JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.138.221.40

45.138.221.40 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 52%: ?

52%

ISP	Spetsavtomatikaservice LLP
Usage Type	Fixed Line ISP
ASN	AS211028
Domain Name	sas-telecom.kz
Country	🇰🇿 Kazakhstan
City	Aktau, Mangystau

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.138.221.40

Whois 45.138.221.40

IP Abuse Reports for 45.138.221.40:

This IP address has been reported a total of 44 times from 28 distinct sources. 45.138.221.40 was first reported on May 17th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-14 03:15:54 (2 days ago)	Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signatur ... show more Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signature Blocked: /wishlist/index/add/product/10937/form_key/NTG6byH7UJD8qABb/ \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like G... show less	Hacking Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-09 18:13:18 (6 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇳🇱 soverin	2026-06-08 04:19:06 (1 week ago)	spam	Email Spam
🇪🇸 librebit	2026-06-06 01:18:13 (1 week ago)	Listed IP in blacklist by postfix/dnsblog	Spoofing
🇳🇱 soverin	2026-06-05 15:01:42 (1 week ago)	spam	Email Spam
🇨🇭 backslash	2026-06-04 12:42:00 (1 week ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇬🇧 PeravixGroup	2026-06-03 05:27:02 (1 week ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-01 10:04:15 (2 weeks ago)	SMTP scanner - relay access denied	Brute-Force Exploited Host
🇳🇱 Grad	2026-05-15 05:14:45 (1 month ago)	May 15 07:14:45 server postfix/smtpd[1788746]: NOQUEUE: reject: RCPT from unknown[45.138.221.40]: 45 ... show more May 15 07:14:45 server postfix/smtpd[1788746]: NOQUEUE: reject: RCPT from unknown[45.138.221.40]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [45.138.221.40]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[45.138.221.43]> ... show less	Email Spam Brute-Force
🇳🇱 knock	2026-05-09 04:33:05 (1 month ago)	Knock-Knock honeypot brute-force: Telnet (8 total hits)	Brute-Force
Anonymous	2026-05-08 01:21:50 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
Anonymous	2026-05-04 14:33:15 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇧🇷 chronos	2026-05-02 14:19:20 (1 month ago)	Attempted unauthorized access to Telnet (port 23), likely brute force. \| Port: 23 \| Proto: TCP \| Loc ... show more Attempted unauthorized access to Telnet (port 23), likely brute force. \| Port: 23 \| Proto: TCP \| Location: Kazakhstan, Aktau show less	Hacking Exploited Host Port Scan Brute-Force
🇫🇷 security.rdmc.fr	2026-05-01 20:16:33 (1 month ago)	Port Scan Attack proto:TCP src:22233 dst:23	Port Scan
🇺🇸 TPI-Abuse	2026-04-29 20:59:08 (1 month ago)	(mod_security) mod_security (id:225080) triggered by 45.138.221.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225080) triggered by 45.138.221.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 16:59:00.886477 2026] [security2:error] [pid 28166:tid 28166] [client 45.138.221.40:8166] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^[\\\\d\\\\.ab]+$" against "ARGS_GET:C" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "143"] [id "225080"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Plupload before 2.1.9 or MediaElement.js before 2.21.0, as used in WordPress before 4.5.2 (CVE-2016-4566 & CVE-2016-4567)\|\|cffragrances.iee-usa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cffragrances.iee-usa.com"] [uri "/wp-includes/js/tinymce/plugins/wordpress/"] [unique_id "afJxFGYUemfZJJesbdzG3AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.223.235.60

🇳🇱 45.148.10.121

🇺🇸 23.166.168.62

🇨🇳 1.116.110.170

🇺🇸 185.191.171.11

🇺🇸 135.237.127.161

🇮🇳 125.19.194.166

🇺🇸 109.166.39.165

🇳🇱 91.92.40.6

🇳🇱 87.121.69.138

🇯🇵 58.98.197.137

🇻🇳 42.96.19.37

🇨🇳 223.113.8.231

🇩🇪 188.122.68.217

🇳🇱 185.242.226.19

🇹🇼 141.11.42.76

🇵🇰 139.135.59.131

🇫🇷 84.235.229.254

🇱🇹 45.227.254.170

🇨🇦 20.116.17.49