JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.135.189.22

209.135.189.22 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 17%: ?

17%

ISP	LitFiber LLC
Usage Type	Fixed Line ISP
ASN	AS26911
Domain Name	litfiber.org
Country	🇺🇸 United States of America
City	Madisonville, Kentucky

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.135.189.22

Whois 209.135.189.22

IP Abuse Reports for 209.135.189.22:

This IP address has been reported a total of 6 times from 5 distinct sources. 209.135.189.22 was first reported on February 1st 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-06-29 13:08:03 (6 hours ago)	Honeypot hit: Unauthorized traffic (68 bytes of payload); 57638 [3] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (68 bytes of payload); 57638 [3] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇵🇱 sefinek.net	2026-06-17 04:33:15 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/2 (GET ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.5 Safari/605.1.15 Ddg/26.5 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 hermawan	2026-06-06 21:49:58 (3 weeks ago)	[Sun Jun 07 04:49:53.984947 2026] [security2:error] [pid 323591:tid 140594165831360] [client 209.135 ... show more [Sun Jun 07 04:49:53.984947 2026] [security2:error] [pid 323591:tid 140594165831360] [client 209.135.189.22:58184] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story"] [unique_id "aiSWAcZ6CiOQYmc9c5ZNQgABBwE"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[323593] [26vkwdyXerM] [aiSWAcZ6CiOQYmc9c5ZNQgABBwE] keep_alive=[1] [2026-06-07 04:49:53.984953] [R:aiSWAcZ6CiOQYmc9c5ZNQgABBwE] UA:'Mozilla/5.0 (Linux; Android 14; Pixel 6 P ... show less	Email Spam Hacking
🇬🇧 Oakley	2026-05-09 14:33:21 (1 month ago)	(mod_security) mod_security (id:900209) triggered by 209.135.189.22 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:900209) triggered by 209.135.189.22 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
Anonymous	2026-02-05 05:13:34 (4 months ago)	botnet	DDoS Attack
🇧🇷 hostseries	2026-02-01 08:52:29 (4 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 158.94.187.80

🇺🇸 98.204.134.124

🇻🇳 14.225.7.70

🇷🇴 2.57.122.150

🇧🇪 198.235.24.180

🇳🇱 195.178.110.26

🇨🇴 190.65.59.53

🇲🇽 189.203.163.10

🇮🇹 151.0.160.69

🇫🇷 54.38.190.246

🇺🇸 45.156.129.134

🇷🇴 2.57.121.25

🇧🇷 149.19.165.96

🇮🇳 117.200.93.93

🇫🇮 95.133.253.196

🇳🇱 91.92.242.178

🇬🇧 87.236.176.113

🇩🇪 80.158.109.51

🇩🇪 46.224.207.253

🇧🇼 41.216.214.29