JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.38.195.234

185.38.195.234 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 100%: ?

100%

ISP	APT_Cable_Memaliaj
Usage Type	Fixed Line ISP
ASN	AS209277
Domain Name	apt.al
Country	🇦🇱 Albania
City	Tepelene, Gjirokaster County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.38.195.234

Whois 185.38.195.234

IP Abuse Reports for 185.38.195.234:

This IP address has been reported a total of 86 times from 37 distinct sources. 185.38.195.234 was first reported on October 19th 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-29 13:15:04 (12 hours ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇩🇪 Vegascosmetics	2026-06-26 23:34:35 (3 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇫🇷 SpaceHost-Server	2026-06-26 22:28:53 (3 days ago)		Brute-Force Web App Attack
Anonymous	2026-06-26 21:47:28 (3 days ago)	185.38.195.234 - - [26/Jun/2026:23:47:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by ... show more 185.38.195.234 - - [26/Jun/2026:23:47:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" 185.38.195.234 - - [26/Jun/2026:23:47:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" 185.38.195.234 - - [26/Jun/2026:23:47:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.5; WordPress/6.1; http://site43810755.com" 185.38.195.234 - - [26/Jun/2026:23:47:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.5; WordPress/6.1; http://site43810755.com" 185.38.195.234 - - [26/Jun/2026:23:47:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" ... show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-26 18:30:09 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇬🇧 noise.agency	2026-06-26 10:27:20 (3 days ago)	(wordpress) Failed wordpress login from 185.38.195.234 (AL/Albania/-)	Brute-Force
Anonymous	2026-06-26 08:55:04 (3 days ago)	(wordpress) Failed wordpress login from 185.38.195.234 (AL/Albania/Tirana/Tirana/-/[redacted])	Brute-Force
🇪🇸 alferez	2026-06-25 13:42:02 (4 days ago)	Multiple WP Login Attack	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 09:40:34 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 185.38.195.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 185.38.195.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 05:40:27.371875 2026] [security2:error] [pid 31046:tid 31046] [client 185.38.195.234:4517] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.38.195.234 (+1 hits since last alert)\|doctoredwinalvarez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doctoredwinalvarez.com"] [uri "/xmlrpc.php"] [unique_id "ajz3i_ae2E0ubH2AOCivzwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-25 09:12:45 (4 days ago)	2.432 requests from abuseipdb.com blacklisted IP (1yr7mos5d)	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 06:12:52 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 185.38.195.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 185.38.195.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 02:12:45.312217 2026] [security2:error] [pid 6248:tid 6248] [client 185.38.195.234:47575] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.38.195.234 (+1 hits since last alert)\|prostar.industries\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prostar.industries"] [uri "/xmlrpc.php"] [unique_id "ajzG3dsFDYWIa23sI7brvwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-24 20:31:02 (5 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-24 17:57:19 (5 days ago)	(wordpress) Failed wordpress login from 185.38.195.234 (AL/Albania/-)	Brute-Force
🇳🇱 debestelapp	2026-06-24 13:35:05 (5 days ago)		Web App Attack
🇪🇸 alferez	2026-06-24 04:26:18 (5 days ago)	xmlrpc.php attack DOS	Hacking Exploited Host Web App Attack

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 194.85.69.22

🇬🇧 188.240.59.56

🇺🇸 152.32.205.153

🇺🇸 147.185.132.156

🇸🇦 143.92.145.18

🇻🇳 116.99.168.224

🇮🇩 103.97.101.25

🇺🇸 45.194.67.28

🇨🇭 2.59.219.107

🇰🇷 211.228.142.190

🇭🇰 199.45.154.187

🇧🇧 196.3.215.184

🇨🇳 180.95.231.68

🇧🇷 177.136.14.5

🇺🇸 158.94.187.119

🇯🇵 152.32.203.205

🇻🇳 116.99.168.14

🇭🇰 113.254.193.180

🇮🇳 103.207.4.214

🇧🇩 103.163.117.83