JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.29.139.205

193.29.139.205 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 84%: ?

84%

ISP	Greenhost BV
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47172
Domain Name	greenhost.nl
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.29.139.205

Whois 193.29.139.205

IP Abuse Reports for 193.29.139.205:

This IP address has been reported a total of 39 times from 16 distinct sources. 193.29.139.205 was first reported on April 14th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Smee	2026-06-20 19:30:34 (1 hour ago)	IMAP/SMTP Authentication Failure	Brute-Force
🇩🇪 4server	2026-06-19 18:51:03 (1 day ago)	[FriJun1920:51:00.5881862026][security2:error][pid2406918:tid2407000][client193.29.139.205:0]ModSecu ... show more [FriJun1920:51:00.5881862026][security2:error][pid2406918:tid2407000][client193.29.139.205:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"mail.wildpferde.ch\"][uri\"/.vscode/settings.json\"][unique_id\"ajWPlI5-1gPvLRbirtDzcwAAAJU\"] show less	Port Scan Brute-Force Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-19 16:04:17 (1 day ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇬🇧 OptimusGO	2026-06-19 13:33:02 (1 day ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-19 14:33:01 UTC Log evidence: 06/19/2026-14:33:00.911825 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 193.29.139.205:47044 -> 185.127.18.66:8088 06/19/2026-14:33:01.931688 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 193.29.139.205:47044 -> 185.127.18.66:8088 show less	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 12:00:22 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 193.29.139.205 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 193.29.139.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 08:00:16.142014 2026] [security2:error] [pid 27942:tid 27942] [client 193.29.139.205:33720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.garyandthegroove.com"] [uri "/.gemini/.env"] [unique_id "ajUvULb7jIoXjhmKk7aT3wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 05:22:24 (1 day ago)	Automated report (2026-06-19T01:22:24-04:00). Caught probing for env file.	Hacking Web App Attack
🇨🇭 Origon	2026-06-17 09:52:11 (3 days ago)	recidive - IP: 193.29.139.205 - 2026-06-17 09:47:28,265 fail2ban.actions [1068196]: NOTICE [plesk-p ... show more recidive - IP: 193.29.139.205 - 2026-06-17 09:47:28,265 fail2ban.actions [1068196]: NOTICE [plesk-panel] Ban 193.29.139.205 2026-06-17 10:57:12,969 fail2ban.actions [1068196]: NOTICE [plesk-panel] Ban 193.29.139.205 2026-06-17 11:52:11,104 fail2ban.actions [1068196]: NOTICE [plesk-panel] Ban 193.29.139.205 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 09:49:21 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 193.29.139.205 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 193.29.139.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 05:49:18.059722 2026] [security2:error] [pid 24654:tid 24670] [client 193.29.139.205:35108] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|coloradomohs.aafm.us\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "coloradomohs.aafm.us"] [uri "/telegram_messages.db"] [unique_id "ajJtngik8_WPsts3DmsPjgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Mediashaker	2026-06-17 09:33:13 (3 days ago)	(plesk-panel) Failed plesk-panel login with username [redacted] from 193.29.139.205 (-)	Brute-Force
🇩🇪 Séfora Srl	2026-06-17 09:03:53 (3 days ago)	Failed attempt detected by Fail2Ban in plesk-panel jail	Brute-Force
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-17 08:27:03 (3 days ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇫🇷 adembaysal	2026-06-17 07:53:04 (3 days ago)	Domain : pleskcontrolpanel Rule : UserAgent 2026-06-17 07:51:16 *hidden-privacy* GET /enterprise ... show more Domain : pleskcontrolpanel Rule : UserAgent 2026-06-17 07:51:16 *hidden-privacy* GET /enterprise/control/agent.php - 8880 - 193.29.139.205 python-requests/2.32.5 - 500 50 183 1196 178 68 - - show less	Port Scan
🇩🇪 netclix.gr	2026-06-17 07:21:55 (3 days ago)	(bot_kill_mega) Aggressive Bot Blocked: python 193.29.139.205 (-): 1 in the last 4600 secs; Ports: * ... show more (bot_kill_mega) Aggressive Bot Blocked: python 193.29.139.205 (-): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 193.29.139.205 - - [17/Jun/2026:10:19:44 +0300] "GET /enterprise/control/agent.php HTTP/1.1" 200 145 "-" "python-requests/2.32.5" "-"'/enterprise/control/agent.php' '' '/opt/psa/admin/htdocs' show less	Port Scan
🇩🇪 ecs.ge	2026-06-17 07:15:55 (3 days ago)	Automatic Fail2Ban report from jail plesk-panel: multiple matching events detected.	Brute-Force
🇷🇴 iulianh	2026-06-17 01:32:34 (3 days ago)	25,465,587	Brute-Force SSH

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 176.191.43.176

🇫🇷 128.79.125.64

🇮🇳 122.168.194.41

🇨🇳 106.120.240.183

🇭🇰 101.79.165.43

🇵🇱 83.168.95.29

🇸🇦 51.223.124.252

🇩🇪 46.101.216.224

🇨🇭 209.99.189.177

🇩🇪 209.50.184.162

🇸🇻 190.87.165.148

🇺🇾 167.61.129.85

🇩🇿 154.252.76.202

🇺🇸 134.199.215.120

🇩🇪 49.12.77.100

🇨🇴 38.224.42.168

🇳🇱 34.34.21.42

🇺🇸 20.64.105.155

🇻🇳 14.248.82.157

🇺🇸 3.213.85.234