AbuseIPDB » 38.153.133.36
38.153.133.36
This IP was reported 6 times. Confidence of
Abuse
is 0% : ?
ISP
Server Mania Inc.
Usage Type
Fixed Line ISP
ASN
AS174
Domain Name
servermania.com
Country
๐บ๐ธ
United States of America
City
Los Angeles, California
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 38.153.133.36 :
This IP address has been reported a total of
6
times from
5 distinct
sources.
38.153.133.36 was first reported on
September 16th 2025 , and the most recent report was
8 months ago
Old Reports:
The most recent abuse report for this IP address is from
8 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
ne1for23
2025-10-15 07:27:33
(8 months ago)
Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ...
show more
Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution.
38.153.133.36 - - [15/Oct/2025:07:27:33 +0000] "GET /.env HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" "-"
show less
Hacking
๐ฎ๐ฉ
Burayot
2025-09-20 11:39:24
(8 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 38.153.133.36 (US/United States/-): ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 38.153.133.36 (US/United States/-): 2 in the last 3600 secs
show less
Web App Attack
๐ณ๐ฑ
i-turnradio.nl
2025-09-18 22:40:57
(8 months ago)
2025-09-19 @ 00:40:57 (CET) ~ Blocked based on risk assessment and prior abuse reports
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-18 15:19:10
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 38.153.133.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 38.153.133.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 18 11:19:06.334437 2025] [security2:error] [pid 532224:tid 532249] [client 38.153.133.36:53207] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||unitedonegroup.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "unitedonegroup.com"] [uri "/db_backup.sql"] [unique_id "aMwi6qmnj0XYva46hQ_0_QAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-17 14:22:36
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 38.153.133.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 38.153.133.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 17 10:22:32.823268 2025] [security2:error] [pid 26622:tid 26622] [client 38.153.133.36:33437] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||alsdepot.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "alsdepot.com"] [uri "/html.sql"] [unique_id "aMrEKBOC6sHKmUfo_f8a-wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
Jim Keir
2025-09-16 05:40:37
(8 months ago)
2025-09-16 05:40:36 38.153.133.36 File scanning, blocking 38.153.133.36 for 5 minutes
Web App Attack
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: