JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.100.222.121

38.100.222.121 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 33%: ?

33%

ISP	Z COM NETWORKS
Usage Type	Fixed Line ISP
ASN	AS152605
Domain Name	zcomnetworks.com.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.100.222.121

Whois 38.100.222.121

IP Abuse Reports for 38.100.222.121:

This IP address has been reported a total of 8 times from 6 distinct sources. 38.100.222.121 was first reported on May 21st 2026, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 14:21:03 (15 hours ago)	(mod_security) mod_security (id:240335) triggered by 38.100.222.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 38.100.222.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 10:20:55.569910 2026] [security2:error] [pid 27586:tid 27586] [client 38.100.222.121:47508] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.100.222.121 (+1 hits since last alert)\|vintageamptubes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vintageamptubes.com"] [uri "/xmlrpc.php"] [unique_id "aj_cRz14OjE2dAv-M49QcAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-27 11:50:00 (17 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-27 10:31:26 (19 hours ago)	38.100.222.121 - - [27/Jun/2026:12:31:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by ... show more 38.100.222.121 - - [27/Jun/2026:12:31:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 38.100.222.121 - - [27/Jun/2026:12:31:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 38.100.222.121 - - [27/Jun/2026:12:31:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" 38.100.222.121 - - [27/Jun/2026:12:31:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" 38.100.222.121 - - [27/Jun/2026:12:31:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 09:51:54 (19 hours ago)	(mod_security) mod_security (id:240335) triggered by 38.100.222.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 38.100.222.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 05:51:48.233187 2026] [security2:error] [pid 17243:tid 17243] [client 38.100.222.121:13895] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.100.222.121 (+1 hits since last alert)\|tedharris.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tedharris.com"] [uri "/xmlrpc.php"] [unique_id "aj-dNCmKSnEv2wje7m084wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 09:20:36 (20 hours ago)	(mod_security) mod_security (id:240335) triggered by 38.100.222.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 38.100.222.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 05:20:31.333945 2026] [security2:error] [pid 18812:tid 18812] [client 38.100.222.121:9055] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.100.222.121 (+1 hits since last alert)\|d365geek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d365geek.com"] [uri "/xmlrpc.php"] [unique_id "aj-V368w5GHPEWblb_l9JgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-12 10:12:27 (2 weeks ago)	tcp/81 (6 or more attempts)	Port Scan
🇧🇷 SOC Blue Team	2026-05-21 07:25:51 (1 month ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
Anonymous	2026-05-21 02:58:22 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a02:4780:75:4739::1

🇺🇸 172.202.122.207

🇺🇸 172.174.234.168

🇭🇰 152.32.133.103

🇨🇳 116.179.32.213

🇳🇱 195.178.110.30

🇨🇼 190.4.154.113

🇺🇸 172.253.251.61

🇺🇦 46.35.252.77

🇧🇷 200.196.50.91

🇩🇪 194.88.98.119

🇨🇦 172.105.105.38

🇺🇸 162.216.149.172

🇺🇸 107.174.161.2

🇺🇸 66.132.195.126

🇺🇸 65.181.120.52

🇮🇳 2409:40e4:105d:f057:ce5:1acd:3041:305a

🇳🇱 193.176.31.234

🇺🇸 192.159.99.144

🇳🇱 185.223.235.42