JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 186.195.0.108

186.195.0.108 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 4%: ?

ISP	TUX NET SERVIÇOS DE INFORMÁTICA LTDA
Usage Type	Fixed Line ISP
ASN	AS262734
Hostname(s)	dedicado108.redetuxnet.com.br
Domain Name	redetuxnet.com.br
Country	🇧🇷 Brazil
City	Feira de Santana, Bahia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 186.195.0.108

Whois 186.195.0.108

IP Abuse Reports for 186.195.0.108:

This IP address has been reported a total of 19 times from 13 distinct sources. 186.195.0.108 was first reported on February 23rd 2024, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-24 10:13:17 (7 hours ago)	[Wed Jun 24 17:13:13.364985 2026] [security2:error] [pid 527392:tid 139966161028800] [client 186.195 ... show more [Wed Jun 24 17:13:13.364985 2026] [security2:error] [pid 527392:tid 139966161028800] [client 186.195.0.108:54453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/analisis-iklim/analisis-musim/perbandingan-musim-kemarau/perbandingan-awal-musim-kemarau-dengan-normalnya HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-musim/perbandingan-musim-kemarau/perbandingan-awal-musim-kemarau-dengan-normalnya"] [unique_id "ajutuTUYR7GZUYo09eSVyAACkQ4"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[527409] [djCEHz2R7JI] [ajutuTUYR7GZUYo09eSVyAACkQ4] keep_alive=[1] [2026-06- ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-23 18:32:24 (23 hours ago)	[Wed Jun 24 01:32:23.508334 2026] [security2:error] [pid 854921:tid 140190177707712] [client 186.195 ... show more [Wed Jun 24 01:32:23.508334 2026] [security2:error] [pid 854921:tid 140190177707712] [client 186.195.0.108:38126] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bing" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "254"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bing found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 9; SM-N950U Build/PPR1.180610.011; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36 BingSapphire/32.3.430811002 request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-bulanan/infografis-bulanan-buletin HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-bulanan/infografis-bulanan-buletin"] [unique_id "ajrRN7fgtBzDS3w3JkXw1QACyBg"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-ja ... show less	Email Spam Hacking
🇮🇹 A000Z	2026-04-14 00:25:51 (2 months ago)	Fail2Ban: 186.195.0.108 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5. ... show more Fail2Ban: 186.195.0.108 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-08 16:38:53 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 186.195.0.108 (dedicado108.redetuxnet.com.br): ... show more (mod_security) mod_security (id:210730) triggered by 186.195.0.108 (dedicado108.redetuxnet.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 12:38:47.883857 2026] [security2:error] [pid 3074143:tid 3074143] [client 186.195.0.108:8966] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.med-engineering.com\|F\|2"] [data ".rocephin.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/www.rocephin.com"] [unique_id "adaElwLCKkvdzZVwBT4ihwAAAAA"], referer: https://www.med-engineering.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-01-11 03:14:17 (5 months ago)	2026-01-11 03:14:17 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2026-01-11 00:52:30 (5 months ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇺🇸 RAP	2026-01-10 19:59:21 (5 months ago)	2026-01-10 19:59:21 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2025-11-18 03:50:23 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇨🇭 ALPHANET	2025-09-25 03:25:13 (8 months ago)	Botnet or web spider not respecting robots.txt	DDoS Attack Exploited Host
🇫🇷 Sklurk	2025-08-19 03:00:32 (10 months ago)	Web App Attack	Web App Attack
🇪🇸 Global Cyber Police	2025-07-28 06:38:44 (10 months ago)	Malicious bot activity detected: Hitting honeypot page. Part of massive botnet.	DDoS Attack Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-22 11:21:36 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-11-13 02:37:12 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-09-14 03:25:33 (1 year ago)	Unsollicted Connect (2 Times), to port(s): 443	Port Scan Bad Web Bot Web App Attack
Anonymous	2024-09-14 02:50:32 (1 year ago)	Unsollicted Connect (3 Times), to port(s): 443	Port Scan Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.233.61.22

🇱🇹 62.60.130.238

🇺🇸 43.159.132.207

🇦🇷 190.244.39.224

🇮🇹 188.216.34.138

🇩🇪 167.94.146.46

🇮🇹 151.95.211.132

🇩🇪 130.12.181.12

🇨🇳 120.193.9.169

🇳🇱 91.92.40.151

🇷🇺 31.173.0.140

🇺🇸 12.150.243.22

🇵🇱 194.180.49.54

🇦🇺 118.211.165.46

🇮🇳 116.72.218.36

🇱🇻 81.30.98.144

🇮🇶 65.20.187.47

🇰🇷 52.141.58.234

🇨🇳 112.49.235.195

🇸🇬 97.74.88.143