JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.64.167.210

139.64.167.210 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 54%: ?

54%

ISP	GTHost
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63023
Domain Name	gthost.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.64.167.210

Whois 139.64.167.210

IP Abuse Reports for 139.64.167.210:

This IP address has been reported a total of 60 times from 29 distinct sources. 139.64.167.210 was first reported on August 1st 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 08:23:47 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:23:43.231331 2026] [security2:error] [pid 9767:tid 9767] [client 139.64.167.210:62756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fales.org"] [uri "/.env"] [unique_id "aivCD6cPChEO1u70jgqQmgAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 07:25:38 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:25:34.184609 2026] [security2:error] [pid 11386:tid 11386] [client 139.64.167.210:56106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arapi.org"] [uri "/.env"] [unique_id "aiu0bhEAjMyqwLlMU_9cgAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 brantknudson.org	2026-06-11 11:24:42 (5 days ago)	Request path 'GET /.env HTTP/1.1'	Web App Attack Hacking
🇳🇱 WinnieHoneypots	2026-06-11 10:39:00 (5 days ago)	Crappy bot probing nonexistent /.env	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-11 10:12:24 (5 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 03:03:37 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 23:03:32.885112 2026] [security2:error] [pid 18650:tid 18650] [client 139.64.167.210:58586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bencramer.org"] [uri "/.env"] [unique_id "aiolhNdSIeBbwgoj_ApxtAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 17:46:28 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:46:20.507477 2026] [security2:error] [pid 16401:tid 16401] [client 139.64.167.210:65296] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackriverarc.org"] [uri "/.env"] [unique_id "aimi7Kr8ewnWlmI5zaJpCgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 16:50:11 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 12:50:07.050686 2026] [security2:error] [pid 24504:tid 24531] [client 139.64.167.210:61963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ethicmark.org"] [uri "/.env"] [unique_id "aimVv-I-VTNSWCdkzbN5fQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-10 16:35:40 (6 days ago)	[WedJun1018:35:36.0950692026][security2:error][pid2967677:tid2967906][client139.64.167.210:0]ModSecu ... show more [WedJun1018:35:36.0950692026][security2:error][pid2967677:tid2967906][client139.64.167.210:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"benvenutialfood.org\"][uri\"/.env\"][unique_id\"aimSWJ0YRSwpdC31c4iufwAAAMM\"] show less	Hacking Web App Attack
🇺🇸 nyt	2026-06-10 15:50:42 (6 days ago)	Sensitive File Probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 15:43:37 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 11:43:29.984398 2026] [security2:error] [pid 20265:tid 20265] [client 139.64.167.210:60309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "berntson.org"] [uri "/.env"] [unique_id "aimGIfE4DXoCtt35ppEjggAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 geot	2026-06-10 12:26:13 (6 days ago)	GET /.env HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 04:18:35 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 00:18:30.004440 2026] [security2:error] [pid 18259:tid 18259] [client 139.64.167.210:50425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "empoweruohio.org"] [uri "/.env"] [unique_id "aijllunnYHxtoVBQg79-TgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 03:37:45 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 23:37:39.806717 2026] [security2:error] [pid 31403:tid 31403] [client 139.64.167.210:50177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barreda.org"] [uri "/.env"] [unique_id "aijcAxMovbU5GFpLjZ3QKQAAADw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:39:45 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.64.167.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:39:37.587954 2026] [security2:error] [pid 26295:tid 26295] [client 139.64.167.210:62470] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "austinbiblestudents.org"] [uri "/.env"] [unique_id "aijOaSVpglbGgD9Qj8woLQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.157

🇹🇭 152.32.247.22

🇻🇳 125.212.244.35

🇺🇸 100.29.192.65

🇺🇸 65.49.1.90

🇺🇸 216.73.217.18

🇳🇱 204.76.203.15

🇭🇰 161.81.121.232

🇩🇪 161.35.19.218

🇨🇳 160.202.253.79

🇨🇳 115.239.27.116

🇨🇳 114.117.180.54

🇰🇷 110.93.150.199

🇮🇳 106.51.184.29

🇩🇪 69.5.169.249

🇨🇳 58.59.233.189

🇮🇪 54.246.57.65

🇨🇳 14.29.227.118

🇮🇪 3.249.57.244

🇺🇦 213.111.148.227