JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 95.135.208.145

95.135.208.145 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 44%: ?

44%

ISP	Matteo Martelloni trading as DELUXHOST
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214677
Hostname(s)	static.95.135.208.145.deluxhost.net
Domain Name	deluxhost.net
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 95.135.208.145

Whois 95.135.208.145

IP Abuse Reports for 95.135.208.145:

This IP address has been reported a total of 49 times from 18 distinct sources. 95.135.208.145 was first reported on May 12th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-04 22:01:13 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-06-04	Web App Attack SSH Hacking
🇩🇪 Bedios GmbH	2026-06-04 20:21:22 (2 weeks ago)	Login credentials theft attempt	Hacking
Anonymous	2026-06-01 14:28:13 (3 weeks ago)	Generic.Path.Traversal.Detection	Exploited Host
🇩🇪 strxmpp	2026-05-26 01:37:17 (4 weeks ago)	95.135.208.145 - - [26/May/2026:03:37:16 +0200] "GET /__/firebase/init.js HTTP/1.1" 404 3689 "-" "Mo ... show more 95.135.208.145 - - [26/May/2026:03:37:16 +0200] "GET /__/firebase/init.js HTTP/1.1" 404 3689 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" ... show less	Bad Web Bot
🇫🇮 geot	2026-05-16 09:57:23 (1 month ago)	18 requests, including : GET /?filename=zzzz-not-found HTTP/1.1 GET /?filepath=zzzz-not-found HTTP/ ... show more 18 requests, including : GET /?filename=zzzz-not-found HTTP/1.1 GET /?filepath=zzzz-not-found HTTP/1.1 GET /?filename=../../../../../../../../etc/passwd HTTP/1.1 GET /?path=zzzz-not-found HTTP/1.1 GET /?filename=..\\..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1 GET /?file=..\\..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1 GET /view?path=../../../../../../../../etc/passwd HTTP/1.1 GET /?path=..\\..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1 GET /api/file?path=..\\..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1 show less	Hacking Web App Attack
🇮🇩 Burayot	2026-05-15 21:12:56 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 95.135.208.145 (static.95.135.208.1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 95.135.208.145 (static.95.135.208.145.deluxhost.net): 2 in the last 3600 secs show less	Web App Attack
🇩🇪 Nightreaver	2026-05-15 15:54:35 (1 month ago)	95.135.208.145 - - [15/May/2026:17:54:34 0200] "GET /api/file?path=../../../../../../../../etc/pass ... show more 95.135.208.145 - - [15/May/2026:17:54:34 0200] "GET /api/file?path=../../../../../../../../etc/passwd HTTP/1.1" 404 440 "-" "Mozilla/5.0 (compatible; CCBot/2.0; https://commoncrawl.org/faq/)" 95.135.208.145 - - [15/May/2026:17:54:34 0200] "GET /api/file?path=................Windowswin.ini HTTP/1.1" 404 440 "-" "Mozilla/5.0 (compatible; CCBot/2.0; https://commoncrawl.org/faq/)" 95.135.208.145 - - [15/May/2026:17:54:34 0200] "GET /view?path=zzzz-not-found HTTP/1.1" 404 440 "-" "Mozilla/5.0 (compatible; CCBot/2.0; https://commoncrawl.org/faq/)" 95.135.208.145 - - [15/May/2026:17:54:34 0200] "GET /view?path=../../../../../../../../etc/passwd HTTP/1.1" 404 440 "-" "Mozilla/5.0 (compatible; CCBot/2.0; https://commoncrawl.org/faq/)" 95.135.208.145 - - [15/May/2026:17:54:34 0200] "GET /view?path=................Windowswin.ini HTTP/1.1" 404 440 "-" "Mozilla/5.0 (compatible; CCBot/2.0; https://commoncrawl.org/faq/)"[...] show less	Bad Web Bot Web App Attack
🇦🇺 aranguren.org	2026-05-15 15:41:43 (1 month ago)	95.135.208.145 - - [16/May/2026:01:41:41 +1000] "GET /api/file?path=zzzz-not-found HTTP/2.0" 404 993 ... show more 95.135.208.145 - - [16/May/2026:01:41:41 +1000] "GET /api/file?path=zzzz-not-found HTTP/2.0" 404 993 "-" "Mozilla/5.0 (compatible; CCBot/2.0; +https://commoncrawl.org/faq/)" 95.135.208.145 - - [16/May/2026:01:41:41 +1000] "GET /api/file?path=../../../../../../../../etc/passwd HTTP/2.0" 404 993 "-" "Mozilla/5.0 (compatible; CCBot/2.0; +https://commoncrawl.org/faq/)" 95.135.208.145 - - [16/May/2026:01:41:41 +1000] "GET /api/file?path=..\\..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/2.0" 404 993 "-" "Mozilla/5.0 (compatible; CCBot/2.0; +https://commoncrawl.org/faq/)" 95.135.208.145 - - [16/May/2026:01:41:42 +1000] "GET /view?path=zzzz-not-found HTTP/2.0" 404 993 "-" "Mozilla/5.0 (compatible; CCBot/2.0; +https://commoncrawl.org/faq/)" 95.135.208.145 - - [16/May/2026:01:41:42 +1000] "GET /api/file?path=zzzz-not-found HTTP/1.1" 404 993 "-" "Mozilla/5.0 (compatible; CCBot/2.0; +https://commoncrawl.org/faq/)" 95.135.208.145 - - [16/May/2026:01:41:42 +1000] "GET /api/file?path=../../../../ ... show less	Bad Web Bot
🇲🇾 Rizzy	2026-05-15 15:11:06 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇦🇹 Starburst SysOp Team	2026-05-15 14:54:40 (1 month ago)	Path Traversal Attack (/../) or (/.../). Pattern match "(?i)(?: (930100-ams6-1)	Hacking
🇺🇸 TPI-Abuse	2026-05-15 13:59:53 (1 month ago)	(mod_security) mod_security (id:211190) triggered by 95.135.208.145 (static.95.135.208.145.deluxhost ... show more (mod_security) mod_security (id:211190) triggered by 95.135.208.145 (static.95.135.208.145.deluxhost.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 09:59:49.390650 2026] [security2:error] [pid 1077:tid 1077] [client 95.135.208.145:42550] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.xalais.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?file=../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.xalais.com"] [uri "/"] [unique_id "agcm1YnTEUJe173kANRuAgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-05-15 13:32:54 (1 month ago)	BAD BOT - Detected and Blocked.. Matched phrase "ccbot" at REQUEST_HEADERS:user-agent. (1100000-122)	Bad Web Bot
🇩🇪 4server	2026-05-15 12:33:14 (1 month ago)	[FriMay1514:33:09.8010802026][security2:error][pid744091:tid744223][client95.135.208.145:0]ModSecuri ... show more [FriMay1514:33:09.8010802026][security2:error][pid744091:tid744223][client95.135.208.145:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"/etc/passwd\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"141\"][id\"347009\"][rev\"1\"][msg\"Atomicorp.comWAFRules:ProtectedFileaccessdenied\"][severity\"CRITICAL\"][hostname\"mail.gualandi.ch\"][uri\"/\"][unique_id\"agcShWY5ZudrJrGX5VLiOQAAARU\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-15 12:26:18 (1 month ago)	(mod_security) mod_security (id:211190) triggered by 95.135.208.145 (static.95.135.208.145.deluxhost ... show more (mod_security) mod_security (id:211190) triggered by 95.135.208.145 (static.95.135.208.145.deluxhost.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 08:26:12.840279 2026] [security2:error] [pid 8163:tid 8163] [client 95.135.208.145:49962] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.fitzmail.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?file=../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.fitzmail.com"] [uri "/"] [unique_id "agcQ5KskyK_xVq9X6KMeZAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-15 11:24:37 (1 month ago)	(mod_security) mod_security (id:211190) triggered by 95.135.208.145 (static.95.135.208.145.deluxhost ... show more (mod_security) mod_security (id:211190) triggered by 95.135.208.145 (static.95.135.208.145.deluxhost.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 07:24:30.020211 2026] [security2:error] [pid 13591:tid 13608] [client 95.135.208.145:54270] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.adrenalinearms.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?file=../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.adrenalinearms.com"] [uri "/"] [unique_id "agcCbvCCrgfRLugSNNkmIwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.230

🇳🇱 185.223.235.9

🇺🇸 109.105.210.74

🇮🇩 103.101.216.219

🇫🇷 91.231.89.182

🇯🇵 204.93.245.240

🇲🇺 202.123.26.150

🇭🇰 154.83.15.221

🇨🇳 150.139.194.15

🇳🇱 91.92.40.66

🇮🇶 65.20.138.46

🇺🇸 64.62.197.26

🇺🇸 64.62.156.125

🇧🇷 45.177.137.215

🇧🇷 43.164.194.33

🇯🇵 18.183.236.148

🇬🇧 2620:171:fa:f0::235

🇭🇰 2404:6800:4005:c01::12d

🇩🇪 212.227.78.91

🇧🇪 198.235.24.243