JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.132.57.238

203.132.57.238 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 11%: ?

11%

ISP	Guangdong Cable Corporation Limited
Usage Type	Fixed Line ISP
ASN	AS17816
Domain Name	cnnic.cn
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.132.57.238

Whois 203.132.57.238

IP Abuse Reports for 203.132.57.238:

This IP address has been reported a total of 16 times from 3 distinct sources. 203.132.57.238 was first reported on January 18th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 20:02:48 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 16:02:43.812475 2026] [security2:error] [pid 23730:tid 23730] [client 203.132.57.238:48629] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.swcbsa.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.swcbsa.org"] [uri "/"] [unique_id "aj7a4wveHZCBWEMYWJTmGQAAAAE"], referer: https://www.swcbsa.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 20:35:53 (3 days ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 16:35:45.685476 2026] [security2:error] [pid 32326:tid 32326] [client 203.132.57.238:48607] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.mvpbees.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mvpbees.com"] [uri "/"] [unique_id "ajw_oX9eim07wtgDffZwHwAAAAQ"], referer: http://www.mvpbees.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 00:14:36 (3 weeks ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 20:14:31.091106 2026] [security2:error] [pid 8802:tid 8802] [client 203.132.57.238:48567] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.godplusus.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.godplusus.com"] [uri "/"] [unique_id "ah9x59NOomyu5ZWfy3qfgAAAAAE"], referer: http://www.godplusus.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 20:01:11 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 16:01:03.320198 2026] [security2:error] [pid 29519:tid 29519] [client 203.132.57.238:48574] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.nearfieldchrist.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.nearfieldchrist.com"] [uri "/"] [unique_id "ahdNf4DAboVt8wyGgAShTQAAAJI"], referer: http://www.nearfieldchrist.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 20:32:48 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 16:32:41.316348 2026] [security2:error] [pid 27560:tid 27560] [client 203.132.57.238:48610] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|printedweddingnapkins.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "printedweddingnapkins.com"] [uri "/"] [unique_id "ahC9abWeKSnLtjoetsA-gQAAABE"], referer: http://printedweddingnapkins.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 21:10:37 (1 month ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 17:10:31.195396 2026] [security2:error] [pid 20114:tid 20119] [client 203.132.57.238:48559] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.dashcammvp.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.dashcammvp.com"] [uri "/"] [unique_id "agjdRzFC0ZtLVocBui-8BQAAAEM"], referer: http://www.dashcammvp.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-01 13:14:07 (1 month ago)	Multiple connection attempts to UDP 8568	Port Scan
🇺🇸 TPI-Abuse	2026-04-26 22:37:01 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 18:36:53.803765 2026] [security2:error] [pid 17640:tid 17640] [client 203.132.57.238:48581] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.puckerbottombikini.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.puckerbottombikini.com"] [uri "/"] [unique_id "ae6ThbvC9TneF7M-J3cHngAAABU"], referer: http://www.puckerbottombikini.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 01:26:17 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 21:26:14.638113 2026] [security2:error] [pid 17736:tid 17736] [client 203.132.57.238:48893] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|mantality.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mantality.com"] [uri "/"] [unique_id "ae1ptn76RvbxP9qcLruaTAAAABM"], referer: http://mantality.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-31 05:01:13 (2 months ago)	Brute force. Port: 8567	Brute-Force
🇺🇸 TPI-Abuse	2026-03-02 08:42:12 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 03:42:06.651376 2026] [security2:error] [pid 9073:tid 9073] [client 203.132.57.238:48602] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|jdmicons.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jdmicons.com"] [uri "/"] [unique_id "aaVNXv_b9bT8mBY68LifjAAAAAc"], referer: http://jdmicons.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 22:56:20 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 17:56:13.139809 2026] [security2:error] [pid 15524:tid 15524] [client 203.132.57.238:48604] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.ouzcorp.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ouzcorp.com"] [uri "/"] [unique_id "aZZDjfYCN5MfGZ6hNmeedAAAACw"], referer: https://www.ouzcorp.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:32:24 (4 months ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:32:18.864890 2026] [security2:error] [pid 1765:tid 1765] [client 203.132.57.238:48613] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|midaslachine.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "midaslachine.com"] [uri "/"] [unique_id "aZEUEiDtEsX_MRRSn3VaHQAAABI"], referer: http://midaslachine.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇳 liveaspankaj	2026-02-13 06:57:59 (4 months ago)	DDoS attack: 186 requests in 5m (GET / or repair.php).	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-19 11:23:00 (5 months ago)	(mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 203.132.57.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 19 06:22:55.558027 2026] [security2:error] [pid 6860:tid 6860] [client 203.132.57.238:48667] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|roselockecasting.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "roselockecasting.com"] [uri "/index.html"] [unique_id "aW4UD708FF5kL2Hs09M18QAAAAg"], referer: http://roselockecasting.com/index.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 194.226.107.123

🇳🇱 138.226.239.11

🇺🇸 136.23.56.191

🇩🇪 69.5.169.250

🇺🇸 66.132.186.201

🇱🇹 62.60.130.219

🇳🇱 45.148.10.151

🇺🇸 44.179.91.193

🇬🇧 37.10.113.221

🇺🇸 2607:f8b0:4023:1002::127

🇮🇳 2401:4900:88a0:d7f1:cd30:4ecf:ca15:ea7a

🇮🇩 202.145.0.61

🇸🇪 92.112.228.215

🇮🇳 49.36.116.118

🇳🇱 45.148.10.240

🇺🇸 44.210.28.42

🇺🇸 35.196.107.49

🇯🇵 20.89.107.118

🇫🇷 4.211.84.189

🇺🇸 216.180.246.101