AbuseIPDB » 140.213.1.244
140.213.1.244
This IP was reported 6 times. Confidence of
Abuse
is 0% : ?
ISP
PT XLSMART Telecom Sejahtera Tbk
Usage Type
Fixed Line ISP
ASN
AS139994
Domain Name
xl.co.id
Country
๐ฎ๐ฉ
Indonesia
City
Makassar, South Sulawesi
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 140.213.1.244 :
This IP address has been reported a total of
6
times from
5 distinct
sources.
140.213.1.244 was first reported on
December 15th 2024 , and the most recent report was
1 month ago
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐จ๐ฆ
Paulo Henrique dos Santos Nichio
2026-05-13 01:32:40
(1 month ago)
(ls_brute) LiteSpeed Brute Force Attack 140.213.1.244 (ID/Indonesia/-): 3 in the last 600 secs; Port ...
show more
(ls_brute) LiteSpeed Brute Force Attack 140.213.1.244 (ID/Indonesia/-): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-12 22:32:13.013348 [WARN] [681271] [T0] [140.213.1.244:14757-2#APVH_www.nowradios.com.br:443] Brute force detected for IP [140.213.1.244], throttle.
2026-05-12 22:32:24.031858 [WARN] [681271] [T0] [140.213.1.244:14757-3#APVH_www.nowradios.com.br:443] Brute force detected for IP [140.213.1.244], throttle.
2026-05-12 22:32:35.026126 [WARN] [681271] [T0] [140.213.1.244:14757-4#APVH_www.nowradios.com.br:443] Brute force detected for IP [140.213.1.244], throttle.
show less
Port Scan
๐บ๐ธ
MPL
2025-09-16 18:35:04
(9 months ago)
tcp/445 (90 or more attempts)
Port Scan
๐ฎ๐ฉ
hermawan
2025-05-03 01:40:52
(1 year ago)
[Sat May 03 08:40:43.543405 2025] [security2:error] [pid 301169:tid 140283683845824] [client 140.213 ...
show more
[Sat May 03 08:40:43.543405 2025] [security2:error] [pid 301169:tid 140283683845824] [client 140.213.1.244:2878] ModSecurity: Access denied with code 403 (phase 2). Match of "rx [0-9]\\\\s*\\\\'\\\\s*[0-9]" against "MATCHED_VAR" required. [file "/etc/modsecurity/coreruleset-4.13.0/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "1747"] [id "932240"] [msg "Remote Command Execution: Unix Command Injection evasion attempt detected"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: s1746236442$o1 found within MATCHED_VAR: GS2.1.s1746236442$o1$g0$t1746236442$j60$l0$h0 request_line = GET /gtag-kpo-v2.js HTTP/2.0 Request URI RAW = /gtag-kpo-v2.js Request Basename = gtag-kpo-v2.js"] [severity "CRITICAL"] [ver "OWASP_CRS/4.13.0"] [tag "application-multi"] [tag "language-shell"] [tag "platform-unix"] [tag "attack-rce"] [tag "paranoia-level/2"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-RCE"] [tag "capec/1000/152/248/88"] [tag "P
...
show less
Hacking
Web App Attack
๐ฉ๐ช
โโโโโ
2024-12-15 08:29:45
(1 year ago)
SMB ๐ด Honeypot: connected to port 445 by 140.213.1.244: port 10007
Port Scan
๐ณ๐ฑ
Study Bitcoin ๐ค
2024-12-15 08:02:21
(1 year ago)
Port probe to tcp/445 (smb)
[srv128]
Port Scan
Hacking
๐ณ๐ฑ
Study Bitcoin ๐ค
2024-12-15 05:54:37
(1 year ago)
Port probe to tcp/445 (smb)
[srv130]
Port Scan
Hacking
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: