AbuseIPDB » 38.153.137.215
38.153.137.215 was found in our database!
This IP was reported 9 times. Confidence of
Abuse
is 0%: ?
| ISP |
Server Mania Inc.
|
| Usage Type |
Fixed Line ISP
|
| ASN |
AS174
|
| Domain Name |
servermania.com
|
| Country |
πΊπΈ
United States of America
|
| City |
Los Angeles, California
|
IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
IP Abuse Reports for 38.153.137.215:
This IP address has been reported a total of
9
times from
4 distinct
sources.
38.153.137.215 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
| Reporter |
IoA Timestamp (UTC)
|
Comment |
Categories |
|
|
πͺπΈ
10dencehispahard SL
|
|
Unauthorized login attempts []
|
Brute-Force
|
|
|
πͺπΈ
10dencehispahard SL
|
|
Web Attack
|
DDoS Attack
Brute-Force
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210381) triggered by 38.153.137.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210381) triggered by 38.153.137.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 09 22:50:12.349811 2024] [security2:error] [pid 31282:tid 47091996870400] [client 38.153.137.215:33327] [client 38.153.137.215] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||www.kettlehill.net|F|4"] [data "REQUEST_URI=/assets/built%2F..%2F..%2F%E0%A4%A/package.json"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.kettlehill.net"] [uri "/assets/built%2F..%2F..%2F%E0%A4%A/package.json"] [unique_id "ZhX-ZB_mInyAqR-iWhvylQAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πͺπΈ
10dencehispahard SL
|
|
Unauthorized login attempts [ BI-16635]
|
Brute-Force
|
|
|
πͺπΈ
10dencehispahard SL
|
|
WP scan
|
Web App Attack
|
|
|
Anonymous
|
|
Common attack or app scan event detected and blocked
|
Port Scan
Hacking
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 38.153.137.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 38.153.137.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 25 19:15:02.765028 2024] [security2:error] [pid 20753] [client 38.153.137.215:44645] [client 38.153.137.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.stdavids-media.com"] [uri "/wp-config.php"] [unique_id "ZbL5hnE7hE8dhkjNaqIt3AAAABo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 38.153.137.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 38.153.137.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 12 18:04:56.021569 2023] [security2:error] [pid 22356:tid 46962300098304] [client 38.153.137.215:60495] [client 38.153.137.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.net"] [uri "/.env.dev"] [unique_id "ZXjnGOlzNZ3kieRyxpVLuAAAAYc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
| Common web attack.
|
Hacking
SQL Injection
Web App Attack
|
|
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: