JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.253.18.38

36.253.18.38 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 0%: ?

ISP	Ncell Private Ltd.
Usage Type	Fixed Line ISP
ASN	AS38565
Domain Name	ncell.com.np
Country	🇳🇵 Nepal
City	Kathmandu, Bagmati Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.253.18.38

Whois 36.253.18.38

IP Abuse Reports for 36.253.18.38:

This IP address has been reported a total of 58 times from 32 distinct sources. 36.253.18.38 was first reported on September 20th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-04-10 05:31:53 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 NoaQT	2026-04-05 22:06:24 (1 month ago)	36.253.18.38 - - [05/Apr/2026:16:47:40 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.next22.co ... show more 36.253.18.38 - - [05/Apr/2026:16:47:40 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.next22.co/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:16:53:46 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.facebook.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:17:07:44 +0200] "GET /web/login HTTP/1.1" 499 0 "https://blog.elite-global.net/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:17:10:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:16:53:46 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.facebook.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWe ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 15:45:55 (1 month ago)	36.253.18.38 - - [05/Apr/2026:17:39:45 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.reddit.co ... show more 36.253.18.38 - - [05/Apr/2026:17:39:45 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.reddit.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:17:41:01 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.best-mega.co/search" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:17:41:01 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.best-mega.co/search" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:17:44:11 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.linkedin.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 36.253.18.38 - - [05/Apr/2026:17:44:11 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.linkedin.com/" "Mozilla/5.0 ( ... show less	DDoS Attack
🇦🇱 cheatmaster.store	2026-02-27 01:01:37 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: Nepal Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇪🇸 el-brujo	2025-12-31 12:37:42 (5 months ago)	Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows N ... show more Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Action: block Source: l7ddos ASN Description: NCELL-AS-NP Ncell Pvt. Ltd. Country: NP Method: GET Timestamp: 2025-12-31T12:37:42Z ruleId: 9bc0d8e988e545dea9bd4843c4bef55c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 Vano Ganzzz	2025-12-28 04:19:26 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from NP. Action taken: BLOCK ASN: 38565 (NCELL-AS-NP Ncell ... show more Triggered Cloudflare WAF (firewallCustom) from NP. Action taken: BLOCK ASN: 38565 (NCELL-AS-NP Ncell Pvt. Ltd.) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2025-12-28T04:19:26Z Ray ID: 9b4e4269aab0ee00 UA: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/3.0.196.2 Safari/532.0khUIglhwG2sP show less	Bad Web Bot
🇸🇬 Fn4ticHz	2025-12-15 19:54:16 (5 months ago)	repeated ddos targeted zeroguard.space -- ZeroGuard	DDoS Attack
🇸🇬 Fn4ticHz	2025-12-15 18:25:35 (5 months ago)	repeated ddos targeted load.rapidreset.net -- ZeroGuard	DDoS Attack
🇵🇹 PTnet	2025-12-07 06:25:34 (5 months ago)	DDoS Attack (jail:haproxy-https-flood)	DDoS Attack Exploited Host
🇵🇹 PTnet	2025-12-06 12:05:58 (5 months ago)	DDoS Attack (jail:haproxy-https-flood)	DDoS Attack Exploited Host
🇵🇹 PTnet	2025-12-04 19:55:33 (6 months ago)	DDoS Attack (jail:haproxy-https-flood)	DDoS Attack Exploited Host
Anonymous	2025-12-04 07:20:22 (6 months ago)	botnet	DDoS Attack
🇩🇪 Szymekk	2025-12-02 14:04:45 (6 months ago)	Fail2Ban: SSH brute force attempt [srv01]	Brute-Force SSH
🇺🇸 SuperEvilLuke	2025-11-21 14:09:44 (6 months ago)	Malicious activity detected from 38565 NCELL-AS-NP Ncell Pvt. Ltd. towards host panel.embotic.xyz (G ... show more Malicious activity detected from 38565 NCELL-AS-NP Ncell Pvt. Ltd. towards host panel.embotic.xyz (GET HTTP/2) @ 2025-11-21T14:09:44Z (16 occurrences) show less	DDoS Attack Exploited Host
🇺🇸 SuperEvilLuke	2025-11-04 21:43:53 (7 months ago)	Malicious activity detected from 38565 NCELL-AS-NP Ncell Pvt. Ltd. towards host dash.embotic.xyz (GE ... show more Malicious activity detected from 38565 NCELL-AS-NP Ncell Pvt. Ltd. towards host dash.embotic.xyz (GET HTTP/2) @ 2025-11-04T21:43:53Z (5 occurrences) show less	DDoS Attack Exploited Host

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇧🇷 187.0.238.206

🇭🇰 182.160.1.207

🇸🇬 128.199.231.249

🇰🇷 112.216.129.27

🇮🇩 110.137.82.151

🇱🇹 85.206.68.80

🇵🇭 124.107.185.138

🇳🇱 204.76.203.219

🇬🇧 188.240.59.15

🇺🇸 172.236.106.113

🇩🇪 159.89.1.53

🇻🇳 115.76.51.112

🇨🇳 112.86.225.161

🇺🇸 107.172.204.15

🇻🇳 103.78.0.229

🇳🇱 81.19.216.71

🇮🇳 68.233.116.124

🇻🇳 14.186.146.187

🇩🇪 213.209.159.56