JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.239.214.219

173.239.214.219 was found in our database!

This IP was reported 254 times. Confidence of Abuse is 95%: ?

95%

ISP	LogicWeb Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	logicweb.com
Country	🇺🇸 United States of America
City	Edison, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.239.214.219

Whois 173.239.214.219

IP Abuse Reports for 173.239.214.219:

This IP address has been reported a total of 254 times from 94 distinct sources. 173.239.214.219 was first reported on June 5th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-05-11 05:29:11 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇪🇸 10dencehispahard SL	2024-05-10 21:00:47 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
Anonymous	2024-05-09 01:12:02 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 MAGIC	2024-04-11 01:02:25 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2024-04-02 15:03:28 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 oh.mg	2024-03-23 04:19:23 (2 years ago)	(mod_security) mod_security (id:949110) triggered by 173.239.214.219 (US/United States/-): 1 in the ... show more (mod_security) mod_security (id:949110) triggered by 173.239.214.219 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Mar 23 04:19:17.515512 2024] [:error] [pid 413980:tid 140098705127168] [client 173.239.214.219:53043] [client 173.239.214.219] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "184"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.0.0-rc1"] [tag "anomaly-evaluation"] [hostname "oh.mg"] [uri "/app/.env "] [unique_id "Zf5YRWaR9U@iqWkhAkFPEwAAAEE"] show less	Port Scan
🇫🇷 Vaction	2024-03-23 00:30:04 (2 years ago)	173.239.214.219 - - [23/Mar/2024:01:30:03 +0100] "GET /_poopinfo.php HTTP/1.1" 404 397 "-" "Mozilla/ ... show more 173.239.214.219 - - [23/Mar/2024:01:30:03 +0100] "GET /_poopinfo.php HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" show less	Hacking Bad Web Bot Web App Attack
🇩🇪 sdos.es	2024-03-17 04:59:01 (2 years ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
Anonymous	2024-03-16 06:24:25 (2 years ago)	Credential Stuffing attacks against Microsoft 365	Brute-Force
🇫🇷 Vaction	2024-03-14 04:50:24 (2 years ago)	173.239.214.219 - - [14/Mar/2024:05:50:24 +0100] "GET /app/.env%20 HTTP/1.1" 404 397 "-" "Mozilla/5. ... show more 173.239.214.219 - - [14/Mar/2024:05:50:24 +0100] "GET /app/.env%20 HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Windows NT 10.0; rv:105.0) Gecko/20100101 Firefox/105.0" show less	Hacking Bad Web Bot Web App Attack
🇩🇪 Mr-Money	2024-03-13 14:58:04 (2 years ago)	173.239.214.219 - - [13/Mar/2024:15:58:02 +0100] "GET /.env.save HTTP/1.1" 404 461 "-" "Mozilla/5.0 ... show more 173.239.214.219 - - [13/Mar/2024:15:58:02 +0100] "GET /.env.save HTTP/1.1" 404 461 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
🇫🇮 xyz.rip	2024-03-13 10:42:41 (2 years ago)	WAF Violation...	Hacking Web App Attack
🇫🇷 Bedios GmbH	2024-03-13 10:18:50 (2 years ago)	Login credentials theft attempt	Hacking
Anonymous	2024-03-13 08:15:08 (2 years ago)	173.239.214.219 - - [13/Mar/2024:09:12:24 +0100] "GET /cms/.env HTTP/1.1" 404 493 "-" "Mozilla/5.0 ( ... show more 173.239.214.219 - - [13/Mar/2024:09:12:24 +0100] "GET /cms/.env HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15" 173.239.214.219 - - [13/Mar/2024:09:12:36 +0100] "GET /.env.project%20 HTTP/1.1" 403 496 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" 173.239.214.219 - - [13/Mar/2024:09:15:03 +0100] "GET /phpinfo HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0" ... show less	Web App Attack
Anonymous	2024-03-12 14:20:57 (2 years ago)	Fail2Ban triggered	Web App Attack

Showing 226 to 240 of 254 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 84.46.247.185

🇩🇴 45.172.152.74

🇹🇼 221.120.77.34

🇹🇭 117.121.214.50

🇨🇳 111.228.36.44

🇨🇳 61.136.246.87

🇺🇸 38.148.249.2

🇺🇸 24.197.29.113

🇺🇸 18.217.187.82

🇳🇱 212.8.251.106

🇻🇪 201.249.192.30

🇳🇮 190.212.210.126

🇺🇸 172.234.195.116

🇺🇸 162.216.150.16

🇰🇷 118.37.214.187

🇧🇼 41.223.73.183

🇬🇧 35.203.211.233

🇸🇪 213.66.145.107

🇮🇩 202.138.252.58

🇵🇰 182.190.220.126