JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 209.38.96.155

209.38.96.155 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 2%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 209.38.96.155

Whois 209.38.96.155

IP Abuse Reports for 209.38.96.155:

This IP address has been reported a total of 60 times from 54 distinct sources. 209.38.96.155 was first reported on July 24th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 victoryur	2026-06-14 00:04:20 (4 days ago)	Reported by Fail2Ban on 24.finkont.ru (sshd)	Brute-Force
🇷🇺 victoryur	2026-04-15 00:03:46 (2 months ago)	Reported by Fail2Ban on 24.finkont.ru (sshd)	Brute-Force
🇩🇪 Blexyel	2026-03-17 04:59:05 (3 months ago)	209.38.96.155 - - [17/Mar/2026:05:59:05 +0100] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 ... show more 209.38.96.155 - - [17/Mar/2026:05:59:05 +0100] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" "136.243.2.38" ... show less	Brute-Force Web App Attack
🇬🇧 Deveroonie	2026-03-17 04:58:33 (3 months ago)	209.38.96.155 - - [17/Mar/2026:04:58:32 +0000] "GET /.git/config HTTP/1.1" 404 196 "-" "Mozilla/5.0 ... show more 209.38.96.155 - - [17/Mar/2026:04:58:32 +0000] "GET /.git/config HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 piticu iuli	2026-03-17 04:57:32 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 209.38.96.155 (NL/Netherlands/-)	SQL Injection
🇩🇪 gadix	2026-03-17 04:56:18 (3 months ago)	[17/Mar/2026:05:42:54.226860 +0100] abjbzoPgZzaJElv8xILkBwAAAAA 209.38.96.155 46208 127.0.0.1 7081 [ ... show more [17/Mar/2026:05:42:54.226860 +0100] abjbzoPgZzaJElv8xILkBwAAAAA 209.38.96.155 46208 127.0.0.1 7081 [17/Mar/2026:05:56:17.504943 +0100] abje8Y8-sTB4uwa1QDHf9AAAAAI 209.38.96.155 50150 127.0.0.1 7080 [17/Mar/2026:05:56:17.876996 +0100] abje8d3a3JI-dbKRVQpq8wAAAAY 209.38.96.155 44226 127.0.0.1 7081 ... show less	Web App Attack
🇺🇸 bulkvm.com	2026-03-17 04:50:11 (3 months ago)	[bulkvm.com/honeypot] Generic HTTP. Port: 57510, request: GET /.git/config HTTP/1.1 , user-agent: Mo ... show more [bulkvm.com/honeypot] Generic HTTP. Port: 57510, request: GET /.git/config HTTP/1.1 , user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWeb, Time: 2026-03-17 04:48:32 UTC show less	Hacking
Anonymous	2026-03-17 04:32:03 (3 months ago)	209.38.96.155 - - [17/Mar/2026:04:32:02 +0000] "GET /.git/config HTTP/1.1" 404 437 "-" "Mozilla/5.0 ... show more 209.38.96.155 - - [17/Mar/2026:04:32:02 +0000] "GET /.git/config HTTP/1.1" 404 437 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-03-17 04:31:59 (3 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇨🇦 trentwiles.com	2026-03-17 04:18:14 (3 months ago)	GET /.git/config - YYZ (2026-03-17 04:18:14)	Web App Attack
🇺🇸 jfz-abuse	2026-03-17 04:16:19 (3 months ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇩🇪 sdos.es	2026-03-17 04:14:35 (3 months ago)	"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"	Web App Attack
🇳🇱 Jordy	2026-03-17 04:13:15 (3 months ago)	17/Mar/2026:05:13:14.985578 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ... show more 17/Mar/2026:05:13:14.985578 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 209.38.96.155] ModSecurity: Warning. Pattern match "^[\\\\\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "736"] [id "920350"] [msg "Host header is a numeric IP address"] [data "141.224.196.208"] [severity "WARNING"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "141.224.196.208"] [uri "/.git/config"] [unique_id "abjU2hh4hEE_doZPAqKQCwAAAAg"] 17/Mar/2026:05:13:14.985578 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 209.38.96.155] ModSecurity: Warning. Matched phrase "/.git/" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted ... show less	Web App Attack
🇺🇸 octageeks.com	2026-03-17 04:12:07 (3 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇩🇪 big-cloud.nl	2026-03-17 04:08:48 (3 months ago)	Try to access /.git/config	Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 173.252.69.135

🇺🇸 170.247.223.224

🇺🇸 170.247.223.122

🇺🇸 170.247.222.240

🇺🇸 170.247.222.233

🇺🇸 162.216.150.28

🇹🇬 160.242.193.218

🇳🇱 158.94.210.44

🇨🇳 117.81.212.152

🇸🇬 114.119.140.84

🇳🇱 103.229.81.178

🇵🇱 74.248.112.30

🇸🇬 47.128.37.59

🇺🇸 34.29.104.32

🇬🇧 31.14.254.27

🇫🇮 212.112.19.166

🇺🇸 209.74.86.58

🇨🇴 186.147.162.215

🇺🇸 170.247.222.168

🇺🇸 170.247.222.157