JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.213.187.190

140.213.187.190 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 0%: ?

ISP	PT XLSMART Telecom Sejahtera Tbk
Usage Type	Fixed Line ISP
ASN	AS139994
Domain Name	xl.co.id
Country	🇮🇩 Indonesia
City	Surabaya, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.213.187.190

Whois 140.213.187.190

IP Abuse Reports for 140.213.187.190:

This IP address has been reported a total of 25 times from 23 distinct sources. 140.213.187.190 was first reported on June 24th 2021, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 LotPhantom	2026-03-16 12:59:27 (3 months ago)	140.213.187.190 - - [16/Mar/2026:12:58:27 +0000] "GET /.env HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Wind ... show more 140.213.187.190 - - [16/Mar/2026:12:58:27 +0000] "GET /.env HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "0" ... show less	Web App Attack
🇩🇪 acadeova	2026-03-15 22:03:51 (3 months ago)	Blocked by UFW on vps2 [80/tcp] Source port: 6103 TTL: 116 Packet length: 52 TOS: 0x00 This report ... show more Blocked by UFW on vps2 [80/tcp] Source port: 6103 TTL: 116 Packet length: 52 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 jfz-abuse	2026-03-14 00:34:15 (3 months ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇸🇬 anotherwatcher	2026-03-13 23:33:52 (3 months ago)	bad bot	Bad Web Bot
🇧🇪 sid3windr	2026-03-13 06:42:36 (3 months ago)	GET /.env (Tarpitted for 1d15h8m26s, wasted 8.06MB)	Web App Attack
🇫🇮 geot	2026-03-12 17:08:52 (3 months ago)	POST / HTTP/1.1 GET /.env HTTP/1.1	Port Scan Hacking Web App Attack
🇩🇪 Hugopvigo	2026-03-11 15:59:31 (3 months ago)	140.213.187.190 - - [11/Mar/2026:16:59:30 +0100] "GET /.env HTTP/1.1" 403 495 "-" "Mozilla/5.0 (X11; ... show more 140.213.187.190 - - [11/Mar/2026:16:59:30 +0100] "GET /.env HTTP/1.1" 403 495 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Hacking Brute-Force Web App Attack SSH
🇩🇪 Mr-Money	2026-03-11 12:24:11 (3 months ago)	140.213.187.190 - - [11/Mar/2026:13:24:10 +0100] "GET /.env HTTP/1.1" 404 437 "-" "Mozilla/5.0 (X11; ... show more 140.213.187.190 - - [11/Mar/2026:13:24:10 +0100] "GET /.env HTTP/1.1" 404 437 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
🇩🇪 Bedios GmbH	2026-03-11 12:08:27 (3 months ago)	Login credentials theft attempt	Hacking
Anonymous	2026-03-11 10:12:34 (3 months ago)	140.213.187.190 - - [11/Mar/2026:11:12:34 +0100] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; ... show more 140.213.187.190 - - [11/Mar/2026:11:12:34 +0100] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Web App Attack
Anonymous	2026-03-11 09:31:08 (3 months ago)		DNS Compromise DDoS Attack
🇩🇪 wp1web.com	2026-03-11 09:00:12 (3 months ago)	env-file - Search for .env data weakness (/.env) by 140.213.187.190 (Surabaya; [object Object]) - co ... show more env-file - Search for .env data weakness (/.env) by 140.213.187.190 (Surabaya; [object Object]) - collected by docker http-honeypot show less	Web App Attack
Anonymous	2026-03-11 05:01:23 (3 months ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
Anonymous	2026-03-10 21:57:42 (3 months ago)	2026-03-10T21:57:41.737326+00:00 caddy caddy[81692]: {"level":"info","ts":1773179861.737228,"logger" ... show more 2026-03-10T21:57:41.737326+00:00 caddy caddy[81692]: {"level":"info","ts":1773179861.737228,"logger":"http.log.access","msg":"handled request","request":{"remote_ip":"140.213.187.190","remote_port":"4283","client_ip":"140.213.187.190","proto":"HTTP/1.1","method":"GET","host":"142.132.232.19","uri":"/.env","headers":{"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"],"Accept-Encoding":["gzip, deflate"],"Accept":["/"],"Connection":["keep-alive"]}},"bytes_read":0,"user_id":"","duration":0.00007796,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://142.132.232.19/.env"],"Content-Type":[],"Server":["Caddy"]}} ... show less	Hacking Web App Attack
🇩🇪 arc21	2026-03-10 21:48:39 (3 months ago)	2026-03-10T21:48:38.862922+00:00 database-prodv1-game kernel: [343254.585259] [UFW BLOCK] IN=eth0 OU ... show more 2026-03-10T21:48:38.862922+00:00 database-prodv1-game kernel: [343254.585259] [UFW BLOCK] IN=eth0 OUT= MAC=92:00:06:71:5d:8a:d2:74:7f:6e:37:e3:08:00 SRC=140.213.187.190 DST=142.132.169.25 LEN=52 TOS=0x00 PREC=0x00 TTL=100 ID=15996 DF PROTO=TCP SPT=6959 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 85.217.140.52

🇺🇸 216.218.206.96

🇩🇪 169.150.201.9

🇺🇸 135.119.73.164

🇮🇩 125.166.12.47

🇬🇧 87.106.35.227

🇧🇬 79.124.62.134

🇷🇺 78.107.31.154

🇺🇸 71.6.199.65

🇨🇳 42.247.107.130

🇻🇳 42.96.19.37

🇧🇷 35.247.238.136

🇹🇭 1.10.204.195

🇺🇸 2620:171:d6:f002:9999::49

🇬🇧 195.96.139.92

🇩🇪 185.209.196.239

🇵🇱 130.49.155.19

🇨🇳 120.48.54.98

🇺🇸 54.145.210.53

🇯🇵 43.165.185.71