JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.94.219.182

138.94.219.182 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 15%: ?

15%

ISP	Philadelphia PA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS263744
Domain Name	udasha.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.94.219.182

Whois 138.94.219.182

IP Abuse Reports for 138.94.219.182:

This IP address has been reported a total of 6 times from 2 distinct sources. 138.94.219.182 was first reported on April 24th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 securejdprop	2026-06-17 17:09:44 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 27). Ip 138.94.219.182 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-17 17:09:43.211085038 +0000 UTC show less	Hacking Web App Attack
🇮🇩 hermawan	2026-06-15 19:12:40 (3 days ago)	[Tue Jun 16 02:12:40.231880 2026] [security2:error] [pid 125986:tid 139893411935936] [client 138.94. ... show more [Tue Jun 16 02:12:40.231880 2026] [security2:error] [pid 125986:tid 139893411935936] [client 138.94.219.182:32022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.google.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.google.go.id found within REQUEST_HEADERS:Referer: https://www.google.go.id/ request_line = GET /index.php/analisis-iklim/analisis-bulanan/analisis-distribusi-hujan/analisis-distribusi-curah-hujan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-bulanan/analisis-distribusi-hujan/analisis-distribusi-curah-hujan"] [unique_id "ajBOqJEbuL1Xlyb2qYWppgABSQA"], referer https://www.google.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[126014] [9zAxnI81V3w] [ajBOqJEbuL1Xlyb2qYWppgABSQA] keep_alive=[1] [2026-06-16 02:12:40.231885] [R: ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-12 23:12:03 (5 days ago)	[Sat Jun 13 06:11:56.850617 2026] [security2:error] [pid 419547:tid 140091826091712] [client 138.94. ... show more [Sat Jun 13 06:11:56.850617 2026] [security2:error] [pid 419547:tid 140091826091712] [client 138.94.219.182:55228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php"] [unique_id "aiySPLZbz5Ye8Y02TQLcAAAASQI"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[419555] [uJ1emtacjM4] [aiySPLZbz5Ye8Y02TQLcAAAASQI] keep_alive=[1] [2026-06-13 06:11:56.850623] [R:aiySPLZbz5Ye8Y02TQLcAAAASQI] UA:'Mozilla/5.0 (Android 13; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/x ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-11 01:02:00 (1 week ago)	[Thu Jun 11 08:01:57.979892 2026] [security2:error] [pid 1118056:tid 139739976926912] [client 138.94 ... show more [Thu Jun 11 08:01:57.979892 2026] [security2:error] [pid 1118056:tid 139739976926912] [client 138.94.219.182:39034] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:^\|b[\\"'\\\\)\\\\[\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\x0b])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?@_a-\\\\{])?\\\\x5c?u[\\"'\\\$\\\\[\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\x0b])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?@_a-\\\\{])?\\\\x5c?s[\\"'\\\$\\\\[\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\x0b])?\\\\$[!#\\\\(\\\\*\\\\-0- ..." at ARGS_NAMES:id. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "3256"] [id "932350"] [msg "Remote Command Execution: Direct Unix Command Execution (No Arguments)"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: id found within ARGS_NAMES:id: id request_line = GET /index.php?id=1736 HTTP/2.0 Request URI RAW = /index.php?id=1736 Request Basename = index.php"] ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-04 01:27:24 (2 weeks ago)	[Thu Jun 04 08:27:19.827924 2026] [security2:error] [pid 108293:tid 140067382183616] [client 138.94. ... show more [Thu Jun 04 08:27:19.827924 2026] [security2:error] [pid 108293:tid 140067382183616] [client 138.94.219.182:19672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/analisis-iklim/analisis-bulanan/analisis-distribusi-hujan/analisis-distribusi-curah-hujan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-bulanan/analisis-distribusi-hujan/analisis-distribusi-curah-hujan"] [unique_id "aiDUdzwLA_FHGEluAPaApQAAUQw"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[108327] [jQ78caMzShg] [aiDUdzwLA_FHGEluAPaApQAAUQw] keep_alive=[1] [2026-06-04 08:27:19.827930] [R:aiDUdzwL ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-04-24 00:24:36 (1 month ago)	[Fri Apr 24 07:24:35.524556 2026] [security2:error] [pid 268133:tid 139826931074752] [client 138.94. ... show more [Fri Apr 24 07:24:35.524556 2026] [security2:error] [pid 268133:tid 139826931074752] [client 138.94.219.182:55020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.25.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "623"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /script-v185.js HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/script-v185.js"] [unique_id "aeq4QwQIszrD4oraD2SligAAhhg"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[268183] [ojYfymlmgCY] [aeq4QwQIszrD4oraD2SligAAhhg] keep_alive=[1] [2026-04-24 07:24:35.524560] [R:aeq4QwQIszrD4oraD2SligAAhhg] UA:'Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.85 Mobile Safari/537.36 (compa ... show less	Email Spam Hacking

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.146

🇺🇸 136.111.244.149

🇦🇺 91.239.146.131

🇺🇸 208.84.101.55

🇺🇸 147.185.132.55

🇨🇦 85.217.149.16

🇺🇸 40.124.117.126

🇭🇰 144.48.8.10

🇨🇦 104.234.135.32

🇸🇪 92.32.101.218

🇳🇱 91.92.40.7

🇧🇬 78.128.114.102

🇮🇳 45.123.217.22

🇭🇰 43.132.215.237

🇺🇸 24.199.124.134

🇳🇴 20.251.117.149

🇺🇸 17.241.219.137

🇨🇳 1.192.226.254

🇬🇧 206.189.120.50

🇩🇿 197.200.7.82