JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 174.138.17.143

174.138.17.143 was found in our database!

This IP was reported 361 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 174.138.17.143

Whois 174.138.17.143

IP Abuse Reports for 174.138.17.143:

This IP address has been reported a total of 361 times from 223 distinct sources. 174.138.17.143 was first reported on January 7th 2023, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 D3vNu11	2026-06-18 12:32:15 (1 hour ago)	Level: (LOW): Known Attacker via CitrixHoneypot IOC Country: Singapore 1x -> Target Country: Germany ... show more Level: (LOW): Known Attacker via CitrixHoneypot IOC Country: Singapore 1x -> Target Country: Germany HTTPS show less	Hacking Web App Attack
🇫🇷 GoodOldTOS	2026-06-18 12:29:03 (1 hour ago)	Bad keywords detected in request: /.env	Web App Attack
🇩🇪 todix	2026-06-18 12:27:14 (1 hour ago)	Web App Attack Exploid from 174.138.17.143	Web App Attack
🇹🇷 Detmach	2026-06-18 12:25:04 (1 hour ago)	Security attack detected. Multiple failed attempts from 174.138.17.143. IP banned for 1440 minutes a ... show more Security attack detected. Multiple failed attempts from 174.138.17.143. IP banned for 1440 minutes at 18.06.2026 15:25:04. Failed attempts: 1 show less	Brute-Force
🇩🇪 ut-addicted.com	2026-06-18 12:23:53 (1 hour ago)	\[Thu Jun 18 14:23:51.974323 2026\] \[:error\] \[pid 30221:tid 139785853191936\] \[client 174.138.17 ... show more \[Thu Jun 18 14:23:51.974323 2026\] \[:error\] \[pid 30221:tid 139785853191936\] \[client 174.138.17.143:58558\] \[client 174.138.17.143\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.env"\] \[unique_id "ajPjV7dLPJNLVJGsDX2nGAAAAMU"\] show less	Brute-Force Web App Attack
Anonymous	2026-06-18 12:23:19 (1 hour ago)	fail2ban: Sensitive web probes detected	Web App Attack
Anonymous	2026-06-18 12:20:53 (1 hour ago)	git/env leak probe	Web App Attack
🇫🇮 kumiko	2026-06-18 12:18:55 (2 hours ago)	[2026-06-18 15:18:54] Probing for dotfiles "GET /.env HTTP/1.1" 403	Bad Web Bot Web App Attack
🇮🇪 AutosOnShow	2026-06-18 12:13:05 (2 hours ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-18 12:12:41.181 \|	Web App Attack
🇫🇷 Vaction	2026-06-18 12:11:03 (2 hours ago)	174.138.17.143 - - [18/Jun/2026:14:11:03 +0200] "GET /.env HTTP/1.1" 404 400 "-" "Mozilla/5.0 (Linux ... show more 174.138.17.143 - - [18/Jun/2026:14:11:03 +0200] "GET /.env HTTP/1.1" 404 400 "-" "Mozilla/5.0 (Linux; Android 5.1; OPPO A59s Build/LMY47I; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044813 Mobile Safari/537.36 MMWEBID/6148 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/WIFI Language/zh_CN" show less	Hacking Bad Web Bot Web App Attack
Anonymous	2026-06-18 12:06:21 (2 hours ago)	174.138.17.143 - - [16/Jun/2026:19:15:01 +0300] "GET /.env HTTP/1.1" 403 243 174.138.17.143 - - [18/ ... show more 174.138.17.143 - - [16/Jun/2026:19:15:01 +0300] "GET /.env HTTP/1.1" 403 243 174.138.17.143 - - [18/Jun/2026:02:08:09 +0300] "GET /.env HTTP/1.1" 403 243 174.138.17.143 - - [18/Jun/2026:15:06:20 +0300] "GET /.env HTTP/1.1" 403 243 show less	Bad Web Bot
🇩🇪 Roper123	2026-06-18 11:44:16 (2 hours ago)	Web exploits	Web App Attack
🇩🇪 D3vNu11	2026-06-18 11:31:05 (2 hours ago)	Level: (LOW): Known Attacker via CitrixHoneypot IOC Country: Singapore 2x -> Target Country: Ashburn ... show more Level: (LOW): Known Attacker via CitrixHoneypot IOC Country: Singapore 2x -> Target Country: Ashburn, USA HTTPS show less	Hacking Web App Attack
🇩🇪 Bedios GmbH	2026-06-18 11:15:56 (3 hours ago)	Login credentials theft attempt	Hacking
🇩🇪 Mykola Spesivtsev	2026-06-18 11:15:16 (3 hours ago)	HTTP Tarpit detected bot activity:TargetPort:443, Path:/.env, Method:GET, UA:Mozilla/5.0 (Windows NT ... show more HTTP Tarpit detected bot activity:TargetPort:443, Path:/.env, Method:GET, UA:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safa show less	Port Scan Web App Attack Bad Web Bot

Showing 1 to 15 of 361 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.146.80.124

🇳🇱 213.5.70.12

🇺🇸 189.214.72.229

🇵🇰 175.107.1.198

🇬🇧 90.198.176.224

🇧🇬 79.124.62.230

🇪🇸 79.117.134.6

🇨🇦 54.39.6.85

🇸🇬 47.237.7.211

🇺🇸 45.45.237.171

🇵🇰 38.100.221.232

🇳🇱 34.90.225.154

🇺🇸 34.23.37.255

🇯🇵 14.137.237.192

🇮🇹 4.232.80.255

🇺🇸 199.45.142.237

🇰🇿 188.247.213.3

🇬🇧 185.247.137.143

🇮🇶 185.166.25.150

🇯🇵 160.251.140.254