AbuseIPDB » 138.94.219.194
138.94.219.194 was found in our database!
This IP was reported 9 times. Confidence of
Abuse
is 18% : ?
ISP
Philadelphia PA
Usage Type
Data Center/Web Hosting/Transit
ASN
AS263744
Domain Name
udasha.com
Country
๐บ๐ธ
United States of America
City
New York City, New York
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 138.94.219.194 :
This IP address has been reported a total of
9
times from
3 distinct
sources.
138.94.219.194 was first reported on
May 18th 2026 , and the most recent report was
1 week ago .
Old Reports:
The most recent abuse report for this IP address is from
1 week ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฎ๐ฉ
securejdprop
2026-06-23 14:18:01
(1 week ago)
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 27). Ip 138.94.219.194 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-23 14:18:00.716557452 +0000 UTC
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2026-06-21 21:46:06
(1 week ago)
[Mon Jun 22 04:46:02.521714 2026] [security2:error] [pid 2015647:tid 140109762414272] [client 138.94 ...
show more
[Mon Jun 22 04:46:02.521714 2026] [security2:error] [pid 2015647:tid 140109762414272] [client 138.94.219.194:27366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yahoo.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yahoo.go.id found within REQUEST_HEADERS:Referer: https://www.yahoo.go.id/ request_line = GET /pdfjs/web/viewer.html?file=/images/Klimatologi/Prakiraan/Peringatan_Dini/2026/03_Maret_2026/11-20/Press_Release_Kewaspadaan_Cuaca_Ekstrem_di_Jawa_Timur_11-20_MARET_2026_e_B_ME_02_04_014_KSUB_III_2026.pdf HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/pdfjs/web/viewer.html"] [unique_id "ajhbmoD1gFft0lVVvWAV0wAABxg"], referer https://www.yahoo.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[2015672] [PUC9c4pI+0g] [ajhbmoD1gFft0lVVvWAV0wAABxg] keep_alive=[1] [2026-06
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
securejdprop
2026-06-17 03:12:37
(2 weeks ago)
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 27). Ip 138.94.219.194 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-17 03:12:36.511476207 +0000 UTC
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2026-06-08 03:36:16
(3 weeks ago)
[Mon Jun 08 10:36:13.192601 2026] [security2:error] [pid 632777:tid 140662147024576] [client 138.94. ...
show more
[Mon Jun 08 10:36:13.192601 2026] [security2:error] [pid 632777:tid 140662147024576] [client 138.94.219.194:26982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/probabilistik-curah-hujan-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/probabilistik-curah-hujan-provinsi-jawa-timur"] [unique_id "aiY4rd89lDhcLfF6nTulyQABxxg"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[632802] [O29LtvUJM5M] [aiY4rd89lDhcLfF6nTulyQABxxg] keep_alive=[1] [2026-06-08 10:36:13.192607] [R:aiY4rd89lDhcLfF6nTulyQ
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-05-31 14:07:33
(1 month ago)
[Sun May 31 21:07:30.569758 2026] [security2:error] [pid 1176162:tid 140573569693376] [client 138.94 ...
show more
[Sun May 31 21:07:30.569758 2026] [security2:error] [pid 1176162:tid 140573569693376] [client 138.94.219.194:53934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "ahxAovWxLU_lI_GzR-dJwQAADgM"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1176170] [NU42mR205/4] [ahxAovWxLU_lI_GzR-dJwQAADgM] keep_alive=[1] [2026-05-31 21:07:30.569765] [R:ahxAovWxLU_lI_GzR-dJwQAADgM] UA:'Mozilla/5.0 (Linux; Android 7; SM-S90
...
show less
Email Spam
Hacking
Anonymous
2026-05-29 04:40:03
(1 month ago)
Web App Attack, Hacking
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2026-05-28 00:59:49
(1 month ago)
[Thu May 28 07:59:46.061471 2026] [security2:error] [pid 249105:tid 139852143032000] [client 138.94. ...
show more
[Thu May 28 07:59:46.061471 2026] [security2:error] [pid 249105:tid 139852143032000] [client 138.94.219.194:51998] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "815"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET / HTTP/2.0 Request URI RAW = / Request Basename = "] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aheTglYCz2oQX5-Eu9qKpAABghg"], referer https://staklim-jatim.b
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
securejdprop
2026-05-20 06:35:16
(1 month ago)
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 26). Ip 138.94.219.194 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-05-20 06:35:15.710648044 +0000 UTC
show less
Hacking
Web App Attack
๐ฎ๐ฉ
securejdprop
2026-05-18 22:11:27
(1 month ago)
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 26). Ip 138.94.219.194 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-05-18 22:11:26.307307654 +0000 UTC
show less
Hacking
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: