JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.94.34.38

185.94.34.38 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 17%: ?

17%

ISP	Fast Servers (Pty) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	traffictransitsolution.us
Country	🇷🇺 Russian Federation
City	Slantsy, Leningradskaya Oblast'

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.94.34.38

Whois 185.94.34.38

IP Abuse Reports for 185.94.34.38:

This IP address has been reported a total of 23 times from 14 distinct sources. 185.94.34.38 was first reported on April 17th 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-05-21 07:06:39 (3 weeks ago)	Scanning/Probing (34)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:30:01 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:29:55.041968 2026] [security2:error] [pid 4340:tid 4372] [client 185.94.34.38:53675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neutrahouse1939.ward-bergerhouse.org"] [uri "/wp-config.php.bak"] [unique_id "ag4n02ypN9svpit-8HPlRAAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 19:24:24 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 15:24:20.029818 2026] [security2:error] [pid 19711:tid 19711] [client 185.94.34.38:56193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batesstrategygroup.com"] [uri "/wp-config.php.orig"] [unique_id "ag4KZMPHw-SdtijTepFr3wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 16:24:36 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:24:29.136448 2026] [security2:error] [pid 32011:tid 32759] [client 185.94.34.38:50661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campingcosmetics.com"] [uri "/wp-config.txt"] [unique_id "ag3gPWpU1TMaB2AIdP6laQAAAwo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2026-05-01 03:04:35 (1 month ago)	WordPress login attempt	Brute-Force
Anonymous	2026-04-17 20:30:04 (1 month ago)	\| [Dangerous/Russia] Aggressive IP 185.94.34.38 (~30 hits). Type: DoS Defender- Web server 400 error ... show more \| [Dangerous/Russia] Aggressive IP 185.94.34.38 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇺🇸 octageeks.com	2026-04-16 04:06:16 (2 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇩🇪 LRob.fr	2026-04-15 12:45:10 (2 months ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇨🇭 4server	2026-04-15 08:04:59 (2 months ago)	[WedApr1510:04:52.7305722026][security2:error][pid3312206:tid3312227][client185.94.34.38:0]ModSecuri ... show more [WedApr1510:04:52.7305722026][security2:error][pid3312206:tid3312227][client185.94.34.38:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"359\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"salonesamire.ch\"][uri\"/wp-content/plugins/brizy/readme.txt\"][unique_id\"ad9GpKM89wWjbUgcPj2xRQAAAFM\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 22:12:46 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 18:12:40.053099 2025] [security2:error] [pid 13864:tid 13864] [client 185.94.34.38:10777] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Hudson II/Vermont Bark/Loveseat/originals/Thumbs.db"] [unique_id "aLyx2Ok5UqttI4V5nKwHlwAAAAA"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Hudson%20II/Vermont%20Bark/Loveseat/originals/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-07-04 03:54:06 (11 months ago)		Bad Web Bot
🇺🇸 TPI-Abuse	2024-11-09 19:01:57 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 185.94.34.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 14:01:49.208178 2024] [security2:error] [pid 1408943:tid 1408943] [client 185.94.34.38:56737] [client 185.94.34.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Grissom-II/Thumbs.db"] [unique_id "Zy-xnav9GwO64UJP7KjQewAAAAs"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Grissom-II/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 unifr	2024-10-07 00:47:16 (1 year ago)	Unauthorized IMAP connection attempt	Brute-Force
Anonymous	2024-09-16 05:05:26 (1 year ago)	Ports: 143,993; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇵🇱 sefinek.net	2024-08-30 11:55:55 (1 year ago)	This IP address has been identified as generating artificial traffic on websites following the purch ... show more This IP address has been identified as generating artificial traffic on websites following the purchase of a specific service from a Fiverr gig. User-Agent and Referrer: Mozilla/5.0 (iPhone; CPU iPhone OS 15_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/122.0.6261.112 Mobile/15E148 Safari/604.1 - - show less	Bad Web Bot

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 201.165.64.49

🇺🇸 162.216.150.196

🇳🇱 91.92.40.24

🇳🇱 91.92.40.8

🇸🇬 47.82.13.159

🇳🇱 93.123.109.166

🇺🇸 67.209.80.182

🇸🇬 47.79.15.90

🇷🇺 5.167.66.41

🇨🇳 1.92.197.197

🇺🇸 2620:171:e0:f0::243

🇺🇸 162.216.150.253

🇺🇸 136.109.44.240

🇳🇵 113.199.225.48

🇳🇬 102.91.72.181

🇫🇮 80.223.200.184

🇺🇸 74.215.237.81

🇧🇷 45.238.136.181

🇳🇬 41.242.115.84

🇺🇸 24.14.236.153