JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.138.38.14

197.138.38.14 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 45%: ?

45%

ISP	P.C. Kinyanjui Technical Training Institute
Usage Type	University/College/School
ASN	AS36914
Domain Name	kinyanjuitechnical.ac.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.138.38.14

Whois 197.138.38.14

IP Abuse Reports for 197.138.38.14:

This IP address has been reported a total of 49 times from 30 distinct sources. 197.138.38.14 was first reported on June 4th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-20 10:46:24 (2 days ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-15 01:46:21 (1 week ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-12 08:46:18 (1 week ago)	Failed Wordpress Logins	Web App Attack
🇧🇪 voormedia	2026-06-11 13:58:14 (1 week ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:51:55 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 197.138.38.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 197.138.38.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:51:48.784404 2026] [security2:error] [pid 29974:tid 29974] [client 197.138.38.14:31664] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|insidemilb.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "insidemilb.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiqTRP0EuKEDX65F8kc5cAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-11 09:29:42 (1 week ago)	Attempted access to sensitive endpoint (/xmlrpc.php) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/xmlrpc.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
Anonymous	2026-06-10 23:46:16 (1 week ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-09 14:16:53 (1 week ago)	Failed Wordpress Logins	Web App Attack
🇦🇺 screwlooseit.com.au	2026-05-29 14:50:47 (3 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC KE/Kenya/-	Web App Attack
🇮🇩 Burayot	2026-05-29 14:39:22 (3 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 197.138.38.14 (KE/Kenya/-): 1 in th ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 197.138.38.14 (KE/Kenya/-): 1 in the last 3600 secs show less	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-05-28 19:08:02 (3 weeks ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice02,wa01,wa02]	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 10:11:43 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 197.138.38.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 197.138.38.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 06:11:34.989422 2026] [security2:error] [pid 20055:tid 20055] [client 197.138.38.14:59300] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mosheimlib.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mosheimlib.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ahgU1rR216C8abVDHvFnCgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-05-28 09:40:31 (3 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇫🇷 ELYAZ	2026-05-26 18:34:37 (3 weeks ago)	(wordpress) Failed wordpress login from 197.138.38.14 (KE/Kenya/-): (CF_ENABLE)	Brute-Force
🇺🇸 TPI-Abuse	2026-05-26 15:04:53 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 197.138.38.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 197.138.38.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 11:04:48.174817 2026] [security2:error] [pid 1577:tid 1577] [client 197.138.38.14:31370] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|stukabird.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stukabird.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahW2kOoKVUvQRUjnYWNTAAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.251.132.2

🇵🇪 179.6.3.66

🇺🇸 104.238.81.133

🇩🇪 104.207.55.186

🇰🇷 59.21.215.173

🇧🇷 43.164.195.160

🇺🇸 208.84.102.178

🇪🇨 186.69.70.241

🇮🇳 168.144.92.125

🇺🇸 74.125.80.84

🇹🇼 61.230.183.215

🇺🇸 34.148.107.11

🇧🇷 201.89.12.199

🇧🇷 177.152.154.27

🇹🇼 114.34.106.146

🇻🇳 103.237.144.204

🇰🇿 92.47.109.189

🇺🇸 66.132.172.197

🇳🇱 45.148.10.147

🇨🇳 218.62.15.102