JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.81.129.130

172.81.129.130 was found in our database!

This IP was reported 120 times. Confidence of Abuse is 100%: ?

100%

ISP	DataWagon, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS27176
Hostname(s)	ip-172-81-129-130.host.datawagon.net
Domain Name	datawagon.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.81.129.130

Whois 172.81.129.130

IP Abuse Reports for 172.81.129.130:

This IP address has been reported a total of 120 times from 86 distinct sources. 172.81.129.130 was first reported on April 6th 2021, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 Antinson	2026-06-28 09:11:44 (3 hours ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-28 01:38:07 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 172.81.129.130 (ip-172-81-129-130.host.datawago ... show more (mod_security) mod_security (id:210492) triggered by 172.81.129.130 (ip-172-81-129-130.host.datawagon.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:38:03.283499 2026] [security2:error] [pid 3583:tid 3583] [client 172.81.129.130:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "totalsafe-security.com"] [uri "/.env"] [unique_id "akB6-_pl-sT_RUl2NCC5QAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Mundo Bueno	2026-06-28 01:27:53 (10 hours ago)	[ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (Windows NT 10.0; Win ... show more [ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.75 show less	Hacking Web App Attack
🇺🇸 Mundo Bueno	2026-06-28 01:10:13 (11 hours ago)	[ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: iTunes/9.0.3 (Macintosh; U; Intel ... show more [ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: iTunes/9.0.3 (Macintosh; U; Intel Mac OS X 10_6_2; en-ca) show less	Hacking Web App Attack
🇩🇪 conseilgouz	2026-06-28 01:05:10 (11 hours ago)	sle-17 : Block hidden directories=>/.env(/)	Hacking
🇺🇸 xserverx.ru	2026-06-28 01:03:13 (11 hours ago)	Honeypot triggered: IP: 172.81.129.130 Request to: https://xserverx.ru/.env Method: GET Host: xserve ... show more Honeypot triggered: IP: 172.81.129.130 Request to: https://xserverx.ru/.env Method: GET Host: xserverx.ru User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.9 (KHTML, like Gecko) Chrome/5.0.309.0 Safari/532.9 Referer: Direct Country: US ASN: Unknown Triggered rules: (\.env\|\.env\.local\|\.env\.production) Timestamp: 2026-06-28T01:03:12.854Z show less	Hacking Bad Web Bot Web App Attack
🇬🇧 andypiper	2026-06-28 01:01:55 (11 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 00:50:57 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 172.81.129.130 (ip-172-81-129-130.host.datawago ... show more (mod_security) mod_security (id:210492) triggered by 172.81.129.130 (ip-172-81-129-130.host.datawagon.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 20:50:50.030046 2026] [security2:error] [pid 20693:tid 20693] [client 172.81.129.130:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swarnar.com"] [uri "/.env"] [unique_id "akBv6mEJzAlqSZLPK2bbZgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 warudora	2026-06-28 00:50:20 (11 hours ago)	Automated Honeypot Trap: Attempted to access sensitive path '/.env' on a Flask server.	Hacking Web App Attack
Anonymous	2026-06-28 00:31:57 (11 hours ago)	path attack /.env	Web App Attack
🇺🇸 Mundo Bueno	2026-06-28 00:29:23 (11 hours ago)	[ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (X11; Linux x86_64; r ... show more [ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120724 Debian Iceweasel/15.02 show less	Hacking Web App Attack
🇫🇷 Baking333	2026-06-28 00:21:10 (12 hours ago)	[redacted] 172.81.129.130 - - [28/Jun/2026:00:57:11 +0100] "GET /.env HTTP/1.1" 302 6763 0/284710 "- ... show more [redacted] 172.81.129.130 - - [28/Jun/2026:00:57:11 +0100] "GET /.env HTTP/1.1" 302 6763 0/284710 "-" "Mozilla/5.0 (X11; U; NetBSD amd64; en-US; rv:1.9.2.15) Gecko/20110308 Namoroka/3.6.15" [redacted] 172.81.129.130 - - [28/Jun/2026:01:21:08 +0100] "GET /.env HTTP/1.1" 302 6778 0/147036 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 00:18:36 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 172.81.129.130 (ip-172-81-129-130.host.datawago ... show more (mod_security) mod_security (id:210492) triggered by 172.81.129.130 (ip-172-81-129-130.host.datawagon.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 20:18:30.601853 2026] [security2:error] [pid 30484:tid 30484] [client 172.81.129.130:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nyemdr.com"] [uri "/.env"] [unique_id "akBoVkLhhVFCnakBAoKxKQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 00:13:17 (12 hours ago)	172.81.129.130 - - [28/Jun/2026:02:13:17 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Symbi ... show more 172.81.129.130 - - [28/Jun/2026:02:13:17 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (SymbianOS/9.2; U; Series60/3.1 Nokia5700/3.27; Profile/MIDP-2.0 Configuration/CLDC-1.1) AppleWebKit/413 (KHTML, like Gecko) Safari/413" show less	Web App Attack
🇩🇪 kommunos	2026-06-28 00:09:20 (12 hours ago)	/.env	Web App Attack

Showing 1 to 15 of 120 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 94.141.89.166

🇱🇻 81.30.98.62

🇷🇴 2.57.121.25

🇰🇷 220.72.198.61

🇩🇪 185.244.192.175

🇮🇩 180.241.238.176

🇺🇸 147.185.132.188

🇹🇼 116.241.168.3

🇨🇳 113.74.34.133

🇨🇦 85.217.149.5

🇮🇩 82.38.3.34

🇮🇳 47.15.1.76

🇩🇪 46.101.171.124

🇺🇸 45.144.115.27

🇧🇷 181.174.253.148

🇮🇳 139.5.1.186

🇨🇱 136.248.247.188

🇮🇳 98.70.50.166

🇪🇸 92.172.91.109

🇱🇹 62.60.130.219