AbuseIPDB » 185.198.37.133
185.198.37.133
This IP was reported 6 times. Confidence of
Abuse
is 2% : ?
ISP
Azadeh Golestan Parast trading as Virtual Dedicated Datacenter Services FZCO
Usage Type
Data Center/Web Hosting/Transit
ASN
AS20853
Domain Name
virtualhost.ae
Country
๐ต๐ฑ
Poland
City
Warsaw, Mazovia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 185.198.37.133 :
This IP address has been reported a total of
6
times from
4 distinct
sources.
185.198.37.133 was first reported on
August 31st 2025 , and the most recent report was
2 weeks ago
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฎ๐ช
AutosOnShow
2026-05-29 01:44:06
(2 weeks ago)
blocked for webapp attack | path requested: /.env | seen at 2026-05-29 01:43:32.151 |
Web App Attack
๐ฎ๐ช
AutosOnShow
2026-05-25 10:53:05
(2 weeks ago)
blocked for webapp attack | path requested: /.env | seen at 2026-05-25 10:52:18.770 |
Web App Attack
๐ฎ๐ช
AutosOnShow
2026-04-14 19:44:05
(2 months ago)
blocked for webapp attack | path requested: /.env | seen at 2026-04-14 19:43:21.152 |
Web App Attack
๐ช๐ธ
gnom4ik
2026-02-20 19:20:59
(3 months ago)
ban-reviewer auto report; ip=185.198.37.133; scenario=http:scan; verdict=valid_ban; confidence=0.85; ...
show more
ban-reviewer auto report; ip=185.198.37.133; scenario=http:scan; verdict=valid_ban; confidence=0.85; categories=14,15,22; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for HTTP scanning activity (scenario: http:scan); AbuseIPDB category 14 (Port Scan) is applicable; AbuseIPDB category 15 (Hacking) is applicable; AbuseIPDB category 22 (SSH) is applicable
show less
Port Scan
Hacking
SSH
๐บ๐ธ
ne1for23
2025-09-27 08:34:41
(8 months ago)
Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ...
show more
Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution.
185.198.37.133 - - [27/Sep/2025:08:34:41 +0000] "GET /.env HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" "-"
show less
Hacking
๐จ๐ณ
ThreatBook.io
2025-08-31 22:17:39
(9 months ago)
2025-08-31 11:13:24 /.env
2025-08-31 11:13:25 /,{"body":"0x%5B%5D=androxgh0st","content_type":"appli ...
show more
2025-08-31 11:13:24 /.env
2025-08-31 11:13:25 /,{"body":"0x%5B%5D=androxgh0st","content_type":"application/x-www-form-urlencoded","header":{"Accept":["*/*"],"Accept-Encoding":["gzip"],"Connection":["close"],"Content-Length":["20"],"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"]},"host":"44.243.95.195","method":"POST","proto":"HTTP/1.1","remote_addr":"185.198.37.133:33843","status_code":200,"url":"/","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"}
show less
Web App Attack
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: