JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.128.136.249

216.128.136.249 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 36%: ?

36%

ISP	Vultr Holdings, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20473
Hostname(s)	216.128.136.249.vultrusercontent.com
Domain Name	vultr.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.128.136.249

Whois 216.128.136.249

IP Abuse Reports for 216.128.136.249:

This IP address has been reported a total of 7 times from 5 distinct sources. 216.128.136.249 was first reported on June 25th 2026, and the most recent report was 57 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-26 22:02:49 (57 minutes ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25. show less	Web App Attack SSH Hacking
Anonymous	2026-06-26 17:20:02 (5 hours ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 15:43:32 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 216.128.136.249 (216.128.136.249.vultruserconte ... show more (mod_security) mod_security (id:210492) triggered by 216.128.136.249 (216.128.136.249.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 11:43:07.970301 2026] [security2:error] [pid 1762:tid 1762] [client 216.128.136.249:53942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.formationone.com"] [uri "/.env.local"] [unique_id "aj6eC6gvGE-37zq8xhwSpgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-25 21:36:39 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇴 jad-abuse	2026-06-25 16:53:24 (1 day ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 1 hits. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 15:52:37 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 216.128.136.249 (216.128.136.249.vultruserconte ... show more (mod_security) mod_security (id:210492) triggered by 216.128.136.249 (216.128.136.249.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:52:31.351893 2026] [security2:error] [pid 3253:tid 3253] [client 216.128.136.249:48270] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ati.software"] [uri "/.env.local"] [unique_id "aj1Ov-f45NjqQBxr3hUsgwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 10:49:05 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 216.128.136.249 (216.128.136.249.vultruserconte ... show more (mod_security) mod_security (id:210492) triggered by 216.128.136.249 (216.128.136.249.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 06:49:00.649071 2026] [security2:error] [pid 32109:tid 32109] [client 216.128.136.249:41886] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "affordablehotelphotos.vabq.com"] [uri "/.env"] [unique_id "aj0HnF6gmre97tIo4G-_vAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.169.49.11

🇲🇾 195.86.192.66

🇺🇸 193.36.224.112

🇧🇷 186.219.146.1

🇺🇸 185.180.141.7

🇭🇰 152.32.172.177

🇺🇸 149.34.251.249

🇺🇸 147.185.132.111

🇺🇸 104.243.38.174

🇷🇴 80.94.92.156

🇱🇺 64.89.161.51

🇺🇸 44.45.113.238

🇺🇸 20.14.72.151

🇮🇪 3.253.41.35

🇺🇸 216.180.246.240

🇧🇪 198.235.24.153

🇧🇷 186.251.71.202

🇫🇷 185.177.72.70

🇺🇸 162.216.149.10

🇩🇿 154.247.127.100