JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.204.211.24

138.204.211.24 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 30%: ?

30%

ISP	GIGA MAIS FIBRA TELECOMUNICACOES S.A.
Usage Type	Fixed Line ISP
ASN	AS28294
Domain Name	gigamaisfibra.com.br
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.204.211.24

Whois 138.204.211.24

IP Abuse Reports for 138.204.211.24:

This IP address has been reported a total of 18 times from 17 distinct sources. 138.204.211.24 was first reported on March 18th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 nNordic	2026-06-09 10:16:03 (6 days ago)	Connection attempt blocked by IDS/IPS from 138.204.211.24/32	Hacking
🇧🇷 ICS Labs	2026-06-08 12:52:54 (1 week ago)	ICS Labs identified 138.204.211.24 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
Anonymous	2026-06-02 17:13:00 (1 week ago)	Killer parameter blocked \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, ... show more Killer parameter blocked \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 \| (Magento Site) (Botnet activity attributed to: Angara Technologies Group / mikhail-smirnov-79830322) show less	Web App Attack
🇷🇴 abuse_IP_reporter	2026-04-26 07:45:03 (1 month ago)	Apr 26 10:23:32 server UFW BLOCK SRC=138.204.211.24	Port Scan
🇩🇪 iNetWorker	2026-04-26 07:31:15 (1 month ago)	firewall-block, port(s): 5463/udp	Port Scan
🇮🇹 Fusty	2026-04-25 23:27:32 (1 month ago)	Unauthorized attempt on (UDP on port 41559). Source port: 38775 TTL: 49 Packet length: 61 41 Timesta ... show more Unauthorized attempt on (UDP on port 41559). Source port: 38775 TTL: 49 Packet length: 61 41 Timestamp: 2026-04-26 01:27:32 show less	Port Scan
Anonymous	2026-04-24 06:04:42 (1 month ago)	PROTO=UDP DPT=32323	Port Scan Hacking
Anonymous	2026-04-24 03:42:01 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-02-28 16:51:42 (3 months ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
Anonymous	2025-11-25 18:33:54 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-20 03:08:02 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇫🇷 GabrielJST	2025-10-15 16:07:26 (8 months ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 138.204.211.24 (BR/B ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 138.204.211.24 (BR/Brazil/-) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-06 08:09:36 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 138.204.211.24 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 138.204.211.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 06 04:09:31.425510 2025] [security2:error] [pid 17527:tid 17527] [client 138.204.211.24:11669] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.elcalamo.com\|F\|2"] [data ".pdb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.elcalamo.com"] [uri "/pda/nava-paravolveralmar.PDB"] [unique_id "aON5O0uXkB10qiAQuEedrAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 exxos	2025-08-02 23:10:01 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇨🇭 backslash	2025-08-02 05:41:22 (10 months ago)		Bad Web Bot

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.252.190

🇺🇸 207.90.244.6

🇹🇭 182.52.90.106

🇺🇸 162.216.149.113

🇬🇧 34.13.8.237

🇨🇳 14.103.127.30

🇩🇪 212.227.140.112

🇺🇸 207.90.244.19

🇵🇰 202.47.36.206

🇦🇺 194.195.126.142

🇩🇪 194.88.98.107

🇨🇳 180.102.110.153

🇨🇳 180.102.110.142

🇩🇪 165.245.244.185

🇸🇪 162.158.182.55

🇯🇵 160.251.185.39

🇨🇳 120.48.28.60

🇸🇬 118.139.164.171

🇺🇸 104.131.165.169

🇧🇷 102.211.152.138