JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.172.115.139

144.172.115.139 was found in our database!

This IP was reported 207 times. Confidence of Abuse is 64%: ?

64%

ISP	RouterHosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14956
Hostname(s)	139.115.172.144.static.cloudzy.com
Domain Name	cloudzy.com
Country	🇺🇸 United States of America
City	Ogden, Utah

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.172.115.139

Whois 144.172.115.139

IP Abuse Reports for 144.172.115.139:

This IP address has been reported a total of 207 times from 102 distinct sources. 144.172.115.139 was first reported on April 18th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-06-23 05:52:11 (3 days ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇺🇸 Starburst SysOp Team	2026-05-20 00:54:54 (1 month ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-mnz6-7)	Hacking Web App Attack
🇩🇰 swrlly	2026-05-19 21:15:05 (1 month ago)	2 unauthorized webserver connections (30d)	Web App Attack
🇨🇭 4server	2026-05-19 20:30:51 (1 month ago)	[TueMay1922:30:39.9328982026][security2:error][pid3146691:tid3146700][client144.172.115.139:0]ModSec ... show more [TueMay1922:30:39.9328982026][security2:error][pid3146691:tid3146700][client144.172.115.139:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"swiss-web-hosting.com\"][uri\"/.env\"][unique_id\"agzIb1281cj4VMJnB69sEAAAAAc\"] show less	Hacking Web App Attack
🇩🇪 kkwemi	2026-05-19 19:53:23 (1 month ago)	Blocked by block-exploit-paths on /.env	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-19 18:31:45 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 144.172.115.139 (139.115.172.144.static.cloudzy ... show more (mod_security) mod_security (id:210492) triggered by 144.172.115.139 (139.115.172.144.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 14:31:41.855578 2026] [security2:error] [pid 18811:tid 18811] [client 144.172.115.139:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swarnar.com"] [uri "/.env"] [unique_id "agysjaH5US_cNB1KIqGywAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 conrad10781	2026-05-19 10:33:06 (1 month ago)	nginx-dot-env	Web App Attack
🇬🇧 foxxelabs	2026-05-18 19:25:22 (1 month ago)	Automated report from FoxxeLabs Sentinel. Path probed: /.env \| Project: anseo \| Reason(s): Known exp ... show more Automated report from FoxxeLabs Sentinel. Path probed: /.env \| Project: anseo \| Reason(s): Known exploit path: /.env; AbuseIPDB score: 100/100 \| User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Mobile Sa show less	Web App Attack
🇺🇸 RamSet	2026-05-18 17:02:46 (1 month ago)	HTTP-Probe on port 443. 2 distinct paths probed in 1s. Sustained 2 req/min, 2 known bad path signatu ... show more HTTP-Probe on port 443. 2 distinct paths probed in 1s. Sustained 2 req/min, 2 known bad path signatures. Paths: /.env show less	Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-05-18 08:56:24 (1 month ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-1)	Hacking Bad Web Bot
🇨🇦 SoteriaCovenant	2026-05-18 06:48:18 (1 month ago)	Automated probe: /.env on Soteria Global infrastructure. No vulnerable software present.	Web App Attack
🇬🇧 consul.to	2026-05-18 02:42:29 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇸🇬 securejdprop	2026-05-17 18:23:39 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇫🇮 kumiko	2026-05-17 09:55:03 (1 month ago)	[2026-05-17 12:55:02] Probing for dotfiles "GET /.env HTTP/2.0" 301	Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-17 04:20:19 (1 month ago)	Web vulnerability probing: /.env	Web App Attack

Showing 1 to 15 of 207 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.154.35.203

🇵🇾 181.117.188.198

🇫🇮 147.185.133.0

🇺🇸 74.235.127.162

🇺🇸 66.132.172.228

🇺🇸 49.51.204.105

🇦🇷 191.82.194.133

🇨🇱 179.60.64.32

🇺🇸 172.221.167.155

🇸🇦 167.100.244.212

🇵🇭 154.18.197.35

🇺🇸 135.237.126.99

🇳🇱 91.92.40.233

🇺🇸 71.235.27.139

🇳🇱 45.148.10.151

🇺🇸 20.221.57.26

🇺🇸 20.168.5.245

🇺🇸 216.180.246.53

🇺🇸 216.180.246.2

🇺🇸 205.210.31.16