JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 156.249.138.13

156.249.138.13 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35916
Domain Name	cloudinnovation.org
Country	🇹🇭 Thailand
City	Bangkok, Bangkok

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 156.249.138.13

Whois 156.249.138.13

IP Abuse Reports for 156.249.138.13:

This IP address has been reported a total of 7 times from 5 distinct sources. 156.249.138.13 was first reported on November 17th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-10-02 21:13:10 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 156.249.138.13 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 156.249.138.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 02 17:13:04.580371 2025] [security2:error] [pid 27541:tid 27541] [client 156.249.138.13:15473] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|newerc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "newerc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aN7q4O3rfEzLqJTElCcaRgAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 17:50:47 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 156.249.138.13 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 156.249.138.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 13:50:40.786202 2025] [security2:error] [pid 21295:tid 21295] [client 156.249.138.13:47915] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|unitedletter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "unitedletter.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aN1p8CrSOdO0Q7kzORZ9eQAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 04:36:33 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 156.249.138.13 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 156.249.138.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 00:36:29.957882 2025] [security2:error] [pid 28275:tid 28275] [client 156.249.138.13:28981] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|newlife.org.au\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "newlife.org.au"] [uri "/wp-json/wp/v2/users"] [unique_id "aNyvzf-EifDgAIjpXB59UwAAABM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇱 Dolphi	2025-09-07 07:50:03 (9 months ago)	POST //xmlrpc.php	Brute-Force Web App Attack
Anonymous	2025-03-30 07:52:16 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇯🇵 ki3	2025-02-04 01:24:25 (1 year ago)	Fail2Ban: Web App Attacks and Forum Spam 156.249.138.13 1738632264.0(JST)	Web Spam Bad Web Bot Web App Attack
Anonymous	2024-11-17 00:01:47 (1 year ago)	Testing cards.	Fraud Orders

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 104.28.159.47

🇺🇸 34.27.42.6

🇷🇴 2a06:1fc0:0:1::224

🇰🇷 211.238.237.254

🇹🇳 197.244.218.77

🇮🇳 182.95.124.206

🇨🇴 179.1.196.115

🇺🇸 172.93.233.221

🇺🇸 168.181.228.209

🇸🇬 159.65.2.17

🇩🇪 155.117.127.214

🇵🇰 103.72.1.69

🇺🇸 66.132.172.108

🇬🇧 34.142.110.144

🇺🇸 20.184.175.10

🇰🇷 221.163.5.228

🇨🇳 218.81.180.21

🇬🇧 217.154.42.110

🇮🇳 182.95.226.138

🇦🇺 134.199.156.104