JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.248.150.191

104.248.150.191 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 88%: ?

88%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.248.150.191

Whois 104.248.150.191

IP Abuse Reports for 104.248.150.191:

This IP address has been reported a total of 40 times from 17 distinct sources. 104.248.150.191 was first reported on June 11th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-18 16:57:26 (18 hours ago)	104.248.150.191 - - [18/Jun/2026:19:57:12 +0300] "GET /.env HTTP/1.1" 404 3279 "-" "Mozilla/5.0 (Win ... show more 104.248.150.191 - - [18/Jun/2026:19:57:12 +0300] "GET /.env HTTP/1.1" 404 3279 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 104.248.150.191 - - [18/Jun/2026:19:57:25 +0300] "GET /.env HTTP/1.1" 404 3280 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" ... show less	Web App Attack
🇳🇱 e.fierstra	2026-06-16 01:49:12 (3 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-16 01:10:50 (3 days ago)	Try to access /.env	Web App Attack
🇨🇭 4server	2026-06-15 18:25:24 (3 days ago)	[MonJun1520:25:20.0616032026][security2:error][pid256123:tid256344][client104.248.150.191:0]ModSecur ... show more [MonJun1520:25:20.0616032026][security2:error][pid256123:tid256344][client104.248.150.191:0]ModSecurity:Accessdeniedwithcode403$phase1$.Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"xn--tirascarph-ieb.ch\"][uri\"/.env\"][unique_id\"ajBDkJUPOws2izu2oKwm5QAAANA\"] show less	Hacking Web App Attack
🇨🇭 zynex	2026-06-15 17:41:49 (3 days ago)	URL Probing: /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 13:50:30 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:50:24.862339 2026] [security2:error] [pid 11344:tid 11344] [client 104.248.150.191:36456] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.revision.ws"] [uri "/.env"] [unique_id "ajADID2CXEGtN96Wf2YT1wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 13:33:47 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:33:41.112835 2026] [security2:error] [pid 18384:tid 18384] [client 104.248.150.191:33604] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cncservices.ws"] [uri "/.env"] [unique_id "ai__NWN1iz2h28K13ER63AAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 ALPHANET	2026-06-15 07:26:33 (4 days ago)	web exploits	Hacking Exploited Host Web App Attack
🇳🇿 Antinson	2026-06-15 01:05:21 (4 days ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇦🇺 paulshipley.com.au	2026-06-15 00:59:18 (4 days ago)	[Mon Jun 15 10:59:17.862162 2026] [security2:error] [pid 48585] [client 104.248.150.191:54354] [clie ... show more [Mon Jun 15 10:59:17.862162 2026] [security2:error] [pid 48585] [client 104.248.150.191:54354] [client 104.248.150.191] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.co.nz"] [uri "/.env"] [unique_id "ai9OZXqX0uk_pnC-4QRB-wAAAAo"], referer: https://www.levellapromotions.co.nz/.env ... show less	Web App Attack
🇦🇺 nzhost.co.nz	2026-06-15 00:54:17 (4 days ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 23:59:45 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:59:41.306329 2026] [security2:error] [pid 12389:tid 12389] [client 104.248.150.191:38408] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kccares.helpkccare.org"] [uri "/.env"] [unique_id "ai9AbVD5uSuSsN5rUcy8rAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 17:32:45 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 13:32:39.497180 2026] [security2:error] [pid 10624:tid 10624] [client 104.248.150.191:35898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vr-squaredance.kdgsf.xyz"] [uri "/.env"] [unique_id "ai7lt8GVfQ0ovov9YZtVrQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 17:12:10 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.248.150.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 13:12:05.346948 2026] [security2:error] [pid 599:tid 703] [client 104.248.150.191:46614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mikrotikindonesia.dcs.co.id"] [uri "/.env"] [unique_id "ai7g5fzWMDYApIT6WGpYIAAAAhE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mawan	2026-06-14 17:03:15 (4 days ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 209.50.184.207

🇷🇴 92.118.39.62

🇳🇱 45.148.10.183

🇮🇪 20.93.43.186

🇺🇸 203.161.54.251

🇮🇳 203.110.89.205

🇺🇸 198.199.87.132

🇬🇹 190.151.130.5

🇺🇸 167.99.148.102

🇺🇸 104.207.46.202

🇵🇰 103.72.1.134

🇺🇸 69.10.63.170

🇩🇪 65.111.27.180

🇸🇨 45.194.67.146

🇺🇸 38.34.175.21

🇮🇳 35.200.201.144

🇺🇸 212.28.188.55

🇺🇸 159.89.51.95

🇺🇸 104.28.203.58

🇧🇩 103.132.223.91