JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 86.38.236.69

86.38.236.69 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 4%: ?

ISP	UAB Bite Lietuva
Usage Type	Fixed Line ISP
ASN	AS210906
Domain Name	bi.lt
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 86.38.236.69

Whois 86.38.236.69

IP Abuse Reports for 86.38.236.69:

This IP address has been reported a total of 15 times from 7 distinct sources. 86.38.236.69 was first reported on September 26th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 01:49:43 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:47:56.800645 2026] [security2:error] [pid 11733:tid 12073] [client 86.38.236.69:46733] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.staging.kettlehill.com"] [uri "/sql.sql"] [unique_id "ahzkzB1bJq1aGF8ItKdenQAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 12:23:56 (4 months ago)	(mod_security) mod_security (id:221260) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 07:23:47.105187 2026] [security2:error] [pid 15188:tid 15188] [client 86.38.236.69:52693] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/cgi-bin/test"] [unique_id "aWt_U_fTqXJhiGbvYxtfBwAAAAE"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:11:19 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:10:22.237204 2025] [security2:error] [pid 22839:tid 22975] [client 86.38.236.69:48793] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.kettlehill.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/www.key"] [unique_id "aVLSHahQT-NrkrxX7z3KeQAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 08:58:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 03:57:36.096824 2025] [security2:error] [pid 28339:tid 28339] [client 86.38.236.69:41461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.live"] [unique_id "aRWdgP4JoMgye13XusUWxAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 12:33:30 (7 months ago)	vBulletin Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
Anonymous	2025-07-27 02:07:53 (10 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-07-27 00:23:20 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:22:52.267812 2025] [security2:error] [pid 172499:tid 172609] [client 86.38.236.69:34445] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|webdisk.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/cgi-bin/test"] [unique_id "aIVxXIEn7YGnahfIo_jLPQAAAUM"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 00:06:57 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 86.38.236.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 20:06:51.219078 2025] [security2:error] [pid 3814833:tid 3814833] [client 86.38.236.69:53645] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.farmers123.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.farmers123.com"] [uri "/XMII/Catalog"] [unique_id "aDj2m6EtLXvYwZwMyVildwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 01:10:05 (1 year ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack
🇫🇮 nyuuzyou	2024-10-07 17:45:09 (1 year ago)	Intensive scraping: /web?s=%22mod%3Dclansphere%22%20aacute&scraper=mojeek. User-Agent: Mozilla/5.0 ( ... show more Intensive scraping: /web?s=%22mod%3Dclansphere%22%20aacute&scraper=mojeek. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36. show less	Bad Web Bot
Anonymous	2024-10-07 17:17:39 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 nowyouknow	2024-10-01 09:15:33 (1 year ago)	(From [email protected]) Hi there, Is it difficult for you to find time for w ... show more (From [email protected]) Hi there, Is it difficult for you to find time for writing articles? Bring in an expert SEO writer today! All the research is done for you and deliver professionally written search engine optimized content to improve your search rankings and increase engagement with your visitors. If you need fresh articles for your blog or to enhance your content marketing, check out our current content specials here: https://bit.ly/writingbyben Ben Contact me directly at [email protected] or on Skype: behinger19 with any questions. If you don't want to get an email from me on this matter again, please reply back with the text: "No, thank you" show less	Phishing Web Spam
Anonymous	2024-09-29 09:56:50 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 nowyouknow	2024-09-28 17:32:07 (1 year ago)	(From [email protected]) Hello there, My name is Shahar and I am the co-founder of Rotev Marke ... show more (From [email protected]) Hello there, My name is Shahar and I am the co-founder of Rotev Marketing. I'm reaching out because I think Webflow could help take your website to the next level. Webflow allows you to create professional, high-converting websites without any coding knowledge. Many leading brands such as Dropbox, Jasper AI, and Michael Kors have upgraded to Webflow. I’d like to show you examples of websites we’ve built and give you a 15 minute consultation for free on how you can improve your site. Reply "Yes" if you’re interested in learning more. Regards, Shahar Zohar [email protected] Whatsapp: https://wa.me/17722103292 show less	Phishing Web Spam
🇺🇸 oncord	2024-09-26 23:27:39 (1 year ago)	Form spam	Web Spam

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.86.114.38

🇺🇸 156.232.13.218

🇳🇱 195.178.110.30

🇪🇸 188.84.180.195

🇩🇪 151.243.11.37

🇨🇳 111.41.198.169

🇷🇺 95.165.68.145

🇧🇬 79.124.49.226

🇺🇸 54.167.58.202

🇺🇸 24.45.233.231

🇺🇸 3.91.52.248

🇧🇷 205.210.31.245

🇰🇷 203.228.30.198

🇺🇸 162.216.149.59

🇩🇪 130.12.180.51

🇹🇼 111.70.22.152

🇺🇸 46.16.34.179

🇳🇱 45.148.10.183

🇳🇱 45.148.10.141

🇮🇳 4.240.107.214