JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.94.219.142

138.94.219.142 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 4%: ?

ISP	Philadelphia PA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS263744
Domain Name	udasha.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.94.219.142

Whois 138.94.219.142

IP Abuse Reports for 138.94.219.142:

This IP address has been reported a total of 4 times from 1 distinct source. 138.94.219.142 was first reported on May 11th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-17 17:59:49 (1 hour ago)	[Thu Jun 18 00:59:45.665658 2026] [security2:error] [pid 1912508:tid 139897737287360] [client 138.94 ... show more [Thu Jun 18 00:59:45.665658 2026] [security2:error] [pid 1912508:tid 139897737287360] [client 138.94.219.142:24532] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/probabilistik-curah-hujan-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/probabilistik-curah-hujan-provinsi-jawa-timur"] [unique_id "ajLgkZ2P9eXL-YDtjMMOgQABSwY"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1912515] [7Dkh03ZMUo8] [ajLgkZ2P9eXL-YDtjMMOgQABSwY] keep_alive=[1] [2026-06-18 00:59:45.665665] [R:ajLgkZ2P9eXL-YDtjMMOgQABSwY] ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-02 10:55:32 (2 weeks ago)	[Tue Jun 02 17:55:32.304719 2026] [security2:error] [pid 335866:tid 140637346895552] [client 138.94. ... show more [Tue Jun 02 17:55:32.304719 2026] [security2:error] [pid 335866:tid 140637346895552] [client 138.94.219.142:10294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET /index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi"] [unique_id "ah62pJpx0UNExJRsthsMvwAAAQA"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[335867] [GFVfJoPoULA] [ah62pJpx0UNExJRsthsMvwAAAQA] keep_alive=[1] [2026-06-02 17:55:32.304723] [R:ah62pJpx0UNExJRsthsMvwAAAQA] UA:'Mozilla/5.0 (iPhone; CPU iPhone ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-26 00:31:41 (3 weeks ago)	05/26/2026-07:31:41.047889 [Drop] [] [1:2100001898:0] Suricata match TLS ja4 scan Uniq Zeek no 18 ... show more 05/26/2026-07:31:41.047889 [Drop] [] [1:2100001898:0] Suricata match TLS ja4 scan Uniq Zeek no 1898 with hash_t13d1812h1_85036bcba153_d41ae481755e [**] [Classification: (null)] [Priority: 3] {TCP} 138.94.219.142:2800 -> 103.166.156.58:443 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-11 06:04:44 (1 month ago)	05/10/2026-16:57:33.398985 [Drop] [] [1:2100000417:0] Suricata match TLS JA4 scan Uniq Zeek no 41 ... show more 05/10/2026-16:57:33.398985 [Drop] [] [1:2100000417:0] Suricata match TLS JA4 scan Uniq Zeek no 417 with hash_t12d1209h2_d34a8e72043a_e08eabe7240f [**] [Classification: (null)] [Priority: 3] {TCP} 138.94.219.142:8782 -> 103.166.156.58:443 ... show less	Email Spam Hacking

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇪 197.232.20.75

🇵🇱 193.8.187.34

🇩🇿 154.241.13.32

🇺🇸 147.185.132.147

🇺🇸 92.204.138.198

🇫🇷 91.231.89.11

🇫🇷 85.217.140.18

🇵🇱 85.11.187.147

🇵🇱 85.11.187.146

🇵🇱 85.11.187.145

🇵🇱 85.11.187.144

🇷🇴 80.94.92.182

🇵🇱 193.8.187.42

🇵🇱 193.8.187.38

🇩🇪 178.128.207.189

🇺🇸 172.104.11.46

🇺🇸 135.237.126.195

🇺🇸 91.230.168.137

🇧🇬 91.148.190.150

🇫🇷 85.217.140.30