JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 146.19.216.144

146.19.216.144 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 0%: ?

ISP	MB Lirutis
Usage Type	Data Center/Web Hosting/Transit
ASN	AS134677
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Kansas City, Kansas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 146.19.216.144

Whois 146.19.216.144

IP Abuse Reports for 146.19.216.144:

This IP address has been reported a total of 55 times from 35 distinct sources. 146.19.216.144 was first reported on January 11th 2026, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 aygabtu	2026-01-15 14:23:00 (5 months ago)	sql injection/xss scripting attempts	SQL Injection Bad Web Bot
🇺🇸 octageeks.com	2026-01-15 05:07:23 (5 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 21:31:28 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps ... show more (mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 16:31:22.211837 2026] [security2:error] [pid 10360:tid 10360] [client 146.19.216.144:57903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "larrybridwell.com"] [uri "/.env"] [unique_id "aWgLKl9K6TC4imAonhzhkQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 20:33:48 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps ... show more (mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 15:33:43.827620 2026] [security2:error] [pid 25116:tid 25116] [client 146.19.216.144:61569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.indieheaven.io"] [uri "/.env"] [unique_id "aWf9p_1vfTMqQ70PzYifyQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 20:17:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps ... show more (mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 15:17:01.868034 2026] [security2:error] [pid 24698:tid 24698] [client 146.19.216.144:63928] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.appalachianstomp.com"] [uri "/.env"] [unique_id "aWf5vckRcQNHWAHv_WypVgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-01-14 18:29:34 (5 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇬🇧 AvonleaConsulting	2026-01-14 18:21:59 (5 months ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇫🇷 COMAITE	2026-01-14 17:01:28 (5 months ago)	SQL injection attempt from 146.19.216.144.	Web App Attack
🇺🇸 RidgeStar	2026-01-14 16:41:27 (5 months ago)	2026-01-14T08:41:27-08:00: <script>alert('XSS')</script> 2026-01-13T23:34:46-0 ... show more 2026-01-14T08:41:27-08:00: <script>alert('XSS')</script> 2026-01-13T23:34:46-08:00: <script>alert('XSS')</script> 2026-01-13T23:34:46-08:00: <script>alert('XSS')</script> 2026-01-11T04:33:29-08:00: <script>alert('XSS')</script> 2026-01-11T04:33:29-08:00: <script>alert('XSS')</script> show less	Port Scan Hacking
🇮🇪 RoboSOC	2026-01-14 15:00:29 (5 months ago)	HTTP Directory Traversal Vulnerability , PTR: static.146.19.216.144.orangevps.com.	Hacking
🇪🇸 el-brujo	2026-01-14 13:55:32 (5 months ago)	Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozilla/5.0 (L ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozilla/5.0 (Linux; Android 9; ASUS_I005DA Build/PI; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/133.0.6943.122 Mobile Action: block Source: firewallManaged ASN Description: IDC-AS-AP Dromatics Systems Pte Ltd Country: US Method: GET Timestamp: 2026-01-14T13:55:32Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 13:54:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps ... show more (mod_security) mod_security (id:210492) triggered by 146.19.216.144 (static.146.19.216.144.orangevps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 08:53:56.422720 2026] [security2:error] [pid 23702:tid 23702] [client 146.19.216.144:61299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.chicagowca.com"] [uri "/.env"] [unique_id "aWef9NMu_5vzv4DJuXfNHAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-01-14 13:42:00 (5 months ago)	Web vulnerability probing: /adminer.php	Web App Attack
🇮🇪 Jim Keir	2026-01-14 11:35:16 (5 months ago)	2026-01-14 11:35:16 146.19.216.144 File scanning, blocking 146.19.216.144 for 5 minutes	Web App Attack
🇺🇸 fortypoundhead	2026-01-14 11:28:00 (5 months ago)	Banned IP Address	Hacking Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.247.137.227

🇨🇳 210.22.149.155

🇧🇷 205.210.31.202

🇸🇮 176.65.134.34

🇮🇳 111.118.181.171

🇹🇼 61.220.235.10

🇳🇱 45.148.10.152

🇬🇧 35.203.210.204

🇷🇺 31.173.66.222

🇬🇧 2a06:4880:6000::88

🇬🇧 109.145.61.112

🇬🇧 87.236.176.26

🇸🇬 45.78.204.254

🇧🇷 20.195.178.67

🇭🇰 8.217.193.233

🇩🇪 213.209.159.115

🇺🇸 162.216.149.32

🇨🇳 119.147.8.82

🇮🇳 103.125.155.187

🇸🇬 47.74.213.140