JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 129.159.56.14

129.159.56.14 was found in our database!

This IP was reported 817 times. Confidence of Abuse is 100%: ?

100%

ISP	Oracle Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracle.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 129.159.56.14

Whois 129.159.56.14

IP Abuse Reports for 129.159.56.14:

This IP address has been reported a total of 817 times from 261 distinct sources. 129.159.56.14 was first reported on December 11th 2025, and the most recent report was 21 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ArturShelby	2026-06-08 13:55:29 (21 minutes ago)	Critical file access: /.env	Web App Attack
🇫🇮 as211431.net	2026-06-08 13:30:39 (45 minutes ago)	Triggered Cloudflare WAF (firewallCustom) from BR. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from BR. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 piticu iuli	2026-06-08 12:40:24 (1 hour ago)	(mod_security) mod_security triggered on hostname [redacted] 129.159.56.14 (BR/Brazil/-)	SQL Injection
🇺🇸 ambor	2026-06-08 11:28:49 (2 hours ago)	Honeypot access: Environment file access attempt. Path: /.env	Web App Attack
🇨🇦 aks4226	2026-06-08 09:58:20 (4 hours ago)	Bot search, attacking common web applications.	Web App Attack
🇸🇬 serverutama	2026-06-08 08:03:03 (6 hours ago)	Nginx scanner: 129.159.56.14 - - [08/Jun/2026:15:01:42 +0700] "GET /.env HTTP/1.1" 444 0 "-" "Mozill ... show more Nginx scanner: 129.159.56.14 - - [08/Jun/2026:15:01:42 +0700] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-" 129.159.56.14 - - [08/Jun/2026:15:01:43 +0700] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-" show less	Web App Attack Bad Web Bot
🇬🇧 Axel	2026-06-08 06:16:02 (8 hours ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇩🇪 FeG Deutschland	2026-06-08 05:32:33 (8 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇨🇭 lufi	2026-06-08 05:04:31 (9 hours ago)	2026-06-08T07:04:30+02:00 lufischer04 ids442 2026-06-08 07:04:30 129.159.56.14: blacklistedPath: /.e ... show more 2026-06-08T07:04:30+02:00 lufischer04 ids442 2026-06-08 07:04:30 129.159.56.14: blacklistedPath: /.env ... show less	Web Spam Brute-Force Hacking Web App Attack
🇨🇭 4server	2026-06-08 05:02:24 (9 hours ago)	[MonJun0807:02:19.1043792026][security2:error][pid2594192:tid2595007][client129.159.56.14:0]ModSecur ... show more [MonJun0807:02:19.1043792026][security2:error][pid2594192:tid2595007][client129.159.56.14:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"mio-ip.aidconsultancy.ch\"][uri\"/.env\"][unique_id\"aiZM23IDdn5rbRw113looQAAAQo\"] show less	Hacking Web App Attack
🇺🇸 MPL	2026-06-08 04:44:09 (9 hours ago)	tcp/443 (8 or more attempts)	Port Scan
🇩🇪 big-cloud.nl	2026-06-08 04:41:10 (9 hours ago)	Try to access /.env	Web App Attack
🇨🇿 akac	2026-06-06 05:01:09 (2 days ago)	Web vulnerability scanning: HTTP/1.1 GET /.env	Hacking Brute-Force Bad Web Bot Web App Attack
🇨🇭 lufi	2026-06-06 03:47:51 (2 days ago)	2026-06-06T05:47:50+02:00 lufischer04 ids442 2026-06-06 05:47:50 129.159.56.14: blacklistedPath: /.e ... show more 2026-06-06T05:47:50+02:00 lufischer04 ids442 2026-06-06 05:47:50 129.159.56.14: blacklistedPath: /.env ... show less	Web Spam Brute-Force Hacking Web App Attack
Anonymous	2026-06-06 03:25:05 (2 days ago)	Web App Attack	Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 817 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 154.194.77.138

🇵🇰 139.135.45.151

🇰🇷 128.134.83.141

🇻🇳 113.168.227.165

🇨🇳 111.162.141.29

🇳🇱 89.21.67.132

🇧🇬 79.124.40.174

🇳🇱 45.198.224.5

🇶🇦 34.153.64.153

🇩🇪 34.141.2.49

🇺🇸 31.56.178.132

🇨🇳 223.85.102.135

🇺🇸 208.84.101.224

🇳🇱 205.147.16.110

🇯🇵 172.253.235.19

🇺🇸 172.239.71.244

🇺🇸 170.187.165.242

🇬🇧 167.71.136.93

🇻🇳 160.25.89.34

🇻🇳 125.212.235.194