JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.7.145.237

38.7.145.237 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 100%: ?

100%

ISP	LifeinCloud LTD,
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203919
Hostname(s)	nordicfootball.org
Domain Name	lifeincloud.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.7.145.237

Whois 38.7.145.237

IP Abuse Reports for 38.7.145.237:

This IP address has been reported a total of 37 times from 31 distinct sources. 38.7.145.237 was first reported on June 2nd 2026, and the most recent report was 15 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 2000cn.com.au	2026-06-15 06:06:37 (15 minutes ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 BlueWire Hosting	2026-06-15 05:54:09 (27 minutes ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇫🇷 masterguru	2026-06-15 05:49:55 (31 minutes ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇨🇭 4server	2026-06-14 16:32:27 (13 hours ago)	[SunJun1418:32:23.0150432026][security2:error][pid2981974:tid2982193][client38.7.145.237:0]ModSecuri ... show more [SunJun1418:32:23.0150432026][security2:error][pid2981974:tid2982193][client38.7.145.237:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"promo.ticinosystem.ch\"][uri\"/.git/HEAD\"][unique_id\"ai7Xl26NJCNrMhfsm7zudgAAAIk\"] show less	Hacking Web App Attack
🇫🇮 xyz.rip	2026-06-14 14:59:46 (15 hours ago)	WAF Violation ...	Hacking Web App Attack
🇺🇸 Rip	2026-06-14 13:40:28 (16 hours ago)	Automated recon attempt targeting restricted and sensitive paths.	Web App Attack
🇺🇸 Rip	2026-06-14 12:17:12 (18 hours ago)	Restricted File Access Attempts	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 10:57:04 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 38.7.145.237 (nordicfootball.org): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 38.7.145.237 (nordicfootball.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:56:56.742251 2026] [security2:error] [pid 13466:tid 13466] [client 38.7.145.237:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yggdrasil.org"] [uri "/.git/config"] [unique_id "ai6I-H6-cVPTCqNaAlQVeQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-06-14 05:50:20 (1 day ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 IVski	2026-06-14 05:02:33 (1 day ago)	IVski WAF \| WordPress scanner detected - probing wp-content, xmlrpc or wp-login	Port Scan Brute-Force Web App Attack
🇮🇹 madaello	2026-06-14 05:01:37 (1 day ago)	38.7.145.237 - - [14/Jun/2026:07:01:35 +0200] "GET /.git/HEAD HTTP/1.1" 404 503 "-" "Mozilla/5.0 (Wi ... show more 38.7.145.237 - - [14/Jun/2026:07:01:35 +0200] "GET /.git/HEAD HTTP/1.1" 404 503 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 38.7.145.237 - - [14/Jun/2026:07:01:35 +0200] "GET /env HTTP/1.1" 404 503 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 38.7.145.237 - - [14/Jun/2026:07:01:35 +0200] "GET /.env HTTP/1.1" 404 503 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 38.7.145.237 - - [14/Jun/2026:07:01:36 +0200] "GET /.env.local HTTP/1.1" 404 503 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" 38.7.145.237 - - [14/Jun/2026:07:01:36 +0200] "GET /.env.production HTTP/1.1" 404 503 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Port Scan
🇩🇪 dbmwebdesign	2026-06-13 22:10:19 (1 day ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇧🇾 lns.bz	2026-06-13 21:26:25 (1 day ago)	.env scanning [BY]	Web App Attack
🇺🇸 agenciahypelab.com.br	2026-06-13 21:02:44 (1 day ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
Anonymous	2026-06-13 20:25:01 (1 day ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 146.190.48.144

🇻🇳 14.248.82.157

🇨🇳 175.9.143.230

🇺🇸 172.253.91.155

🇸🇬 139.180.213.30

🇭🇰 118.193.44.112

🇮🇳 117.208.201.161

🇧🇩 114.130.85.36

🇺🇸 104.21.83.228

🇷🇺 78.81.151.182

🇮🇳 59.98.3.139

🇨🇳 39.104.63.170

🇮🇳 34.131.30.80

🇺🇸 172.236.228.193

🇺🇸 129.153.31.0

🇨🇳 118.196.84.13

🇫🇷 91.231.89.173

🇧🇷 45.164.251.106

🇸🇬 43.156.116.54

🇺🇸 34.86.75.98