JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.139.214.151

185.139.214.151 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 100%: ?

100%

ISP	ALEXHOST SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200019
Hostname(s)	goga1
Domain Name	alexhost.com
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.139.214.151

Whois 185.139.214.151

IP Abuse Reports for 185.139.214.151:

This IP address has been reported a total of 43 times from 22 distinct sources. 185.139.214.151 was first reported on June 22nd 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Oakley	2026-06-30 13:50:50 (8 hours ago)	(confirmed_bot_sig) Confirmed bot	Hacking
Anonymous	2026-06-26 04:52:55 (4 days ago)	Automated vulnerability scanning and sensitive file probing against a secured web server. Attempted ... show more Automated vulnerability scanning and sensitive file probing against a secured web server. Attempted access to sensitive configuration files and common vulnerability paths. show less	Brute-Force Web App Attack
Anonymous	2026-06-25 09:25:56 (5 days ago)	FortiWeb WAF: 52 attacks detected. Threat Score: 9500. Types: Client Management(26), Block IP List(2 ... show more FortiWeb WAF: 52 attacks detected. Threat Score: 9500. Types: Client Management(26), Block IP List(26). Origin: United States. show less	Web App Attack
🇫🇮 albionfreemarket.com	2026-06-24 16:53:11 (6 days ago)	185.139.214.151 - - [24/Jun/2026:16:53:09 +0000] "GET /adminer.php HTTP/2.0" 403 153 "-" "Mozilla/5. ... show more 185.139.214.151 - - [24/Jun/2026:16:53:09 +0000] "GET /adminer.php HTTP/2.0" 403 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 0.000 "-" "US" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-24 07:53:48 (6 days ago)	"GET /wp-content/debug.log HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 07:20:51 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs ... show more (mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 03:20:46.131691 2026] [security2:error] [pid 26018:tid 26018] [client 185.139.214.151:46462] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|chopstickhouseevansville.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chopstickhouseevansville.com"] [uri "/backup.sql"] [unique_id "ajuFTlPZTw2i_DRWHEM34gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 04:52:30 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs ... show more (mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:52:22.027704 2026] [security2:error] [pid 25286:tid 25286] [client 185.139.214.151:54750] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|certifiedfarmersmarkets.org\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "certifiedfarmersmarkets.org"] [uri "/wp-content/debug.log"] [unique_id "ajtihsYHlq0t4tkX1vSNiQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 02:08:12 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs ... show more (mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 22:08:06.807252 2026] [security2:error] [pid 14555:tid 14555] [client 185.139.214.151:46532] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|carminestogo.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "carminestogo.com"] [uri "/wp-content/debug.log"] [unique_id "ajs8BrPgcjJJHJMdSe09lwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Steve	2026-06-24 00:39:27 (6 days ago)	SQL Injection Attempts	Brute-Force SQL Injection
🇺🇸 mw	2026-06-24 00:01:53 (6 days ago)	GET /.env HTTP/1.1	Web App Attack
🇫🇷 SpaceHost-Server	2026-06-23 22:28:14 (1 week ago)		Brute-Force Web App Attack
Anonymous	2026-06-23 20:09:36 (1 week ago)	Aggressive web scan	Web App Attack
🇺🇸 interbiznw.com	2026-06-23 19:07:23 (1 week ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 18:13:56 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs ... show more (mod_security) mod_security (id:210730) triggered by 185.139.214.151 (goga1): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 14:13:50.334478 2026] [security2:error] [pid 26796:tid 26796] [client 185.139.214.151:45748] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|boblog111.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "boblog111.com"] [uri "/wp-content/debug.log"] [unique_id "ajrM3ivLiPqfGtj3caCTTwAAAC8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 macrob	2026-06-23 15:48:45 (1 week ago)	2026/06/23 15:48:44 [error] 3584942#3584942: 325510557 access forbidden by rule, client: 185.139.21 ... show more 2026/06/23 15:48:44 [error] 3584942#3584942: 325510557 access forbidden by rule, client: 185.139.214.151, server: binixo.co, request: "GET /wp-content/debug.log HTTP/1.1", host: "binixo.co" 2026/06/23 15:48:44 [error] 3584942#3584942: 325510560 access forbidden by rule, client: 185.139.214.151, server: binixo.ph, request: "GET /wp-content/debug.log HTTP/1.1", host: "binixo.ph" 2026/06/23 15:48:44 [error] 3584942#3584942: 325510559 access forbidden by rule, client: 185.139.214.151, server: binixo.mx, request: "GET /wp-content/debug.log HTTP/1.1", host: "binixo.mx" ... show less	Web App Attack

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.223

🇲🇽 189.203.150.255

🇩🇪 185.242.3.60

🇧🇷 154.64.12.116

🇨🇳 120.195.26.54

🇮🇳 104.211.103.193

🇲🇾 49.124.155.179

🇭🇰 199.45.154.139

🇩🇴 154.59.206.74

🇩🇴 154.59.206.65

🇻🇪 154.59.56.137

🇫🇮 147.185.133.196

🇸🇬 139.99.74.35

🇸🇬 134.209.99.90

🇨🇳 112.48.102.19

🇺🇸 107.167.34.125

🇮🇳 52.140.76.154

🇺🇸 20.65.193.78

🇬🇧 193.163.125.167

🇲🇽 189.177.91.201