JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.109.139.73

192.109.139.73 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	Stellar Group SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135392
Domain Name	stellar-group.fr
Country	🇺🇸 United States of America
City	Edison, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.109.139.73

Whois 192.109.139.73

IP Abuse Reports for 192.109.139.73:

This IP address has been reported a total of 34 times from 21 distinct sources. 192.109.139.73 was first reported on June 15th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 thetomtaylor.co.uk	2026-06-16 14:07:02 (4 hours ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx02]	Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-16 13:08:01 (5 hours ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx03,w ... show more Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx03,wa01,wa02] show less	Bad Web Bot Web App Attack
🇺🇸 Charlesiv	2026-06-16 12:01:46 (6 hours ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 135392 (MillenialHost Li ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 135392 (MillenialHost Limited) Protocol: HTTP/1.1 (GET method) Endpoint: //.env Timestamp: 2026-06-16T10:03:58Z Ray ID: a0c8fcd7aa484271 UA: Go-http-client/1.1 show less	Bad Web Bot
🇳🇴 Bots.go.to.hell	2026-06-16 10:06:34 (8 hours ago)	This IP was detected by CrowdSec triggering custom/http-range-ban	Web App Attack Port Scan
🇺🇸 infra-monitor	2026-06-16 10:00:04 (8 hours ago)	Automated ban via infra-monitor: suspicious-probe	Port Scan
🇫🇮 inlink.ltd	2026-06-16 09:33:49 (9 hours ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 09:14:44 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 05:14:38.686802 2026] [security2:error] [pid 14897:tid 14897] [client 192.109.139.73:65004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumduff.microdot.net"] [uri "/.env"] [unique_id "ajET_s94H84lGJ2hwCD8cgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 08:48:30 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 04:48:24.135851 2026] [security2:error] [pid 16988:tid 16988] [client 192.109.139.73:63860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "moandme.xyz"] [uri "/.env"] [unique_id "ajEN2L3SZgiAXjrdKdbHBwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-06-16 08:11:27 (10 hours ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-06-16 08:03:49 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 04:03:44.757353 2026] [security2:error] [pid 3721:tid 3721] [client 192.109.139.73:51391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ic1.biz"] [uri "/.env"] [unique_id "ajEDYLyAHgVK1fdjQCq6aQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-16 07:40:36 (10 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇫🇷 masterguru	2026-06-16 07:01:25 (11 hours ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-197) show less	Bad Web Bot
🇬🇧 consul.to	2026-06-16 06:59:18 (11 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇧🇷 Halux	2026-06-16 06:58:42 (11 hours ago)	192.109.139.73 Probing protected path or service	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 06:07:02 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 192.109.139.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:06:54.865875 2026] [security2:error] [pid 4332:tid 4332] [client 192.109.139.73:51871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4940brooklinedr.com.13waggoners.com"] [uri "/.env"] [unique_id "ajDn_uzrtuubSdcDZFTHlQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.80

🇺🇸 205.210.31.68

🇭🇰 199.45.155.99

🇹🇼 198.235.24.66

🇮🇳 182.95.123.202

🇰🇷 168.107.4.197

🇺🇸 165.154.255.63

🇹🇷 154.53.164.43

🇷🇴 151.242.30.224

🇵🇰 111.68.99.9

🇬🇧 84.8.151.122

🇧🇬 79.124.62.134

🇩🇪 71.18.209.230

🇩🇪 217.60.245.42

🇩🇪 213.209.159.11

🇸🇾 185.225.41.192

🇫🇮 178.20.210.208

🇭🇰 152.32.212.226

🇸🇬 143.198.221.127

🇯🇵 138.199.39.178