JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.59.164.157

139.59.164.157 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Hostname(s)	1435583.cloudwaysapps.com
Domain Name	digitalocean.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.59.164.157

Whois 139.59.164.157

IP Abuse Reports for 139.59.164.157:

This IP address has been reported a total of 49 times from 37 distinct sources. 139.59.164.157 was first reported on March 9th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 boxed-it	2025-02-13 13:54:58 (1 year ago)	GET /.env (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
Anonymous	2025-02-12 12:46:16 (1 year ago)	[11/Feb/2025:18:44:44 -0500] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\" [11/Feb/2025:18:44:44 -0 ... show more [11/Feb/2025:18:44:44 -0500] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\" [11/Feb/2025:18:44:44 -0500] \"GET / HTTP/1.0\" Blank UA show less	Hacking
🇺🇸 BSG Webmaster	2025-02-12 08:35:09 (1 year ago)	Port scanning (Port 443)	Port Scan Hacking
🇳🇱 BlueWire Hosting	2025-02-12 05:10:07 (1 year ago)	Scanning for Laravel vulnerabilities	Web App Attack
🇺🇸 gumbysoft	2025-02-12 01:02:46 (1 year ago)	Too many HTTP Bad Requests	Bad Web Bot
Anonymous	2025-02-12 00:59:03 (1 year ago)	HTTP Req: GET /.env HTTP/1.1 Time: Wed, 12 Feb 2025 01:59:03 +0100 Unauthorised web server access ... show more HTTP Req: GET /.env HTTP/1.1 Time: Wed, 12 Feb 2025 01:59:03 +0100 Unauthorised web server access and/or looking for web app vulnerabilities. Port 443 User Agent: Mozilla/5.0 Keydrop IP suspected 2 time(s) so far. show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-12 00:48:28 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b ... show more (mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b1d.mongo.ondigitalocean.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 11 19:48:24.309014 2025] [security2:error] [pid 15558:tid 15558] [client 139.59.164.157:59000] [client 139.59.164.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.182"] [uri "/.env"] [unique_id "Z6vv2ILbRILf6OwxmW3wtwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-12 00:33:22 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b ... show more (mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b1d.mongo.ondigitalocean.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 11 19:33:15.945269 2025] [security2:error] [pid 798937:tid 798937] [client 139.59.164.157:60336] [client 139.59.164.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.58"] [uri "/.env"] [unique_id "Z6vsS9uJhxcz4YyyehuMhQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇱 ifiguero	2025-02-12 00:32:45 (1 year ago)	Web Attack (\x00\x00\x00\x00\x00). 7d ban	Web App Attack
🇺🇸 RogueAutomata	2025-02-12 00:22:14 (1 year ago)	Detected malicious request: GET /.env Detections triggered: Environment/config probe Access via IP ... show more Detected malicious request: GET /.env Detections triggered: Environment/config probe Access via IP addr (v4) show less	Web App Attack
🇺🇸 RCS	2025-02-12 00:20:01 (1 year ago)	fail2ban apache-modsecurity ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-12 00:06:17 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b ... show more (mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b1d.mongo.ondigitalocean.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 11 19:06:14.083904 2025] [security2:error] [pid 29351:tid 29351] [client 139.59.164.157:46074] [client 139.59.164.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.119"] [uri "/.env"] [unique_id "Z6vl9j6UtIobU-pJPRZiwwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 sajmon0011	2025-02-12 00:04:31 (1 year ago)	139.59.164.157 - - [12/Feb/2025:01:04:30 +0100] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 Keydro ... show more 139.59.164.157 - - [12/Feb/2025:01:04:30 +0100] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 Keydrop" ... show less	Web App Attack
Anonymous	2025-02-11 23:40:02 (1 year ago)	Bot / scanning and/or hacking attempts: GET / HTTP/1.0, GET /.env HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-02-11 23:37:31 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b ... show more (mod_security) mod_security (id:210492) triggered by 139.59.164.157 (scale-test-1739222449131-3a724b1d.mongo.ondigitalocean.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 11 18:37:25.329997 2025] [security2:error] [pid 5737:tid 5737] [client 139.59.164.157:35914] [client 139.59.164.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.197"] [uri "/.env"] [unique_id "Z6vfNVKdUphQu2EcEKV34wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.147

🇺🇸 100.49.117.77

🇳🇱 91.92.40.13

🇺🇸 44.255.240.160

🇺🇸 23.95.62.90

🇧🇪 198.235.24.254

🇳🇱 193.39.208.26

🇨🇴 181.130.147.249

🇭🇰 154.83.13.181

🇮🇳 116.73.240.74

🇺🇸 104.234.53.111

🇨🇦 85.217.149.14

🇺🇸 65.60.157.6

🇺🇸 44.200.177.217

🇺🇸 44.92.245.90

🇺🇸 2604:a880:400:d1:0:4:9e95:f001

🇧🇷 205.210.31.240

🇸🇬 172.217.97.22

🇺🇾 152.156.185.37

🇨🇳 123.158.253.240