JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.29.139.233

193.29.139.233 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 58%: ?

58%

ISP	Greenhost BV
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47172
Domain Name	greenhost.nl
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.29.139.233

Whois 193.29.139.233

IP Abuse Reports for 193.29.139.233:

This IP address has been reported a total of 50 times from 30 distinct sources. 193.29.139.233 was first reported on February 5th 2025, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 lp	2026-06-20 01:52:04 (23 hours ago)	Email account brute force: 1 attempts were recorded from 193.29.139.233 2026-06-20T02:47:30+02:00 wa ... show more Email account brute force: 1 attempts were recorded from 193.29.139.233 2026-06-20T02:47:30+02:00 warning: unknown[193.29.139.233]: SASL PLAIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 18:07:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 14:07:19.996995 2026] [security2:error] [pid 3330:tid 3353] [client 193.29.139.233:12624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardleeweatherman.com"] [uri "/.env.claude.gpg"] [unique_id "ajWFV66WGLPyI_-ptuWyjwAAAVU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 16:52:47 (1 day ago)	(mod_security) mod_security (id:243320) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:243320) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:52:43.218808 2026] [security2:error] [pid 2336:tid 2350] [client 193.29.139.233:14490] ModSecurity: Access denied with code 403 (phase 2). String match "/.profile" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6621"] [id "243320"] [rev "1"] [msg "COMODO WAF: Information disclosure vulnerability in Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products (CVE-2016-6639)\|\|coloradomohs.aafm.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coloradomohs.aafm.us"] [uri "/.profile"] [unique_id "ajVz2_d_32OUbBgfpiMswQAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 16:37:14 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:37:05.902306 2026] [security2:error] [pid 11239:tid 11239] [client 193.29.139.233:27030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.construction.bonefrog.com"] [uri "/.env.local"] [unique_id "ajVwMVGW4h4XWYb4Hq_ptAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-19 16:03:00 (1 day ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇪🇸 librebit	2026-06-19 14:03:32 (1 day ago)	Brute force	Brute-Force
Anonymous	2026-06-19 05:19:50 (1 day ago)	Automated report (2026-06-19T01:19:50-04:00). Caught probing for exposed Google API credentials.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 05:19:05 (1 day ago)	(mod_security) mod_security (id:243320) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:243320) triggered by 193.29.139.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 01:18:59.178115 2026] [security2:error] [pid 16337:tid 16337] [client 193.29.139.233:15640] ModSecurity: Access denied with code 403 (phase 2). String match "/.profile" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6621"] [id "243320"] [rev "1"] [msg "COMODO WAF: Information disclosure vulnerability in Cloud Foundry PHP Buildpack (aka php-buildpack) before 4.3.18 and PHP Buildpack Cf-release before 242, as used in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.38 and 1.7.x before 1.7.19 and other products (CVE-2016-6639)\|\|garyandthegroove.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "garyandthegroove.com"] [uri "/.profile"] [unique_id "ajTRQ9sIELxI2eZ2BMB5gQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Duggy_Tuxy🧱	2026-06-18 02:26:09 (2 days ago)	[HP02-SRV02-FR] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-06-16 17:34:22 (4 days ago)	[HP02-SRV02-FR] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-06-14 18:44:21 (6 days ago)	[HP02-SRV02-FR] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇨🇿 lp	2026-06-13 15:20:34 (1 week ago)	Email account brute force: 2 attempts were recorded from 193.29.139.233 2026-06-13T16:36:06+02:00 wa ... show more Email account brute force: 2 attempts were recorded from 193.29.139.233 2026-06-13T16:36:06+02:00 warning: unknown[193.29.139.233]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-06-13T16:36:07+02:00 warning: unknown[193.29.139.233]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇨🇿 lp	2026-06-12 00:20:28 (1 week ago)	Email account brute force: 2 attempts were recorded from 193.29.139.233 2026-06-12T01:24:49+02:00 wa ... show more Email account brute force: 2 attempts were recorded from 193.29.139.233 2026-06-12T01:24:49+02:00 warning: unknown[193.29.139.233]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-06-12T01:24:51+02:00 warning: unknown[193.29.139.233]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇯🇵 jay hung	2026-06-08 08:42:03 (1 week ago)	2026-06-08T08:42:01.893040+00:00 quarktech kernel: [742963.625893] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ... show more 2026-06-08T08:42:01.893040+00:00 quarktech kernel: [742963.625893] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=193.29.139.233 DST=172.237.20.248 LEN=1308 TOS=0x00 PREC=0x40 TTL=45 ID=10571 DF PROTO=UDP SPT=7012 DPT=443 LEN=1288 ... show less	Port Scan
🇮🇹 VHosting	2026-05-27 14:40:45 (3 weeks ago)	Detected mail brute force attack from 4 different servers	Brute-Force

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.225

🇵🇰 124.29.247.208

🇨🇳 113.57.66.79

🇷🇴 80.94.92.168

🇺🇸 3.226.34.98

🇩🇪 207.154.243.117

🇳🇱 185.56.137.249

🇧🇷 177.131.175.207

🇩🇪 167.71.60.5

🇮🇳 157.245.97.109

🇺🇸 147.185.132.158

🇺🇸 134.209.8.71

🇨🇳 122.190.194.107

🇨🇳 115.62.88.22

🇹🇼 61.220.94.159

🇺🇸 3.216.86.144

🇩🇪 213.209.159.56

🇩🇪 209.38.236.225

🇧🇦 195.222.57.190

🇧🇷 177.70.2.194