JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.154.195.85

38.154.195.85 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	B2 Net Solutions Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55286
Domain Name	b2netsolutions.com
Country	🇺🇸 United States of America
City	Piscataway, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.154.195.85

Whois 38.154.195.85

IP Abuse Reports for 38.154.195.85:

This IP address has been reported a total of 16 times from 4 distinct sources. 38.154.195.85 was first reported on October 31st 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-01 13:07:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 08:07:34.327861 2026] [security2:error] [pid 16720:tid 16835] [client 38.154.195.85:43011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/.env.old"] [unique_id "aX9QFngN2ebRaezbXtJW7QAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:21:27 (10 months ago)	(mod_security) mod_security (id:212620) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:212620) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:21:10.608764 2025] [security2:error] [pid 172499:tid 172623] [client 38.154.195.85:39633] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.net"] [uri "/web/set_profiling"] [unique_id "aIVw9oEn7YGnahfIo_jFyQAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 22:04:31 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 18:04:24.464914 2025] [security2:error] [pid 3614650:tid 3614650] [client 38.154.195.85:43199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.old"] [unique_id "aDjZ6EN3NqftIojLucyM2QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-04 00:35:14 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 20:35:09.851348 2024] [security2:error] [pid 18262:tid 18262] [client 38.154.195.85:55211] [client 38.154.195.85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.stdavids-media.com"] [uri "/wp-content/plugins/jsmol2wp/php/jsmol.php"] [unique_id "ZterPYgP-MZ_sjqW5hvPrwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-26 23:07:18 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 19:04:10.603094 2024] [security2:error] [pid 532018:tid 532394] [client 38.154.195.85:39923] [client 38.154.195.85] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /pages/systemcall.php?command=cat%20/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/pages/systemcall.php"] [unique_id "Zs0J6i_p85EHRlaaQPgePwAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-05-28 23:03:40 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 19:03:35.847931 2024] [security2:error] [pid 6312:tid 47260727219968] [client 38.154.195.85:41665] [client 38.154.195.85] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/localhost.key"] [unique_id "ZlZix9hrIDYsFMakWIztAAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-05-08 07:00:43 (2 years ago)	Unauthorized login attempts []	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-08 06:50:13 (2 years ago)	Web Attack	DDoS Attack Brute-Force Web App Attack
🇪🇸 10dencehispahard SL	2024-03-27 07:00:25 (2 years ago)	Unauthorized login attempts [ BI-16635]	Brute-Force
🇪🇸 10dencehispahard SL	2024-03-27 06:50:35 (2 years ago)	WP scan	Web App Attack
🇺🇸 TPI-Abuse	2024-01-26 21:50:08 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 16:49:58.937124 2024] [security2:error] [pid 8324] [client 38.154.195.85:51147] [client 38.154.195.85] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.stdavids-media.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.stdavids-media.com"] [uri "/stdavids-media.db"] [unique_id "ZbQpBnRmWqqBScPKLnEr-AAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-11-28 23:29:01 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 38.154.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 18:27:54.640697 2023] [security2:error] [pid 23731:tid 47740346246912] [client 38.154.195.85:50981] [client 38.154.195.85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kettlehill.net"] [uri "/.htpasswd"] [unique_id "ZWZ3epzic6eG0-w66PX5jgAAAZQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-26 18:20:08 (2 years ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-05 23:54:09 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 03:38:17 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.222.46.15

🇳🇱 178.16.54.74

🇧🇷 177.44.71.7

🇮🇳 139.59.16.12

🇺🇸 129.146.243.24

🇻🇳 115.84.183.240

🇷🇺 95.167.225.76

🇸🇬 47.79.206.110

🇸🇬 128.199.231.249

🇯🇵 124.155.125.131

🇰🇷 124.49.73.213

🇰🇷 115.68.168.163

🇳🇿 103.93.145.33

🇫🇷 62.210.199.83

🇱🇹 62.60.130.59

🇨🇳 58.48.170.235

🇺🇸 20.168.127.122

🇺🇸 20.39.62.227

🇩🇪 8.211.45.1

🇲🇽 187.191.48.6