JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.172.96.139

144.172.96.139 was found in our database!

This IP was reported 103 times. Confidence of Abuse is 100%: ?

100%

ISP	RouterHosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14956
Hostname(s)	139.96.172.144.static.cloudzy.com
Domain Name	cloudzy.com
Country	🇺🇸 United States of America
City	Ogden, Utah

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.172.96.139

Whois 144.172.96.139

IP Abuse Reports for 144.172.96.139:

This IP address has been reported a total of 103 times from 86 distinct sources. 144.172.96.139 was first reported on June 4th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-13 02:34:32 (2 hours ago)	144.172.96.139 - - [13/Jun/2026:04:34:32 +0200] "GET /.env HTTP/1.1" 403 519 "-" "Mozilla/5.0 (X11; ... show more 144.172.96.139 - - [13/Jun/2026:04:34:32 +0200] "GET /.env HTTP/1.1" 403 519 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Brute-Force Web App Attack
🇺🇸 mccsoft.io	2026-06-12 23:36:32 (5 hours ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack
🇩🇪 HoneyPot-FrPri	2026-06-12 20:01:50 (9 hours ago)	144.172.96.139 - - [12/Jun/2026:22:01:48 +0200] "GET /.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (X11; ... show more 144.172.96.139 - - [12/Jun/2026:22:01:48 +0200] "GET /.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 144.172.96.139 - - [12/Jun/2026:22:01:50 +0200 ... show less	Bad Web Bot Web App Attack
🇬🇧 Smish	2026-06-12 19:38:42 (9 hours ago)	HONEYPOT HIT --> Fail2ban time=1781293120 log=2026-06-12T20:38:40+01:00 ip=144.172.96.139 host=89.39 ... show more HONEYPOT HIT --> Fail2ban time=1781293120 log=2026-06-12T20:38:40+01:00 ip=144.172.96.139 host=89.39.211.7 method=GET uri="/.env" status=404 ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" ref="-" rid=697a66ad5f36b80c72f36b39540eb366 show less	Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-12 18:55:01 (10 hours ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-1)	Hacking Bad Web Bot
🇺🇸 etu brutus	2026-06-12 14:42:00 (14 hours ago)	144.172.96.139 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
Anonymous	2026-06-12 13:33:18 (15 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 144.172.96.139 (US/United States/139.96 ... show more (mod_security) mod_security triggered on hostname [redacted] 144.172.96.139 (US/United States/139.96.172.144.static.cloudzy.com): (CF_ENABLE) show less	SQL Injection
🇫🇷 Baking333	2026-06-12 13:27:00 (15 hours ago)	redacted:80 144.172.96.139 - - [12/Jun/2026:14:26:54 +0100] "GET /.env HTTP/1.1" 200 202 0/16595 "-" ... show more redacted:80 144.172.96.139 - - [12/Jun/2026:14:26:54 +0100] "GET /.env HTTP/1.1" 200 202 0/16595 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" redacted:443 144.172.96.139 - - [12/Jun/2026:14:26:56 +0100] "GET /.env HTTP/1.1" 200 224 0/14035 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" redacted:80 144.172.96.139 - - [12/Jun/2026:14:26:56 +0100] "GET /.[redacted] HTTP/1.1" 200 202 0/15456 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" show less	Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-12 11:50:37 (17 hours ago)	Multiple WAF Violations	Web App Attack
🇫🇮 iamxorum	2026-06-12 10:35:30 (18 hours ago)	2026-06-12T10:35:28.737191+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74 ... show more 2026-06-12T10:35:28.737191+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=144.172.96.139 DST=46.62.222.43 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=60139 DF PROTO=TCP SPT=60958 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇨🇦 Not Fake	2026-06-12 08:47:18 (20 hours ago)	$f2bV_matches	Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-11 22:04:15 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-4)	Hacking Bad Web Bot
🇩🇪 maxpower	2026-06-11 21:01:09 (1 day ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 144.172.96.139 (US/United States/139.96. ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 144.172.96.139 (US/United States/139.96.172.144.static.cloudzy.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 144.172.96.139 - - [11/Jun/2026:23:01:04 +0200] "GET /wp-config.php.save HTTP/1.1" 403 10404 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" "-" host=145.239.233.178 144.172.96.139 - - [11/Jun/2026:23:01:04 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 1142 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" "-" host=145.239.233.178 show less	Port Scan
Anonymous	2026-06-11 20:19:10 (1 day ago)	144.172.96.139 - - [11/Jun/2026:22:19:09 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; ... show more 144.172.96.139 - - [11/Jun/2026:22:19:09 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" show less	Web App Attack
🇩🇪 Nightreaver	2026-06-11 17:15:44 (1 day ago)	144.172.96.139 - - [11/Jun/2026:19:15:42 0200] "GET /.env.production HTTP/1.1" 404 514 "-" "Mozilla ... show more 144.172.96.139 - - [11/Jun/2026:19:15:42 0200] "GET /.env.production HTTP/1.1" 404 514 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 144.172.96.139 - - [11/Jun/2026:19:15:43 0200] "GET /config.php HTTP/1.1" 404 514 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 144.172.96.139 - - [11/Jun/2026:19:15:43 0200] "GET /appsettings.json HTTP/1.1" 404 514 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 144.172.96.139 - - [11/Jun/2026:19:15:43 0200] "GET /.env.development HTTP/1.1" 404 514 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 144.172.96.139 - - [11/Jun/2026:19:15:44 0200] "GET /.env.backup HTTP/1.1" 404 514 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like G[...] show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 103 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 146.190.119.189

🇬🇧 87.236.176.57

🇨🇳 59.173.123.107

🇺🇸 34.60.55.15

🇦🇺 34.40.211.65

🇺🇸 20.127.202.110

🇵🇾 190.128.201.18

🇨🇱 186.104.171.94

🇹🇼 104.199.176.250

🇧🇩 103.131.144.53

🇮🇳 103.88.221.238

🇬🇧 35.203.211.95

🇧🇷 34.95.152.53

🇰🇷 1.235.192.214

🇩🇪 213.209.159.56

🇺🇸 204.145.96.131

🇹🇭 202.29.224.166

🇺🇸 162.243.173.34

🇺🇸 162.216.149.51

🇺🇸 147.185.132.64