AbuseIPDB » 38.154.143.180
38.154.143.180 was found in our database!
This IP was reported 5 times. Confidence of
Abuse
is 0% : ?
ISP
B2 Net Solutions Inc.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS55286
Hostname(s)
generated-relay20.practice-transactions.com
Domain Name
b2netsolutions.com
Country
๐บ๐ธ
United States of America
City
Los Angeles, California
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 38.154.143.180 :
This IP address has been reported a total of
5
times from
4 distinct
sources.
38.154.143.180 was first reported on
August 13th 2023 , and the most recent report was
2 weeks ago .
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฆ๐บ
prologic
2026-06-12 20:56:23
(2 weeks ago)
Coordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 ...
show more
Coordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 UTC. Deliberately expensive multi-label Gitea issue-search queries (/issues?type=all&state=closed&sort=...&labels=<multiple IDs>, ~60-113s CPU each) flooded the backend via proxy/hosting networks. ~36,700 source IPs, ~1 request per IP, identical TLS fingerprint (TLS1.3 0x1301) and one spoofed Chrome UA = single automated tool.
show less
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-03-24 19:52:00
(2 years ago)
(mod_security) mod_security (id:217200) triggered by 38.154.143.180 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:217200) triggered by 38.154.143.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 24 15:51:53.613294 2024] [security2:error] [pid 6196] [client 38.154.143.180:43899] [client 38.154.143.180] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header||www.jaxlist.org|F|2"] [data "/index.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.jaxlist.org"] [uri "/index.php"] [unique_id "ZgCEWeLm1EfK65duxUyq7gAAABU"], referer: https://www.jaxlist.org/index.php?page=register&action=register
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
plzenskypruvodce.cz
2023-08-22 13:48:51
(2 years ago)
[Tue Aug 22 15:48:47.917966 2023] [access_compat:error] [pid 2503827:tid 140367726839552] [client 38 ...
show more
[Tue Aug 22 15:48:47.917966 2023] [access_compat:error] [pid 2503827:tid 140367726839552] [client 38.154.143.180:49255] AH01797: client denied by server configuration: /var/www/opusarium.cz/www/xmlrpc.php, referer: https://opusarium.cz/
[Tue Aug 22 15:48:49.936011 2023] [access_compat:error] [pid 2503827:tid 140367777195776] [client 38.154.143.180:54231] AH01797: client denied by server configuration: /var/www/opusarium.cz/www/xmlrpc.php, referer: https://opusarium.cz/
...
show less
Web App Attack
Anonymous
2023-08-21 09:28:27
(2 years ago)
Web Server Attack
Hacking
Anonymous
2023-08-13 10:37:51
(2 years ago)
Web Server Attack
Hacking
Showing 1 to
5
of 5 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: