JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.0.154.140

188.0.154.140 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	Jusan Mobile JSC
Usage Type	Fixed Line ISP
ASN	AS35104
Domain Name	jusanmobile.kz
Country	🇰🇿 Kazakhstan
City	Aktobe, Aktobe

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.0.154.140

Whois 188.0.154.140

IP Abuse Reports for 188.0.154.140:

This IP address has been reported a total of 11 times from 11 distinct sources. 188.0.154.140 was first reported on February 11th 2021, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2025-01-21 00:59:45 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from KZ. Action taken: BLOCK ASN: 35104 (KTC-AS) Protocol: ... show more Triggered Cloudflare WAF (firewallCustom) from KZ. Action taken: BLOCK ASN: 35104 (KTC-AS) Protocol: HTTP/1.0 (GET method) Endpoint: //genshin-stella-mod Timestamp: 2025-01-21T00:11:55Z Ray ID: 905316f8ed6f65bf UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-01-18 05:53:46 (1 year ago)	(mod_security) mod_security (id:210831) triggered by 188.0.154.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 188.0.154.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 18 00:53:40.850885 2025] [security2:error] [pid 11384:tid 11384] [client 188.0.154.140:27299] [client 188.0.154.140] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|thechoiceint.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thechoiceint.com"] [uri "/"] [unique_id "Z4tB5DhGDgicwv9w0VUOvQAAAAA"], referer: https://xn--meg-sb20-px0d.com show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-01-08 19:19:37 (1 year ago)	Cloudflare WAF: Request Path: ///////////// Request Query: Host: foro.elhacker.net userAgent: Mozil ... show more Cloudflare WAF: Request Path: ///////////// Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: KTC-AS Country: KZ Method: GET Timestamp: 2025-01-08T19:19:37Z ruleId: c0c2d5c2a7024f7fbdba4d0f7a002ea8. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇦 Largnet SOC	2021-04-13 00:38:05 (5 years ago)	Icarus honeypot on github	Hacking
🇩🇪 Little Iguana	2021-04-05 00:39:19 (5 years ago)	trying to access non-authorized port	Port Scan
🇩🇪 AbuseBaer	2021-04-02 06:26:17 (5 years ago)	Many RDP login attempts detected by IDS script	Brute-Force
🇬🇧 oppidans.net	2021-04-01 01:49:22 (5 years ago)	Apr 1 05:49:19 ns3092206 kernel: [2565299.098087] [IPTABLES REFUSED] IN=eno1 OUT= MAC=a4:bf:01:23:8 ... show more Apr 1 05:49:19 ns3092206 kernel: [2565299.098087] [IPTABLES REFUSED] IN=eno1 OUT= MAC=a4:bf:01:23:86:16:40:ce:24:b2:7f:7c:08:00 SRC=188.0.154.140 DST=145.239.253.26 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=20120 DF PROTO=TCP SPT=59494 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 show less	Port Scan Hacking
Anonymous	2021-03-31 22:57:33 (5 years ago)	SSH fail RA	Brute-Force SSH
🇺🇸 www.serverprotection.dev	2021-03-14 08:41:56 (5 years ago)	Attempt to access port 22 by IP 188.0.154.140	Port Scan
🇵🇱 ChillScanner	2021-03-10 16:39:12 (5 years ago)	1 probe(s) @ TCP(445)	Port Scan
🇫🇷 Skymote.net	2021-02-11 02:55:44 (5 years ago)	Connection to port tcp/445	Port Scan

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.251.123.104

🇻🇳 113.179.142.246

🇻🇳 103.97.135.244

🇳🇱 91.92.40.7

🇺🇸 64.23.201.28

🇱🇹 45.227.254.170

🇬🇧 35.203.211.192

🇬🇧 35.203.210.230

🇸🇪 9.223.176.221

🇧🇷 4.201.96.144

🇮🇪 207.254.22.207

🇹🇼 198.235.24.116

🇺🇸 198.23.187.155

🇵🇾 181.123.62.210

🇭🇰 103.210.22.17

🇺🇸 66.249.68.129

🇺🇸 47.254.27.133

🇸🇪 2a01:9580:409:95:9999::203

🇺🇸 192.185.4.148

🇰🇷 175.200.217.128