JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.238.223.115

45.238.223.115 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 24%: ?

24%

ISP	CA VI CU SRL
Usage Type	Fixed Line ISP
ASN	AS266843
Domain Name	cavicu.com.ar
Country	🇦🇷 Argentina
City	Curuzu Cuatia, Corrientes

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.238.223.115

Whois 45.238.223.115

IP Abuse Reports for 45.238.223.115:

This IP address has been reported a total of 24 times from 18 distinct sources. 45.238.223.115 was first reported on March 24th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-07 20:16:44 (1 week ago)	[Mon Jun 08 03:16:44.384547 2026] [security2:error] [pid 323746:tid 140410012415680] [client 45.238. ... show more [Mon Jun 08 03:16:44.384547 2026] [security2:error] [pid 323746:tid 140410012415680] [client 45.238.223.115:47806] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yahoo.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yahoo.go.id found within REQUEST_HEADERS:Referer: https://www.yahoo.go.id/ request_line = GET /index-v100.js HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index-v100.js"] [unique_id "aiXRrOTYA6xxO6UZAJSEugABBQc"], referer https://www.yahoo.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[323755] [8ZyIkm9jd9s] [aiXRrOTYA6xxO6UZAJSEugABBQc] keep_alive=[1] [2026-06-08 03:16:44.384553] [R:aiXRrOTYA6xxO6UZAJSEugABBQc] UA:'Mozilla/5.0 (Linux; Android 14; Pixel 6 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.119 Mobile Safari/537.36 OPR/81.2.4292.78 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-03 03:07:02 (1 week ago)	[Wed Jun 03 10:06:56.173507 2026] [security2:error] [pid 67896:tid 139776343652032] [client 45.238.2 ... show more [Wed Jun 03 10:06:56.173507 2026] [security2:error] [pid 67896:tid 139776343652032] [client 45.238.223.115:60773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/analisis-iklim/analisis-musim/perbandingan-musim-kemarau/perbandingan-awal-musim-kemarau-dengan-normalnya HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-musim/perbandingan-musim-kemarau/perbandingan-awal-musim-kemarau-dengan-normalnya"] [unique_id "ah-aUH0FDi3mz6DAF-FE-QAAAAU"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[67902] [sJJMuJDsWkw] [ah-aUH0FDi3mz6DAF-FE-QAAAAU] keep_alive=[1] [2026-06-0 ... show less	Email Spam Hacking
🇩🇪 milcraft.nl	2026-05-14 02:50:49 (1 month ago)	Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi ... show more Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi patterns: filter_, add-to-cart=, orderby=, product_count=. Activity is consistent with high-volume request abuse. show less	DDoS Attack Web App Attack
🇬🇧 PeravixGroup	2026-05-09 23:38:33 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇱🇹 NotACaptcha	2026-05-05 01:32:40 (1 month ago)	Unauthorised access (May 5 04:32) SRC=45.238.223.115 LEN=60 TTL=40 ID=49526 DF TCP DPT=23 WINDOW=65 ... show more Unauthorised access (May 5 04:32) SRC=45.238.223.115 LEN=60 TTL=40 ID=49526 DF TCP DPT=23 WINDOW=65535 SYN show less	Port Scan
🇪🇸 librebit	2026-05-01 04:54:32 (1 month ago)	Brute force	Brute-Force
🇩🇪 Phenix Info	2026-04-26 07:12:21 (1 month ago)	SmallGuard.fr/Prestashop Massive 403	Web App Attack
🇩🇪 big-cloud.nl	2026-04-22 21:08:45 (1 month ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇪🇸 librebit	2026-01-23 05:17:27 (4 months ago)	Brute force	Brute-Force
Anonymous	2025-12-25 08:20:45 (5 months ago)	scanning http requests from known botnet	Web App Attack
🇮🇹 VHosting	2025-12-24 08:25:13 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇩🇪 SMARTNET	2025-11-26 02:37:10 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
Anonymous	2025-11-25 10:57:36 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 SiliSoftware	2025-11-23 05:47:29 (6 months ago)	/phpBB3/viewtopic.php?f=22&t=1038&sid=3aa8b53792676eebc091b0fab0c1297b	Web App Attack
Anonymous	2025-11-17 18:04:18 (6 months ago)	scanning http requests from known botnet	Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.179.120.26

🇧🇷 190.115.84.25

🇦🇷 186.22.19.183

🇸🇪 171.25.158.57

🇭🇰 156.251.176.28

🇨🇳 123.144.27.204

🇨🇳 111.225.149.233

🇨🇳 111.30.42.43

🇩🇪 69.5.169.54

🇨🇳 218.21.243.58

🇸🇪 185.246.128.133

🇭🇰 185.239.84.249

🇰🇷 129.154.60.59

🇵🇭 122.53.105.206

🇨🇳 111.225.149.229

🇺🇸 72.10.32.138

🇨🇳 223.166.206.45

🇰🇷 221.163.5.228

🇸🇦 188.53.164.217

🇨🇳 111.225.149.216