JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.94.219.121

138.94.219.121 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 11%: ?

11%

ISP	Philadelphia PA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS263744
Domain Name	udasha.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.94.219.121

Whois 138.94.219.121

IP Abuse Reports for 138.94.219.121:

This IP address has been reported a total of 8 times from 5 distinct sources. 138.94.219.121 was first reported on May 22nd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-11 11:00:04 (1 day ago)	[Thu Jun 11 17:59:59.473406 2026] [security2:error] [pid 1618003:tid 139768675043008] [client 138.94 ... show more [Thu Jun 11 17:59:59.473406 2026] [security2:error] [pid 1618003:tid 139768675043008] [client 138.94.219.121:23294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET / HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aiqVL_6qs0wRtv9cSy_NqAABAQA"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1618005] [2zneQjhh+Yk] [aiqVL_6qs0wRtv9cSy_NqAABAQA] keep_alive=[1] [2026-06-11 17:59:59.473413] [R:aiqVL_6qs0wRtv9cSy_NqAABAQA] UA:'Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Mobile Safari/537.36 EdgA/126.0.0.0' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'tex ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-29 10:45:18 (2 weeks ago)	[Fri May 29 17:45:15.401402 2026] [security2:error] [pid 1525811:tid 139851920754368] [client 138.94 ... show more [Fri May 29 17:45:15.401402 2026] [security2:error] [pid 1525811:tid 139851920754368] [client 138.94.219.121:48854] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yahoo.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yahoo.go.id found within REQUEST_HEADERS:Referer: https://www.yahoo.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561326-infografis-himbauan-waspada-suhu-udara-panas HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561326-infografis-himbauan-waspada-suhu-udara-panas"] [unique_id "ahluO2ckubJ9_M_7_CuwAQABBhI"], referer https://www.yahoo.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1525835] [CH88ivKiy+o] [ahluO2ckubJ9_M_7_CuwAQABBhI] keep_ ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-10 12:00:57 (1 month ago)	1778412785.692924 138.94.219.121 103.166.156.58 65520_2-4-8-1-3_1260_7 2026-05-10 18:33:05 WIB ...	Email Spam Hacking
🇮🇩 hermawan	2026-04-22 18:12:56 (1 month ago)	04/23/2026-01:12:52.104569 [Drop] [] [1:2100001179:0] Suricata match TLS JA4 scan Uniq Zeek no 11 ... show more 04/23/2026-01:12:52.104569 [Drop] [] [1:2100001179:0] Suricata match TLS JA4 scan Uniq Zeek no 1179 with hash_t13d5112h1_6828d97b4e5a_d41ae481755e [**] [Classification: (null)] [Priority: 3] {TCP} 138.94.219.121:11460 -> 103.166.156.58:443 ... show less	Email Spam Hacking
🇬🇧 Oakley	2026-04-17 14:47:41 (1 month ago)	(antiscrape_rule) Web application abuse detected 138.94.219.121 (US/United States/-): 5 in the last ... show more (antiscrape_rule) Web application abuse detected 138.94.219.121 (US/United States/-): 5 in the last 900 secs show less	Hacking
🇺🇸 ipblock.com	2025-07-03 22:48:00 (11 months ago)	IPBlock protected site ID [4055-d][s=04]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2025-06-04 02:28:44 (1 year ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇺🇸 etu brutus	2025-05-22 16:26:26 (1 year ago)	138.94.219.121 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇳🇱 195.178.110.30

🇫🇮 147.185.133.143

🇱🇾 102.38.3.104

🇺🇸 47.251.28.190

🇬🇧 35.203.210.186

🇺🇸 18.97.9.99

🇺🇸 193.56.116.214

🇩🇪 91.99.6.245

🇷🇺 84.53.238.67

🇱🇹 62.60.130.251

🇳🇱 45.148.10.157

🇨🇳 42.100.60.118

🇲🇽 189.147.98.87

🇳🇱 176.65.148.147

🇺🇸 172.236.126.127

🇮🇩 154.19.37.43

🇮🇳 122.187.228.231

🇱🇹 77.90.185.79

🇺🇸 71.6.134.237