JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.238.38.54

104.238.38.54 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	Web2Objects LLC
Usage Type	Fixed Line ISP
ASN	AS62874
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.238.38.54

Whois 104.238.38.54

IP Abuse Reports for 104.238.38.54:

This IP address has been reported a total of 23 times from 7 distinct sources. 104.238.38.54 was first reported on May 11th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 06:43:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:43:02.590038 2026] [security2:error] [pid 7104:tid 7104] [client 104.238.38.54:54781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.www"] [unique_id "aWsvdhOkFmE00CoL7uG1EwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 17:58:19 (5 months ago)	(mod_security) mod_security (id:221260) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:55:49.731811 2025] [security2:error] [pid 30292:tid 30591] [client 104.238.38.54:45525] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\$\\\$\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|kettlehill.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/cgi-bin/stats"] [unique_id "aVLApYGwzh_8AlcRvOiNDgAAAQg"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 04:49:06 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 23:48:51.897643 2025] [security2:error] [pid 28467:tid 28467] [client 104.238.38.54:38845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nbcnewsradio.com"] [uri "/.env.save"] [unique_id "aRQRs2L7tv-apZNznVgaiwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:51:03 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:50:58.194402 2025] [security2:error] [pid 729657:tid 729696] [client 104.238.38.54:41845] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\$\\\$\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.com"] [uri "/cgi-bin/stats"] [unique_id "aIWGAhUVDjlJfvQpjEJZ0QAAAAI"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 00:26:15 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 104.238.38.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 20:26:09.396101 2025] [security2:error] [pid 3825582:tid 3825582] [client 104.238.38.54:46305] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\$\\\$\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/"] [unique_id "aDj7Ib4sQJCjMGAH8ktPvgAAAA0"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-01 04:10:02 (1 year ago)	\| Shellshock attack attempt	Hacking SQL Injection Web App Attack
🇺🇸 oncord	2024-06-06 15:12:39 (2 years ago)	Form spam	Web Spam
🇬🇧 oncord	2024-06-05 07:41:32 (2 years ago)	Form spam	Web Spam
🇺🇸 oncord	2024-06-03 08:19:10 (2 years ago)	Form spam	Web Spam
🇳🇿 Tripwire	2024-05-29 11:15:26 (2 years ago)	Wordpress login scanning	Brute-Force Web App Attack
🇦🇺 oncord	2024-05-28 02:38:58 (2 years ago)	Form spam	Web Spam
Anonymous	2024-05-26 07:10:35 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 nowyouknow	2024-05-25 09:59:51 (2 years ago)	Malicious Traffic/Form Submission	Phishing Web Spam
🇦🇺 oncord	2024-05-24 08:03:50 (2 years ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2024-05-23 05:05:34 (2 years ago)	(From [email protected]) Exciting News! Transform your meeting room with ultra bright disp ... show more (From [email protected]) Exciting News! Transform your meeting room with ultra bright displays from this wireless portable projector. Buy the Epson PowerLite 1288 1080p Projector with Wi-Fi for only $599 and get a FREE ceiling mount! Epson Certified ReNew Program (Epson Standard Warranty) is included. Experience vibrant, high-resolution projections with Miracast wireless screen mirroring. Ready to ship immediately - in stock now. Get FREE ground shipping in the U.S. SHOP NOW at PSSAV and Save : https://bit.ly/3QPR9Be Hurry, only 32 left - place your order now! Unsubscribe here if you don't want to get these awesome offers: https://form.jotform.com/241413178974462 Lungolago 102, Peekskill, New York, US, 6598 show less	Phishing Web Spam

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.148

🇨🇴 190.250.108.32

🇧🇪 149.154.243.153

🇫🇷 91.196.152.103

🇦🇲 87.241.156.224

🇩🇪 69.5.169.44

🇲🇾 49.124.146.42

🇦🇺 46.250.241.125

🇳🇱 45.148.10.239

🇷🇺 31.173.21.229

🇺🇾 186.53.63.150

🇳🇱 144.31.54.15

🇹🇷 138.124.107.53

🇭🇰 114.111.54.189

🇷🇺 89.113.136.32

🇩🇪 69.5.169.81

🇧🇷 45.205.1.241

🇳🇱 31.59.95.52

🇮🇳 223.196.193.153

🇮🇩 182.10.129.83