JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.140.25.70

123.140.25.70 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	LG Uplus
Usage Type	Commercial
ASN	AS3786
Domain Name	lguplus.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.140.25.70

Whois 123.140.25.70

IP Abuse Reports for 123.140.25.70:

This IP address has been reported a total of 6 times from 5 distinct sources. 123.140.25.70 was first reported on July 4th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2024-07-08 21:00:33 (1 year ago)	Unauthorized login attempts [ ]	Brute-Force
🇳🇱 maxxsense	2024-07-07 19:00:48 (1 year ago)	(postfix-unknown) Failed postfix unknown login with username [redacted] from 123.140.25.70 (KR/South ... show more (postfix-unknown) Failed postfix unknown login with username [redacted] from 123.140.25.70 (KR/South Korea/-) show less	Hacking
Anonymous	2024-07-05 05:23:14 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 CommanderRoot	2024-07-05 05:11:24 (1 year ago)	HTTP request flood	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2024-07-04 10:57:24 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 123.140.25.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 123.140.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 04 06:57:17.315652 2024] [security2:error] [pid 28339] [client 123.140.25.70:54708] [client 123.140.25.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 123.140.25.70 (+1 hits since last alert)\|www.bestlawnsohio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bestlawnsohio.com"] [uri "/xmlrpc.php"] [unique_id "ZoaADZiwikT4WWjm_OGbHgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-04 10:29:42 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 123.140.25.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 123.140.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 04 06:29:39.339629 2024] [security2:error] [pid 26132] [client 123.140.25.70:55338] [client 123.140.25.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 123.140.25.70 (+1 hits since last alert)\|www.imperialmintnft.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.imperialmintnft.com"] [uri "/xmlrpc.php"] [unique_id "ZoZ5k4WozYv9xZiRmIVzvQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e7d:d001

🇯🇵 2400:8d60:8::6496:4882

🇧🇪 198.235.24.208

🇳🇱 195.178.110.30

🇷🇺 193.37.69.113

🇩🇪 167.233.68.137

🇰🇷 113.131.118.6

🇹🇼 111.70.23.250

🇹🇼 60.250.246.239

🇺🇸 54.145.93.83

🇳🇱 45.148.10.141

🇮🇳 202.141.81.6

🇺🇸 172.210.53.196

🇨🇳 111.53.8.101

🇨🇳 111.39.167.59

🇨🇳 106.63.6.210

🇳🇱 91.92.40.37

🇺🇸 64.225.17.153

🇺🇸 52.45.92.83

🇸🇬 47.84.102.125