AbuseIPDB » 119.63.138.44
119.63.138.44
This IP was reported 8 times. Confidence of
Abuse
is 11% : ?
ISP
Transworld Associates (Pvt.) Ltd.
Usage Type
Fixed Line ISP
ASN
AS138655
Domain Name
tw1.com
Country
π΅π°
Pakistan
City
Lahore, Punjab
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 119.63.138.44 :
This IP address has been reported a total of
8
times from
6 distinct
sources.
119.63.138.44 was first reported on
March 18th 2021 , and the most recent report was
2 days ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π³π±
soverin
2026-06-05 15:36:04
(2 days ago)
spam
Email Spam
πΊπΈ
TPI-Abuse
2026-04-26 17:29:15
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 119.63.138.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 119.63.138.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 13:29:05.568259 2026] [security2:error] [pid 17828:tid 17828] [client 119.63.138.44:19043] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.raintechgutters.com|F|2"] [data ".raintechgutters.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.raintechgutters.com"] [uri "/who-does-gutter-installation-near-me-for-a-couple-of-seconds-gutterinstallation/www.raintechgutters.com"] [unique_id "ae5LYV5GkleqsQZGwRRwIgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-31 16:27:50
(2 months ago)
(mod_security) mod_security (id:211030) triggered by 119.63.138.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211030) triggered by 119.63.138.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 12:27:43.983092 2026] [security2:error] [pid 11335:tid 11335] [client 119.63.138.44:61677] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at ARGS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "17"] [id "211030"] [rev "3"] [msg "COMODO WAF: LDAP Injection Attack||www.susanoneill.us|F|2"] [data "Matched Data: )>(/*! found within ARGS: 0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.susanoneill.us"] [uri "/xmlrpc.php"] [unique_id "acv1_0QJMNrkcUrJFzrquQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-10 14:52:11
(5 months ago)
"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ...
show more
"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access"
show less
DDoS Attack
SQL Injection
Exploited Host
π³π±
exxos
2025-08-20 06:03:01
(9 months ago)
http-no-verb
Hacking
πΉπ·
Doruk
2025-06-22 09:10:01
(11 months ago)
Unauthorized connection attempt
Brute-Force
π©πͺ
niceshops.com
2023-07-16 14:25:31
(2 years ago)
Web Attack (Jul 23 16:25:30 ScriptKiddie: request for /wp-login.php )
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
Steve
2021-03-18 10:17:50
(5 years ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: