JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.238.37.98

104.238.37.98 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	Web2Objects LLC
Usage Type	Fixed Line ISP
ASN	AS62874
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Arlington, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.238.37.98

Whois 104.238.37.98

IP Abuse Reports for 104.238.37.98:

This IP address has been reported a total of 14 times from 6 distinct sources. 104.238.37.98 was first reported on March 6th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 00:14:19 (4 months ago)	(mod_security) mod_security (id:210580) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210580) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 19:13:47.635637 2026] [security2:error] [pid 25143:tid 25143] [client 104.238.37.98:53697] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:local-destination-id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:local-destination-id: /etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-admin/admin-post.php"] [unique_id "aWrUO1GkkATp3X43jo2cqQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 17:17:40 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:09:11.243433 2025] [security2:error] [pid 23516:tid 23612] [client 104.238.37.98:41399] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?p=3232&wp_automatic=download&link=file:///etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/"] [unique_id "aVK1twtJvz4KODtZUgYy4QAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:49:35 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:49:28.180125 2025] [security2:error] [pid 27755:tid 27755] [client 104.238.37.98:43713] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /pictureproxy.php?url=file:///etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/pictureproxy.php"] [unique_id "aRWpqFYr0pjcoSzwn68kbgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-04 02:25:38 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 22:25:34.032563 2024] [security2:error] [pid 12616:tid 12616] [client 104.238.37.98:47855] [client 104.238.37.98] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.stdavids-media.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stdavids-media.com"] [uri "/components/com_rwcards/captcha/captcha_image.php"] [unique_id "ZtfFHqyeBTzk6_TsW0S_FQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-26 23:10:16 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 19:10:10.700738 2024] [security2:error] [pid 532018:tid 532398] [client 104.238.37.98:42619] [client 104.238.37.98] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?page_slug=../../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/index.php"] [unique_id "Zs0LUi_p85EHRlaaQPgnrwAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2024-07-16 00:49:02 (1 year ago)	SS1: Web Attack GET /theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae ... show more SS1: Web Attack GET /theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd show less	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-05-28 23:03:50 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 19:03:44.009072 2024] [security2:error] [pid 6312:tid 47260695701248] [client 104.238.37.98:49825] [client 104.238.37.98] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.com"] [uri "/js../.git/config"] [unique_id "ZlZi0NhrIDYsFMakWIztDAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-05-08 07:00:43 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇦🇺 oncord	2024-04-27 06:00:39 (2 years ago)	Form spam	Web Spam
Anonymous	2024-04-27 05:23:20 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-03-27 08:40:09 (2 years ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇪🇸 10dencehispahard SL	2024-03-27 07:00:25 (2 years ago)	Unauthorized login attempts [ BI-16635]	Brute-Force
🇪🇸 10dencehispahard SL	2024-03-27 06:45:22 (2 years ago)	WP scan	Web App Attack
🇺🇸 TPI-Abuse	2024-03-06 00:36:43 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.238.37.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 05 19:36:19.752716 2024] [security2:error] [pid 15720:tid 47418174187264] [client 104.238.37.98:51851] [client 104.238.37.98] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.net"] [uri "/logs/errors.log"] [unique_id "Zee6g_HZ6wyh2e8hJw0_lAAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.76

🇺🇸 206.81.10.29

🇧🇷 187.84.6.147

🇺🇸 52.200.76.145

🇧🇷 45.175.123.254

🇻🇳 27.79.40.79

🇮🇳 3.110.123.171

🇨🇱 207.248.222.148

🇨🇦 199.167.138.45

🇧🇷 191.7.26.153

🇰🇷 121.167.147.112

🇲🇾 47.250.92.205

🇫🇷 45.157.112.11

🇰🇷 221.162.3.119

🇧🇷 205.210.31.229

🇺🇸 195.184.76.161

🇨🇳 182.244.0.150

🇬🇧 172.69.195.83

🇬🇧 172.69.194.108

🇺🇸 159.223.147.69