JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.98.255.139

141.98.255.139 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 18%: ?

18%

ISP	31173 Services AB infrastructure in Malmo, SE.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS39351
Domain Name	31173.se
Country	🇸🇪 Sweden
City	Malmo, Skane

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.98.255.139

Whois 141.98.255.139

IP Abuse Reports for 141.98.255.139:

This IP address has been reported a total of 39 times from 19 distinct sources. 141.98.255.139 was first reported on November 17th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 pengpeng	2026-06-13 02:52:24 (5 hours ago)	monitor: on VM-0-7-ubuntu \| port: 39886 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 39886 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 pengpeng	2026-05-04 06:21:49 (1 month ago)	monitor: on VM-0-7-ubuntu \| port: 64894 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 64894 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 nyt	2026-04-28 20:52:07 (1 month ago)	SQLi (quote probe)	SQL Injection Web App Attack
🇩🇪 FeG Deutschland	2026-04-22 00:57:45 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇬🇧 consul.to	2026-04-14 18:25:02 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-03-29 20:22:25 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 16:22:17.721093 2026] [security2:error] [pid 26777:tid 26777] [client 141.98.255.139:45496] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.193"] [uri "/.env"] [unique_id "acmJ-cK8X4O54Dww440knQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 AutosOnShow	2026-03-25 18:15:06 (2 months ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-03-25 18:14:06.848 \|	Web App Attack
🇺🇸 Rayulcifer	2026-03-20 14:03:16 (2 months ago)	141.98.255.139 - - [20/Mar/2026:09:03:15 -0500] "GET http://www.prestigesuppliesinc.com/contact-us.h ... show more 141.98.255.139 - - [20/Mar/2026:09:03:15 -0500] "GET http://www.prestigesuppliesinc.com/contact-us.html HTTP/1.1" 200 908 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:99.0) Gecko/20100101 Firefox/99.0" 141.98.255.139 - - [20/Mar/2026:09:03:15 -0500] "GET http://www.prestigesuppliesinc.com/contact-us.html HTTP/1.1" 200 908 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:99.0) Gecko/20100101 Firefox/99.0" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-03-20 09:01:56 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:01:51.489682 2026] [security2:error] [pid 3204:tid 3204] [client 141.98.255.139:55762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.13"] [uri "/.env"] [unique_id "ab0M_17TS8CwCzEBUSDFlgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-18 06:33:35 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 18 02:33:30.035824 2026] [security2:error] [pid 3720594:tid 3720594] [client 141.98.255.139:49916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.30"] [uri "/.env"] [unique_id "abpHOiOXDVdNNs16mhofiQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-15 03:59:44 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 23:59:38.655947 2026] [security2:error] [pid 22386:tid 22386] [client 141.98.255.139:59396] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.144"] [uri "/.env"] [unique_id "abYuqqWz6fR06xPq9NUBDgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-11 01:13:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 141.98.255.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 21:12:57.445702 2026] [security2:error] [pid 32764:tid 32764] [client 141.98.255.139:42954] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.228"] [uri "/.env"] [unique_id "abDBmUayboqDSW0UzJ5nTgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-09 02:35:22 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-03-09 00:50:03 (3 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 MPL	2026-03-06 22:53:43 (3 months ago)	tcp/80 (2 or more attempts)	Port Scan

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.140

🇰🇷 112.216.129.27

🇧🇪 104.199.66.233

🇻🇳 103.60.242.169

🇳🇱 80.82.77.139

🇺🇸 20.85.246.45

🇱🇹 141.98.11.41

🇲🇲 129.224.202.71

🇹🇭 110.164.193.195

🇺🇸 104.232.79.58

🇮🇩 103.98.176.164

🇨🇦 57.134.215.133

🇳🇱 45.148.10.183

🇩🇪 36.255.97.27

🇺🇸 20.168.120.249

🇸🇪 13.48.148.27

🇰🇷 211.228.218.47

🇦🇷 190.105.115.125

🇧🇷 190.83.33.44

🇧🇷 181.218.9.86