JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.2.43.140

119.2.43.140 was found in our database!

This IP was reported 171 times. Confidence of Abuse is 14%: ?

14%

ISP	PT Laxo Global Akses
Usage Type	Fixed Line ISP
ASN	AS38524
Domain Name	laxo.net.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.2.43.140

Whois 119.2.43.140

IP Abuse Reports for 119.2.43.140:

This IP address has been reported a total of 171 times from 72 distinct sources. 119.2.43.140 was first reported on February 29th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-05-22 04:28:57 (2 weeks ago)	Web App Attack	Web App Attack
🇺🇸 RAP	2026-05-07 03:07:49 (1 month ago)	2026-05-07 03:07:49 UTC Unauthorized activity to TCP port 2323. Telnet	Port Scan
🇨🇭 backslash	2026-04-27 21:06:01 (1 month ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇺🇸 Rayulcifer	2025-11-23 21:31:36 (6 months ago)	119.2.43.140 - - [23/Nov/2025:16:31:34 -0500] "GET http://httpbin.org/ip HTTP/1.1" 200 927 "-" "pyth ... show more 119.2.43.140 - - [23/Nov/2025:16:31:34 -0500] "GET http://httpbin.org/ip HTTP/1.1" 200 927 "-" "python-requests/2.32.5" 119.2.43.140 - - [23/Nov/2025:16:31:35 -0500] "GET http://api.ipify.org/ HTTP/1.1" 200 83286 "-" "python-requests/2.32.5" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇳🇱 jjnxpct	2025-09-23 03:45:04 (8 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 210492) show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 22:13:01 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 18:12:54.805567 2025] [security2:error] [pid 21970:tid 21970] [client 119.2.43.140:31229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "televisonic.com"] [uri "/.env"] [unique_id "aNHJ5ghl2xy7ZS7fnQf2yQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 vfAcceloReporter	2025-09-22 21:24:49 (8 months ago)	119.2.43.140 - - [22/Sep/2025:18:24:48 -0300] "GET /.env HTTP/1.1" 301 169 "-" "Mozlila/5.0 (Linux; ... show more 119.2.43.140 - - [22/Sep/2025:18:24:48 -0300] "GET /.env HTTP/1.1" 301 169 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" ... show less	Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 19:57:26 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 15:57:19.091587 2025] [security2:error] [pid 21903:tid 21903] [client 119.2.43.140:47583] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laradioactivitat.com"] [uri "/.env"] [unique_id "aNGqH-s-5SipM2bheKwUuAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 18:31:50 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 14:31:42.842005 2025] [security2:error] [pid 19059:tid 19059] [client 119.2.43.140:33918] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiinlog.com"] [uri "/.env"] [unique_id "aNGWDizE_xxLM7zEMeouXQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2025-09-22 17:59:55 (8 months ago)	Probing for exploits 119.2.43.140 - - [22/Sep/2025:19:59:50 +0200] "GET /.env HTTP/1.1" 422 0 "-" "M ... show more Probing for exploits 119.2.43.140 - - [22/Sep/2025:19:59:50 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 119.2.43.140 - - [22/Sep/2025:19:59:51 +0200] "GET /sendgrid/.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 17:53:23 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 13:53:16.919668 2025] [security2:error] [pid 392:tid 392] [client 119.2.43.140:32934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "giff.cloud"] [uri "/.env"] [unique_id "aNGNDEWQSD9AmhZ4FiumKQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 16:59:42 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 12:59:34.215698 2025] [security2:error] [pid 9800:tid 9800] [client 119.2.43.140:12674] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cruisingforsex.com"] [uri "/.env"] [unique_id "aNGAdtR-IGOiU0_HXrTh5gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-22 16:15:45 (8 months ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇺🇸 jcbriar	2025-08-13 02:41:42 (9 months ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-08-13 00:42:38 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 119.2.43.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 12 20:42:33.998927 2025] [security2:error] [pid 8947:tid 8947] [client 119.2.43.140:15417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jimwilsongallery.com"] [uri "/.env"] [unique_id "aJvfefbUqNv5-y6v_ElPowAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 171 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.214.56.78

🇲🇽 187.250.165.5

🇺🇸 154.92.22.55

🇵🇰 154.80.41.247

🇺🇸 136.114.141.211

🇺🇸 103.144.3.181

🇫🇷 91.231.89.245

🇺🇦 81.163.132.6

🇩🇪 69.5.169.41

🇨🇭 45.143.200.246

🇺🇸 216.180.246.30

🇺🇸 216.25.89.101

🇰🇷 211.178.165.251

🇺🇸 143.42.164.204

🇫🇷 143.14.66.8

🇺🇸 134.22.18.133

🇳🇬 102.88.137.213

🇨🇳 60.13.6.103

🇱🇹 45.227.254.170

🇩🇪 213.209.159.56