AbuseIPDB » 38.250.116.97
38.250.116.97
This IP was reported 35 times. Confidence of
Abuse
is 75% : ?
ISP
YACHAY TELECOMUNICACIONES SAC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS3132
Domain Name
on.pe
Country
๐ต๐ช
Peru
City
Lima, Lima Province
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 38.250.116.97 :
This IP address has been reported a total of
35
times from
14 distinct
sources.
38.250.116.97 was first reported on
May 27th 2026 , and the most recent report was
1 hour ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-05-27 21:26:49
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 38.250.116.97 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 38.250.116.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 17:26:42.844534 2026] [security2:error] [pid 24140:tid 24140] [client 38.250.116.97:51896] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dmasoftlab.com|F|2"] [data ".json.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dmasoftlab.com"] [uri "/.vscode/sftp.json.bak"] [unique_id "ahdhkhGNtfF4SLPgMhcugwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-05-27 21:17:12
(1 week ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 38.250.116.97 (PE/Peru/-): 1 in the ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 38.250.116.97 (PE/Peru/-): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 20:22:47
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 38.250.116.97 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 38.250.116.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 16:22:41.156694 2026] [security2:error] [pid 19770:tid 19788] [client 38.250.116.97:48238] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dcs.co.id|F|2"] [data ".json.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dcs.co.id"] [uri "/.vscode/sftp.json.bak"] [unique_id "ahdSkRhSXrvQrGEW3rVZmAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-05-27 17:00:43
(1 week ago)
Access to sensitive configuration files detected., Access to sensitive files detected w/ specific bo ...
show more
Access to sensitive configuration files detected., Access to sensitive files detected w/ specific boundary.. Threat Score: 5.5/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 2.9/10 (Low). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS
show less
Hacking
Web App Attack
๐ฎ๐ฉ
penjaga BRIN
2026-05-27 14:28:32
(1 week ago)
Suspicious malicious activity
Hacking
Showing 31 to
35
of 35 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: