JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 146.70.111.137

146.70.111.137 was found in our database!

This IP was reported 101 times. Confidence of Abuse is 23%: ?

23%

ISP	M247 Ltd Belgrade
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	m247global.com
Country	🇷🇸 Serbia
City	Belgrade, Central Serbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 146.70.111.137

Whois 146.70.111.137

IP Abuse Reports for 146.70.111.137:

This IP address has been reported a total of 101 times from 41 distinct sources. 146.70.111.137 was first reported on March 20th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-23 01:59:22 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 21:59:14.266629 2026] [security2:error] [pid 16704:tid 16723] [client 146.70.111.137:49376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.14"] [uri "/.env"] [unique_id "ahEJ8n7Wvw_iFcu7S2VVAgAAARE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 01:30:32 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 21:30:27.283225 2026] [security2:error] [pid 23497:tid 23622] [client 146.70.111.137:55306] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.79"] [uri "/.env"] [unique_id "ahEDM3Gw9fuenmNg90CR3wAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-23 01:18:22 (1 month ago)	Blocked by UFW (TCP on 80) Source port: 58457 TTL: 105 Packet length: 52 TOS: 0x0A This report (for ... show more Blocked by UFW (TCP on 80) Source port: 58457 TTL: 105 Packet length: 52 TOS: 0x0A This report (for 146.70.111.137) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 01:14:06 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 21:13:59.560401 2026] [security2:error] [pid 4799:tid 4799] [client 146.70.111.137:56824] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.9"] [uri "/.env"] [unique_id "ahD_V2YnFfVbx9-wWZGsUwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-23 01:01:48 (1 month ago)	Blocked by UFW (TCP on 80) Source port: 58700 TTL: 105 Packet length: 52 TOS: 0x0A This report (for ... show more Blocked by UFW (TCP on 80) Source port: 58700 TTL: 105 Packet length: 52 TOS: 0x0A This report (for 146.70.111.137) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 00:49:17 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 20:49:09.151546 2026] [security2:error] [pid 7660:tid 7660] [client 146.70.111.137:55600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.69"] [uri "/.env"] [unique_id "ahD5hSieG3RoqczgNktkTwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-23 00:38:20 (1 month ago)	146.70.111.137 - - [23/May/2026:00:38:19 +0000] "GET /.env HTTP/1.1" 404 400 "-" "Mozilla/5.0 (Windo ... show more 146.70.111.137 - - [23/May/2026:00:38:19 +0000] "GET /.env HTTP/1.1" 404 400 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 00:24:29 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 20:24:24.776879 2026] [security2:error] [pid 17380:tid 17380] [client 146.70.111.137:55652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.63"] [uri "/.env"] [unique_id "ahDzuNv3DNNlEZy85MwaJwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 pltcldvlpr	2026-05-23 00:17:20 (1 month ago)	CMS/framework probe: 146.70.111.137 - - [23/May/2026:02:17:19 +0200] "GET /.env HTTP/1.1" 301 178 "- ... show more CMS/framework probe: 146.70.111.137 - - [23/May/2026:02:17:19 +0200] "GET /.env HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" asn=9009 org="M247 Europe SRL" country=RS ... show less	Web App Attack
🇺🇸 itsnixk	2026-05-23 00:16:23 (1 month ago)	(mod_security) mod_security (id:920350) triggered by 146.70.111.137 (RS/Serbia/-): 1 in the last 360 ... show more (mod_security) mod_security (id:920350) triggered by 146.70.111.137 (RS/Serbia/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri May 22 20:16:22.285422 2026] [security2:error] [pid 643843:tid 643937] [client 146.70.111.137:58511] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "774"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/.env"] [unique_id "ahDx1qLo0PnOlUAMrELJRAAAABA"] show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-23 00:07:58 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 20:07:54.736759 2026] [security2:error] [pid 755:tid 755] [client 146.70.111.137:53581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.243"] [uri "/.env"] [unique_id "ahDv2sAmNMhFOz4Tg3sHOAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 23:49:17 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 19:49:10.913945 2026] [security2:error] [pid 30685:tid 30685] [client 146.70.111.137:58399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.241"] [uri "/.env"] [unique_id "ahDrdo2ssZuAyeBiMQwJiwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 23:32:52 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 19:32:44.723569 2026] [security2:error] [pid 30785:tid 30785] [client 146.70.111.137:59498] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.237"] [uri "/.env"] [unique_id "ahDnnCYg9uM-_E18IaMa4AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-05-22 22:56:07 (1 month ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 22:53:44 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.70.111.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 18:53:37.800937 2026] [security2:error] [pid 19314:tid 19314] [client 146.70.111.137:58393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.233"] [uri "/.env"] [unique_id "ahDecZJjOaY7EYYjGDUQpwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 101 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 203.154.158.195

🇩🇪 164.90.176.216

🇧🇷 152.67.46.203

🇩🇪 80.158.109.51

🇺🇸 23.95.67.200

🇲🇽 187.191.48.23

🇧🇷 186.200.104.66

🇦🇷 186.65.67.113

🇵🇱 178.219.100.60

🇿🇦 165.165.110.148

🇺🇸 162.216.150.47

🇺🇸 162.216.149.68

🇩🇪 155.117.127.214

🇭🇰 118.193.47.155

🇮🇳 118.185.130.194

🇰🇷 118.33.119.34

🇮🇩 103.164.57.37

🇨🇳 101.89.141.184

🇭🇳 45.190.187.226

🇳🇱 45.148.10.147