JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 86.38.154.182

86.38.154.182 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 13%: ?

13%

ISP	UAB Bite Lietuva
Usage Type	Fixed Line ISP
ASN	AS210906
Domain Name	bi.lt
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 86.38.154.182

Whois 86.38.154.182

IP Abuse Reports for 86.38.154.182:

This IP address has been reported a total of 12 times from 5 distinct sources. 86.38.154.182 was first reported on January 7th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 02:59:56 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:59:48.324494 2026] [security2:error] [pid 7577:tid 7686] [client 86.38.154.182:48561] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/conn.php.bak"] [unique_id "ahz1pI6nP6TlQzUBlJva2wAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-28 05:30:01 (1 week ago)	\| A web attack returned code 200 (success).	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-02-01 12:21:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 07:21:00.457953 2026] [security2:error] [pid 483:tid 650] [client 86.38.154.182:46921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/.env.production"] [unique_id "aX9FLAMxl-cQ0UzvOvSZTAAAAEQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 06:37:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:37:34.201646 2025] [security2:error] [pid 30768:tid 30780] [client 86.38.154.182:40297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.net"] [uri "/.env.old"] [unique_id "aS03rv5kVQ-rlVW6wYR0mgAAAUg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 06:21:09 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 01:21:04.081260 2025] [security2:error] [pid 16443:tid 16443] [client 86.38.154.182:57187] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/server.key"] [unique_id "aRQnUDvbhYfk5AoTlQTXMwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Moby	2025-11-01 21:50:02 (7 months ago)	Sat Nov 01 15:31:23.246020 202586.38.154.182 - - [01/Nov/2025:15:31:28 -0500] "GET /config.php.bak H ... show more Sat Nov 01 15:31:23.246020 202586.38.154.182 - - [01/Nov/2025:15:31:28 -0500] "GET /config.php.bak HTTP/1.1" 404 984 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 86.38.154.182 - - [01/Nov/2025:15:36:11 -0500] "GET /..../..../..../..../..../..../..../..../..../windows/win.ini HTTP/1.1" 404 984 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 86.38.154.182 - - [01/Nov/2025:16:50:01 -0500] "GET /metrics HTTP/1.1" 404 984 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" ... show less	Web App Attack
Anonymous	2025-10-16 19:07:33 (7 months ago)	ET WEB_SERVER Kubernetes Ingress NGINX Controller auth-tls-match-cn Annotation Injection (CVE-2025-1 ... show more ET WEB_SERVER Kubernetes Ingress NGINX Controller auth-tls-match-cn Annotation Injection (CVE-2025-1097) show less	SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 16:35:20 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 12:35:14.305939 2025] [security2:error] [pid 30111:tid 30182] [client 86.38.154.182:49295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.com"] [uri "/.htaccess"] [unique_id "aN1YQhH4YjaIRtXIcLCY0gAAAgw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 07:52:52 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 03:52:49.730249 2025] [security2:error] [pid 3712160:tid 3712199] [client 86.38.154.182:53259] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/application/logs/application.log"] [unique_id "aIxyUdc_-1Eg368SpPiEuwAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 13:54:56 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 09:54:50.601748 2025] [security2:error] [pid 2868724:tid 2868724] [client 86.38.154.182:37617] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.nbcnewsradio.com"] [uri "/admin/logs/errors.log"] [unique_id "aDxbqmddnLSQRlZuiudk6QAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 07:58:56 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 86.38.154.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 03:58:48.147466 2025] [security2:error] [pid 2749697:tid 2749817] [client 86.38.154.182:50229] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.kettlehill.net\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.net"] [uri "/\\\\windows/win.ini"] [unique_id "aDwIOGzUxJS8AZi9Bz3l8gAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-07 04:45:36 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.92.1.83

🇨🇳 218.11.1.2

🇺🇸 206.189.195.75

🇹🇭 202.29.236.76

🇳🇱 195.178.110.30

🇬🇧 193.163.125.191

🇸🇪 158.174.211.17

🇨🇳 117.48.218.234

🇪🇸 94.228.7.54

🇺🇸 91.230.168.127

🇳🇱 89.248.163.200

🇺🇸 45.56.71.167

🇯🇵 40.74.66.130

🇧🇪 34.77.239.249

🇮🇪 18.201.114.77

🇺🇸 192.178.37.23

🇷🇺 178.178.222.59

🇺🇸 161.35.5.223

🇲🇲 103.59.163.132

🇧🇬 79.124.59.78