JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.43.133.140

89.43.133.140 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 97%: ?

97%

ISP	Turk Telekom International HU Kft
Usage Type	Fixed Line ISP
ASN	AS216472
Domain Name	turktelekomint.com
Country	🇸🇾 Syrian Arab Republic
City	Aleppo, Aleppo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.43.133.140

Whois 89.43.133.140

IP Abuse Reports for 89.43.133.140:

This IP address has been reported a total of 131 times from 63 distinct sources. 89.43.133.140 was first reported on November 14th 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-24 23:28:33 (1 month ago)	Unauthorized connection to Telnet port 23	Port Scan
🇺🇸 MPL	2026-04-24 18:51:52 (1 month ago)	tcp/23	Port Scan
🇺🇸 TPI-Abuse	2026-04-22 18:11:59 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 89.43.133.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 89.43.133.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 14:11:53.028039 2026] [security2:error] [pid 1628017:tid 1628017] [client 89.43.133.140:46742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.et.lobibilisim.com"] [uri "/vendor/laravelcollective/html/composer.json"] [unique_id "aekPaZEGalQ2CVcuH-dBDwAAABk"], referer: https://www.et.lobibilisim.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 12:29:19 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 89.43.133.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 89.43.133.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 08:29:15.793042 2026] [security2:error] [pid 14494:tid 14494] [client 89.43.133.140:49894] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|phantomkennels.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "phantomkennels.com"] [uri "/speeddial.com"] [unique_id "aeN5G0gxS4cs8sMzx0KtUgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-04-07 08:17:27 (1 month ago)	Brute-force/Enumeration: Multiple login attempts for non-existent mail accounts (Honeytrap).	Email Spam Brute-Force
🇺🇸 TPI-Abuse	2026-04-05 17:56:59 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 89.43.133.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 89.43.133.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 13:56:54.194255 2026] [security2:error] [pid 527:tid 527] [client 89.43.133.140:45260] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.borzois.com\|F\|2"] [data ".borzois.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.borzois.com"] [uri "/www.borzois.com"] [unique_id "adKiZqm7v9OLSWJ0MjGaVwAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-31 17:33:55 (2 months ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇳🇱 wlt-blocker	2026-03-31 06:04:54 (2 months ago)	Attempts to login to mail server with wrong username and/or password	Brute-Force
🇺🇸 stechusa	2026-03-30 18:54:45 (2 months ago)	[Askari] \| country=HU \| Behavior: HTTP/1.1 over TLS, Targeting specific pages, Outdated browser, Con ... show more [Askari] \| country=HU \| Behavior: HTTP/1.1 over TLS, Targeting specific pages, Outdated browser, Concurrent page load during attack show less	Bad Web Bot DDoS Attack
🇺🇸 stechusa	2026-03-30 18:54:45 (2 months ago)	ELEVATED_THREAT \| country=HU \| ASN=High Speed For Internet Services L.L.C \| 13 IPs targeting /brand/ ... show more ELEVATED_THREAT \| country=HU \| ASN=High Speed For Internet Services L.L.C \| 13 IPs targeting /brand/satco-products-inc/satco-light-bulbs/satco-led-bulbs.html \| Facet request during elevated threat (facet_ratio=0.79, unique_ips=397) \| HTTP/1.1 over TLS (elevated=True) show less	Bad Web Bot DDoS Attack
🇩🇪 jasperedv.de	2026-03-28 07:33:33 (2 months ago)	Failed IMAP Login - Brutforcing	Email Spam Brute-Force
🇩🇪 FeG Deutschland	2026-03-27 12:44:37 (2 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇺🇸 kosada.com	2026-03-26 16:13:37 (2 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇸🇬 mypatricks	2026-03-14 09:45:56 (2 months ago)	89.43.133.140 \| Port: 10546 \| DNS: 89.43.133.140 2026-03-14T17:45:54+08:00 Asia/Damascus \| FETCH Spr ... show more 89.43.133.140 \| Port: 10546 \| DNS: 89.43.133.140 2026-03-14T17:45:54+08:00 Asia/Damascus \| FETCH Sproofing Activity Detetced. \| UA: Mozilla/5.0 (Linux; Android 8.0.0; SM-G955U Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3154.157 Mobile Safari/537.36 HTTP/1.1 443 GET \| URL: /?e----b------------b=c----------a----fb \| Ref: https://xxxxxx?f--------ef--------cb------a----=MzM%3D \| Country: SY/Syrian Arab Republic/+02:00 IP City: Aleppo 9dc25925be7d65c2-FRA/Frankfurt, Germany 1 hits/0 secs Robots 1 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇳🇱 Site.eu	2026-03-12 11:47:48 (2 months ago)	Excessive multi-domain requests	Brute-Force

Showing 76 to 90 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.108.147.76

🇮🇶 81.22.35.238

🇩🇪 69.5.169.3

🇺🇸 66.132.172.34

🇩🇪 47.245.135.78

🇬🇧 37.10.113.218

🇨🇳 221.234.36.123

🇺🇸 205.210.31.103

🇭🇰 199.45.154.119

🇺🇸 195.184.76.125

🇧🇷 177.198.104.230

🇳🇱 109.106.244.93

🇺🇸 91.230.168.215

🇺🇸 91.230.168.89

🇮🇹 91.80.152.183

🇱🇹 45.227.254.170

🇺🇸 32.218.110.75

🇰🇷 211.106.137.135

🇺🇸 205.210.31.85

🇹🇼 198.235.24.78