JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.253.38.55

123.253.38.55 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 22%: ?

22%

ISP	Onesky Communications Limited
Usage Type	Fixed Line ISP
ASN	AS136514
Hostname(s)	123.253.38-55.onesky.net.bd
Domain Name	onesky.com.bd
Country	🇧🇩 Bangladesh
City	Dhaka, Dhaka Division

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.253.38.55

Whois 123.253.38.55

IP Abuse Reports for 123.253.38.55:

This IP address has been reported a total of 9 times from 6 distinct sources. 123.253.38.55 was first reported on January 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 cwytech	2026-06-22 13:22:07 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 19:42:09 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 ... show more (mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:42:02.235837 2026] [security2:error] [pid 3528:tid 3528] [client 123.253.38.55:58632] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 123.253.38.55 (+1 hits since last alert)\|celebritybikinigossip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celebritybikinigossip.com"] [uri "/xmlrpc.php"] [unique_id "ajg-ilN_iidoIhJ0gHBP2gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 02:35:20 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 ... show more (mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 22:35:15.108678 2026] [security2:error] [pid 4847:tid 4847] [client 123.253.38.55:51624] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 123.253.38.55 (+1 hits since last alert)\|artbytracyjane.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artbytracyjane.com"] [uri "/xmlrpc.php"] [unique_id "ajdN4-P9R0HmKLBVaUCo9wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 00:06:07 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 ... show more (mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 20:06:03.693612 2026] [security2:error] [pid 5358:tid 5358] [client 123.253.38.55:61481] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 123.253.38.55 (+1 hits since last alert)\|jennyfiore.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jennyfiore.com"] [uri "/xmlrpc.php"] [unique_id "ajcq68TstQOuXUNYTwQJhgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 20:10:51 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 ... show more (mod_security) mod_security (id:240335) triggered by 123.253.38.55 (123.253.38-55.onesky.net.bd): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 16:10:47.078261 2026] [security2:error] [pid 9113:tid 9113] [client 123.253.38.55:53265] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 123.253.38.55 (+1 hits since last alert)\|bernsteinip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bernsteinip.com"] [uri "/xmlrpc.php"] [unique_id "ajbzx8t5yGIqk0eoObySSwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 LARL-Stompro-2024	2026-06-14 13:55:18 (1 week ago)	Evergreen ILS - Mylist Bot Abuse - HTTP Port 443 - Fake UserAgent. Requests:1	Bad Web Bot
🇳🇱 exxos	2025-09-09 04:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇩🇪 stalker.to	2025-05-22 13:31:29 (1 year ago)	Datacenter Proxy	Web Spam
Anonymous	2025-01-27 14:15:00 (1 year ago)	Used in a distributed login attack	Brute-Force

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.225

🇫🇮 178.20.210.151

🇭🇰 103.103.245.61

🇧🇷 43.157.163.155

🇫🇷 4.211.84.189

🇺🇸 3.83.245.221

🇳🇱 2a00:1450:4013:c1a::128

🇺🇸 2607:f8b0:4004:1007::127

🇦🇺 220.245.246.130

🇨🇳 220.202.112.103

🇺🇸 195.26.240.95

🇧🇷 138.121.37.150

🇨🇳 101.126.85.58

🇫🇷 92.133.193.179

🇸🇪 92.33.193.44

🇨🇳 59.60.100.158

🇩🇪 51.75.64.35

🇫🇷 51.68.226.87

🇬🇭 41.204.63.118

🇧🇪 35.210.58.81