JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 128.199.17.149

128.199.17.149 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇮🇳 India
City	Bashettihalli, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 128.199.17.149

Whois 128.199.17.149

IP Abuse Reports for 128.199.17.149:

This IP address has been reported a total of 30 times from 16 distinct sources. 128.199.17.149 was first reported on November 7th 2022, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 jmr777	2025-11-05 00:20:00 (7 months ago)	IM360 WAF: Laravel .env file access\|\|RSV:7.42\|\|T:APACHE\|\|QS:\|\| Sensor: modsec Rule: 77316757 ... show more IM360 WAF: Laravel .env file access\|\|RSV:7.42\|\|T:APACHE\|\|QS:\|\| Sensor: modsec Rule: 77316757 Abuser: 128.199.17.149 show less	Web App Attack
Anonymous	2025-11-04 22:52:10 (7 months ago)	Reported from Nginx log analysis 11. Log: 128.199.17.149 - - [04/Nov/2025:xx:xx:xx 0100] "GET /.env ... show more Reported from Nginx log analysis 11. Log: 128.199.17.149 - - [04/Nov/2025:xx:xx:xx 0100] "GET /.env HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" "-" "IN India Bengaluru" "AS14061" "DIGITALOCEAN-ASN" show less	Port Scan Brute-Force SSH
🇳🇱 bontekoe.technology	2025-11-04 20:34:22 (7 months ago)	128.199.17.149 banned on rtr - Threshold reached: 5 failures	Web App Attack
Anonymous	2025-11-04 17:47:47 (7 months ago)	[05/Nov/2025:04:47:46 +1100] "GET /.env HTTP/1.1" 301 245 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) ... show more [05/Nov/2025:04:47:46 +1100] "GET /.env HTTP/1.1" 301 245 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" show less	Hacking Web App Attack
Anonymous	2025-11-04 17:44:40 (7 months ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ... show more Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-04 17:43:25 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 128.199.17.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 128.199.17.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 04 12:43:19.261876 2025] [security2:error] [pid 6513:tid 6513] [client 128.199.17.149:33286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.250"] [uri "/.env"] [unique_id "aQo7N8C9QzSr7N6lnKDWYgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 whitehoodie	2025-11-04 17:34:09 (7 months ago)	AUTOMATED REPORT: Tried to access .env file	Hacking Bad Web Bot Web App Attack
🇺🇸 xmission.com	2025-11-04 17:33:38 (7 months ago)	Blocked by UFW (TCP on 443) Source port: 50520 TTL: 235 Packet length: 44 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 443) Source port: 50520 TTL: 235 Packet length: 44 TOS: 0x08 This report (for 128.199.17.149) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 MPL	2025-11-04 17:32:29 (7 months ago)	tcp/443 (2 or more attempts)	Port Scan
🇧🇬 Stoyko Stoykov	2025-11-04 17:30:53 (7 months ago)	128.199.17.149 - - [04/Nov/2025:19:30:52 +0200] "GET /.env HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows ... show more 128.199.17.149 - - [04/Nov/2025:19:30:52 +0200] "GET /.env HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-04 17:28:23 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 128.199.17.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 128.199.17.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 04 12:28:16.476484 2025] [security2:error] [pid 3526:tid 3526] [client 128.199.17.149:41728] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.222"] [uri "/.env"] [unique_id "aQo3sCnxuz2Z22jr2Rpf3gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2025-10-07 08:43:57 (8 months ago)	tcp/9000 (2 or more attempts)	Port Scan
🇺🇸 MPL	2025-10-07 08:43:57 (8 months ago)	tcp/9000	Port Scan
🇩🇪 Starburst SysOp Team	2025-10-07 08:38:09 (8 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-nue6-1)	Hacking Bad Web Bot
🇺🇸 MPL	2025-09-23 19:47:23 (8 months ago)	tcp ports: 8088,8082 (2 or more attempts)	Port Scan

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 72.56.41.50

🇷🇺 178.207.10.91

🇨🇳 171.114.228.122

🇮🇪 108.130.75.219

🇸🇬 43.153.204.181

🇳🇱 34.32.146.187

🇺🇸 20.80.88.247

🇺🇸 20.64.105.183

🇺🇸 216.25.89.73

🇺🇸 198.57.247.165

🇨🇳 180.76.55.21

🇺🇸 172.203.195.4

🇺🇸 162.216.149.10

🇳🇱 93.123.72.183

🇺🇸 66.132.172.241

🇺🇸 66.132.172.60

🇯🇵 15.152.22.79

🇺🇸 3.91.252.169

🇫🇮 178.20.210.152

🇺🇸 172.202.113.251