JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.38.86.148

209.38.86.148 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 31%: ?

31%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.38.86.148

Whois 209.38.86.148

IP Abuse Reports for 209.38.86.148:

This IP address has been reported a total of 163 times from 130 distinct sources. 209.38.86.148 was first reported on January 15th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-26 19:47:56 (1 month ago)	$f2bV_matches	Brute-Force
🇬🇧 openstrike.co.uk	2026-04-21 05:14:08 (1 month ago)	4 attacks on VC URLs: GET /.git/config HTTP/1.1	Hacking
🇬🇧 thetomtaylor.co.uk	2026-04-20 21:08:01 (1 month ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-04-20 19:30:54 (1 month ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-04-20 19:05:02 (1 month ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-04-20 18:40:50 (1 month ago)	164 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇧🇪 madeit	2026-04-20 18:40:03 (1 month ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-04-20 14:24:28 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 209.38.86.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.38.86.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 10:24:23.553709 2026] [security2:error] [pid 865092:tid 865092] [client 209.38.86.148:40634] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shadowveil.io"] [uri "/.git/config"] [unique_id "aeY3F5tB9PMyfxBKfGQU3gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-20 12:18:18 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 209.38.86.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 209.38.86.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 08:18:12.692495 2026] [security2:error] [pid 95278:tid 95278] [client 209.38.86.148:39500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whore-cams.com"] [uri "/.git/config"] [unique_id "aeYZhJjrD7k6SWdKmmaO-wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-04-20 11:25:53 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-20 11:16:49 (1 month ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
🇺🇸 mnsf	2026-04-20 11:05:28 (1 month ago)	Scanning/Probing (14)	Brute-Force Web App Attack
Anonymous	2026-04-20 10:45:45 (1 month ago)	$f2bV_matches	Brute-Force
🇩🇪 4server	2026-04-20 10:43:27 (1 month ago)	[MonApr2012:43:23.4964822026][security2:error][pid1845842:tid1845854][client209.38.86.148:0]ModSecur ... show more [MonApr2012:43:23.4964822026][security2:error][pid1845842:tid1845854][client209.38.86.148:0]ModSecurity:Accessdeniedwithcode403$phase2$.OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded$TotalScore:5$\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"fondazionepetronillapontirone.ch\"][uri\"/.git/config\"][unique_id\"aeYDS2JJ2wqZlFxLyWd1fQAAAEg\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 Axel	2026-04-20 05:12:02 (1 month ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/config ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/config Server: UK-01 show less	Web App Attack Hacking SQL Injection

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.192

🇫🇮 147.185.133.53

🇻🇳 115.78.9.138

🇨🇳 111.50.25.148

🇺🇸 205.210.31.98

🇩🇪 185.242.3.111

🇩🇰 185.212.169.117

🇺🇸 178.128.144.168

🇩🇪 178.24.228.181

🇺🇾 167.62.67.226

🇫🇮 147.185.133.218

🇺🇸 147.185.132.214

🇮🇩 118.99.114.224

🇨🇳 101.200.77.117

🇺🇸 65.49.1.37

🇺🇸 64.62.156.38

🇲🇾 49.124.153.9

🇩🇪 34.185.166.70

🇫🇮 34.88.62.18

🇷🇺 195.218.159.123