AbuseIPDB » 38.154.205.113
38.154.205.113
This IP was reported 6 times. Confidence of
Abuse
is 12% : ?
ISP
B2 Net Solutions Inc.
Usage Type
Fixed Line ISP
ASN
AS55286
Domain Name
b2netsolutions.com
Country
๐บ๐ธ
United States of America
City
Piscataway, New Jersey
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 38.154.205.113 :
This IP address has been reported a total of
6
times from
2 distinct
sources.
38.154.205.113 was first reported on
May 26th 2026 , and the most recent report was
2 weeks ago
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ณ๐ฑ
homeshowdomain.nl
2026-05-28 22:01:42
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-27 18:43:46
(2 weeks ago)
(mod_security) mod_security (id:949110) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:43:21.383813 2026] [security2:error] [pid 4086:tid 4086] [client 38.154.205.113:34695] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "slapai.org"] [uri "/app/config/parameters.yml"] [unique_id "ahc7Sa9n2VC_OOAvv20yxAAAAAo"], referer: https://www.google.com/search?q=slapai.org
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 17:05:34
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 13:05:30.846190 2026] [security2:error] [pid 28754:tid 28786] [client 38.154.205.113:34031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onixgironashop.com.webcraftestudio.com"] [uri "/.env.development"] [unique_id "ahckWtnTdjte9p44-XS10gAAAEU"], referer: https://www.google.com/search?q=onixgironashop.com.webcraftestudio.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 14:33:22
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 10:33:16.063866 2026] [security2:error] [pid 20174:tid 20174] [client 38.154.205.113:54889] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.giganticmediallc.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.giganticmediallc.com"] [uri "/backup.sql"] [unique_id "ahcArPYlu5qzGJ6wjxdIPAAAACU"], referer: https://www.google.com/search?q=mail.giganticmediallc.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 00:21:36
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:21:06.146741 2026] [security2:error] [pid 14380:tid 14380] [client 38.154.205.113:59697] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ultratecnologia.com.mx|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ultratecnologia.com.mx"] [uri "/db_backup.sql"] [unique_id "ahY48uXHwu1l5o4o_48FiwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 18:12:34
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 38.154.205.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:12:28.514066 2026] [security2:error] [pid 15461:tid 15461] [client 38.154.205.113:33867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sayhellotometamodernism.com.demberdatabase.com"] [uri "/wp-config.php.save"] [unique_id "ahXijNZ6h8fCh8r1SYTzSwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: