JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.154.191.38

38.154.191.38 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Server Mania Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55286
Domain Name	servermania.com
Country	🇺🇸 United States of America
City	Piscataway, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.154.191.38

Whois 38.154.191.38

IP Abuse Reports for 38.154.191.38:

This IP address has been reported a total of 9 times from 6 distinct sources. 38.154.191.38 was first reported on October 30th 2023, and the most recent report was 10 months ago.

Old Reports: The most recent abuse report for this IP address is from 10 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SCHAPPY	2025-07-27 08:50:10 (10 months ago)	IP was involved in L7 DDoS attack.	DDoS Attack
🇺🇸 TPI-Abuse	2025-07-27 02:40:36 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 38.154.191.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 38.154.191.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 22:40:33.539943 2025] [security2:error] [pid 872116:tid 872224] [client 38.154.191.38:52597] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcontacts.staging.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.staging.kettlehill.com"] [uri "/cgi-bin/test-cgi"] [unique_id "aIWRoeDLJ9DFkwipcB3VZwAAAk8"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 16:14:18 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 38.154.191.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 38.154.191.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:14:12.299393 2025] [security2:error] [pid 2942217:tid 2942217] [client 38.154.191.38:59115] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.farmers123.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.farmers123.com"] [uri "/\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "aDiH1IKkTWSogMr40HZvCwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-31 01:41:33 (1 year ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2025-02-27 22:30:03 (1 year ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 15:02:46 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 38.154.191.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 38.154.191.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 10:00:16.833606 2025] [security2:error] [pid 27063:tid 27220] [client 38.154.191.38:57933] [client 38.154.191.38] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/wp-config.php.old"] [unique_id "Z8B-AMnGgNPGej7DPucVMwAAAI0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 nyuuzyou	2024-12-13 22:28:13 (1 year ago)	Intensive scraping: /web?s=Tax%20preparation%20services%20North%20Kingstown&scraper=marginalia. User ... show more Intensive scraping: /web?s=Tax%20preparation%20services%20North%20Kingstown&scraper=marginalia. User-Agent: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0. show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-06 01:56:34 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 21:03:50 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 172.188.89.41

🇩🇪 128.14.225.164

🇺🇸 31.56.178.132

🇰🇷 211.104.137.55

🇦🇷 179.61.9.13

🇩🇪 150.241.76.42

🇺🇸 145.132.99.97

🇭🇰 45.196.236.141

🇯🇵 20.222.26.184

🇨🇳 218.77.90.44

🇧🇷 129.121.39.181

🇫🇷 91.231.89.238

🇨🇦 57.134.215.133

🇫🇷 51.178.137.163

🇫🇷 51.159.104.219

🇩🇪 51.75.87.31

🇧🇷 45.167.30.2

🇧🇷 45.164.251.67

🇹🇿 41.93.28.12

🇨🇦 20.220.195.127