JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 96.126.130.244

96.126.130.244 was found in our database!

This IP was reported 526 times. Confidence of Abuse is 100%: ?

100%

ISP	Evoxt
Usage Type	Data Center/Web Hosting/Transit
ASN	AS149440
Hostname(s)	96-126-130-244.aceips.com
Domain Name	evoxt.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 96.126.130.244

Whois 96.126.130.244

IP Abuse Reports for 96.126.130.244:

This IP address has been reported a total of 526 times from 141 distinct sources. 96.126.130.244 was first reported on April 27th 2026, and the most recent report was 48 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-04-28 09:22:41 (1 month ago)	96.126.130.244 - - [28/Apr/2026:12:22:40 +0300] "GET /.env HTTP/1.1" 404 764 "-" "Mozilla/5.0 (Windo ... show more 96.126.130.244 - - [28/Apr/2026:12:22:40 +0300] "GET /.env HTTP/1.1" 404 764 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 96.126.130.244 - - [28/Apr/2026:12:22:40 +0300] "GET /.env HTTP/1.1" 404 764 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 05:59:51 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 01:59:47.451335 2026] [security2:error] [pid 15093:tid 15093] [client 96.126.130.244:54304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mavrik12.com"] [uri "/.env"] [unique_id "afBM08yoRnxyvN6cXHp7FAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2026-04-28 05:57:52 (1 month ago)	vulnerability scan	Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 04:13:43 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 00:13:35.896683 2026] [security2:error] [pid 18593:tid 18614] [client 96.126.130.244:46448] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mykfccares.com"] [uri "/.env"] [unique_id "afAz77f_S3FaxTl2sI9ZCQAAAVI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 simsung	2026-04-28 03:56:17 (1 month ago)	96.126.130.244 - - [28/Apr/2026:03:56:16 +0000] "GET /.env HTTP/1.1" 403 548 "http://mail.kesihatana ... show more 96.126.130.244 - - [28/Apr/2026:03:56:16 +0000] "GET /.env HTTP/1.1" 403 548 "http://mail.kesihatanalami.com/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-28 03:44:28 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 23:44:21.175157 2026] [security2:error] [pid 31726:tid 31748] [client 96.126.130.244:57488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peluqueriabuhos.com"] [uri "/.env"] [unique_id "afAtFWt8Lsqgq_Z9Rw4JBQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 03:28:46 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 23:28:41.871285 2026] [security2:error] [pid 15036:tid 15036] [client 96.126.130.244:50406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tatilborsasi.com"] [uri "/.env"] [unique_id "afApaTG491SI9E05S3gIfAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 02:46:24 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 22:46:20.090904 2026] [security2:error] [pid 2600:tid 2600] [client 96.126.130.244:60896] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hamson.com"] [uri "/.env"] [unique_id "afAffHq1tevpQpm8KEQ2xQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-04-28 02:39:35 (1 month ago)	96.126.130.244 - - [28/Apr/2026:03:39:34 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windo ... show more 96.126.130.244 - - [28/Apr/2026:03:39:34 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 96.126.130.244 - - [28/Apr/2026:03:39:34 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 96.126.130.244 - - [28/Apr/2026:03:39:34 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-04-28 02:18:21 (1 month ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 Epimetheus	2026-04-28 01:42:42 (1 month ago)	Unauthorized access attempts: [GET] /.env [GET] /.env [GET] /.env [GET] /.env [GET] /.env UA: Mozi ... show more Unauthorized access attempts: [GET] /.env [GET] /.env [GET] /.env [GET] /.env [GET] /.env UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
Anonymous	2026-04-28 01:31:20 (1 month ago)	/.env	Web App Attack
🇫🇷 Dechavanne	2026-04-28 01:00:07 (1 month ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇧🇪 madeit	2026-04-28 00:49:52 (1 month ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 00:26:37 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 96.126.130.244 (96-126-130-244.aceips.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 20:26:34.712097 2026] [security2:error] [pid 21806:tid 21806] [client 96.126.130.244:58178] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cashforjunkcars.info"] [uri "/.env"] [unique_id "ae_-ujpTDtSw9-KEywAvbwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 481 to 495 of 526 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 155.4.244.107

🇩🇿 154.241.52.5

🇨🇳 14.103.46.139

🇺🇸 205.210.31.101

🇳🇱 89.38.96.216

🇳🇱 45.148.10.151

🇩🇪 4.184.246.230

🇧🇷 205.210.31.222

🇯🇵 172.104.93.159

🇺🇸 159.89.138.113

🇫🇮 147.185.133.63

🇬🇧 92.238.110.228

🇫🇷 51.68.226.87

🇺🇸 50.116.72.133

🇱🇹 45.227.254.170

🇯🇵 43.130.229.228

🇺🇸 2607:f8b0:4023:100f::120

🇰🇷 222.107.156.227

🇧🇷 205.210.31.169

🇸🇬 143.198.221.127