JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.154.217.149

38.154.217.149 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	B2 Net Solutions Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55286
Domain Name	b2netsolutions.com
Country	🇺🇸 United States of America
City	Piscataway, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.154.217.149

Whois 38.154.217.149

IP Abuse Reports for 38.154.217.149:

This IP address has been reported a total of 6 times from 3 distinct sources. 38.154.217.149 was first reported on January 25th 2025, and the most recent report was 10 months ago.

Old Reports: The most recent abuse report for this IP address is from 10 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-08-05 20:15:01 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 16:14:56.922933 2025] [security2:error] [pid 29249:tid 29249] [client 38.154.217.149:54831] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nbcnewsradio.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/..../..../..../..../..../..../..../..../..../windows/win.ini"] [unique_id "aJJmQO_Jkr4-icVAnsgAwQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:37:10 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:37:06.242310 2025] [security2:error] [pid 172228:tid 172416] [client 38.154.217.149:44921] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?__kubio-site-edit-iframe-preview=1&__kubio-site-edit-iframe-classic-template=../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/"] [unique_id "aIV0suyxIbVHpqlXWTqYQQAAAMU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-06-23 13:30:08 (11 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-05-29 23:21:20 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:21:15.173108 2025] [security2:error] [pid 3745227:tid 3745227] [client 38.154.217.149:37041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.svn/entries"] [unique_id "aDjr6-OuDuBYPmsnLCwzggAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 14:53:58 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 38.154.217.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 09:53:07.011301 2025] [security2:error] [pid 27063:tid 27229] [client 38.154.217.149:51819] [client 38.154.217.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.net"] [uri "/site.sql"] [unique_id "Z8B8U8nGgNPGej7DPucMSAAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 01:10:50 (1 year ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 119.3.214.90

🇧🇷 179.184.160.50

🇩🇿 154.252.141.126

🇵🇰 119.152.228.64

🇻🇳 103.61.123.132

🇨🇦 15.235.96.135

🇪🇸 196.196.150.124

🇨🇦 51.222.95.35

🇨🇳 221.234.10.211

🇫🇮 194.70.234.45

🇬🇧 193.163.125.95

🇺🇸 159.223.131.0

🇨🇴 152.200.205.179

🇺🇸 147.185.132.22

🇭🇰 125.59.252.103

🇦🇴 105.168.98.183

🇷🇺 92.255.170.48

🇱🇹 77.90.185.79

🇭🇰 47.242.37.198

🇧🇷 45.160.89.196