=A HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "theartbrush.com"] [uri "/"] [unique_id "aiWf2f634DeWOaWeDDCUSwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 02:03:00 (6 days ago)	Multiple Violations by Bot	Port Scan Web App Attack
🇬🇧 Wessex	2026-06-05 15:02:00 (1 week ago)	Unknown scraper bot	Bad Web Bot
🇮🇩 securejdprop	2026-06-04 21:25:54 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-dos-swithcing-ua. Ip 65.108.35.68 per ... show more This IP was detected by CrowdSec triggering crowdsecurity/http-dos-swithcing-ua. Ip 65.108.35.68 performed 'crowdsecurity/http-dos-swithcing-ua' (20 events over 2m9.191024835s) at 2026-06-04 21:25:52.889200665 +0000 UTC show less	Hacking Web App Attack Brute-Force
🇩🇪 FeG Deutschland	2026-06-04 02:30:51 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 248	Exploited Host Web App Attack
Anonymous	2026-06-03 06:12:17 (1 week ago)	Suspicious activity detected in web server access logs	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 03:28:53 (1 week ago)	(mod_security) mod_security (id:217210) triggered by 65.108.35.68 (static.68.35.108.65.clients.your- ... show more (mod_security) mod_security (id:217210) triggered by 65.108.35.68 (static.68.35.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 23:28:48.991984 2026] [security2:error] [pid 7978:tid 7978] [client 65.108.35.68:41346] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|nexthop.com\|F\|4"] [data "GET ?C=S;O=A HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "nexthop.com"] [uri "/"] [unique_id "ah-fcJkRrZYlyiFdvo9aMAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Steve	2026-06-02 10:03:17 (1 week ago)	SQL Injection Attempts	Brute-Force SQL Injection

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.246.200.113

🇺🇸 103.168.66.237

🇳🇱 45.148.10.183

🇨🇳 39.100.70.251

🇺🇸 162.243.138.30

🇺🇸 142.248.80.191

🇻🇳 103.168.58.186

🇮🇩 103.166.159.145

🇺🇸 97.244.153.40

🇷🇺 95.220.204.16

🇧🇬 91.191.209.118

🇬🇧 89.37.172.144

🇫🇷 88.162.141.131

🇵🇹 37.189.133.222

🇨🇳 219.152.63.187

🇧🇪 198.235.24.184

🇦🇲 195.250.79.2

🇬🇧 194.74.196.10

🇧🇾 178.168.158.78

🇳🇱 176.65.149.178