JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.129.122.250

38.129.122.250 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 55%: ?

55%

ISP	Hopkinsville Electric System
Usage Type	Fixed Line ISP
ASN	AS13781
Hostname(s)	250-122-129-38.hesenergy.net
Domain Name	hop-electric.com
Country	🇺🇸 United States of America
City	Hopkinsville, Kentucky

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.129.122.250

Whois 38.129.122.250

IP Abuse Reports for 38.129.122.250:

This IP address has been reported a total of 25 times from 19 distinct sources. 38.129.122.250 was first reported on April 19th 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 01:14:33 (19 hours ago)	(mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): ... show more (mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 21:14:29.804143 2026] [security2:error] [pid 6478:tid 6478] [client 38.129.122.250:56428] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mkdesignndetailing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mkdesignndetailing.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajyA9egW6zYbPBRr94ShRgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 02:50:34 (1 day ago)	[redacted] 38.129.122.250 - - [24/Jun/2026:04:49:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" " ... show more [redacted] 38.129.122.250 - - [24/Jun/2026:04:49:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/82.0.0.0 Safari/537.36" [redacted] 38.129.122.250 - - [24/Jun/2026:04:49:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36" [redacted] 38.129.122.250 - - [24/Jun/2026:04:49:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/74.0.0.0 Safari/537.36" [redacted] 38.129.122.250 - - [24/Jun/2026:04:49:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" [redacted] 38.129.122.250 - - [24/Jun/2026:04:49:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mo ... show less	Hacking Web App Attack
Anonymous	2026-06-22 08:51:51 (3 days ago)	"POST /xmlrpc.php HTTP/1.1"	Hacking Web App Attack
🇳🇱 wlt-blocker	2026-06-14 23:01:47 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇫🇮 inlink.ltd	2026-06-07 23:44:55 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇨🇭 4server	2026-06-03 00:08:08 (3 weeks ago)	[WedJun0302:07:54.8982062026][security2:error][pid178559:tid179179][client38.129.122.250:0]ModSecuri ... show more [WedJun0302:07:54.8982062026][security2:error][pid178559:tid179179][client38.129.122.250:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"aid-web.ch\"][uri\"/xmlrpc.php\"][unique_id\"ah9wWgSr3w_tEH-zSnbmogAAAIQ\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 03:17:25 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): ... show more (mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 23:17:21.526416 2026] [security2:error] [pid 32308:tid 32308] [client 38.129.122.250:64033] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|churchbehindthewalls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "churchbehindthewalls.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahkFQfB-XApNP9sMIzWqHAAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 02:47:14 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): ... show more (mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 22:47:09.117095 2026] [security2:error] [pid 11934:tid 11965] [client 38.129.122.250:51504] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ccgparquitectos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ccgparquitectos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahj-LekIbGkgrBztu0uI7wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-28 10:48:55 (4 weeks ago)	(xmlrpc) Apache: Failed xmlrpc access from 38.129.122.250 (US/United States/250-122-129-38.hesenergy ... show more (xmlrpc) Apache: Failed xmlrpc access from 38.129.122.250 (US/United States/250-122-129-38.hesenergy.net): 10 in the last 3600 secs (0-201) show less	Hacking
🇺🇸 TPI-Abuse	2026-05-28 10:45:27 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): ... show more (mod_security) mod_security (id:225170) triggered by 38.129.122.250 (250-122-129-38.hesenergy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 06:45:19.641372 2026] [security2:error] [pid 3065:tid 3065] [client 38.129.122.250:64169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nidusmbt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nidusmbt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahgcv0W6dhQ-gaRLnueelwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-05-26 18:45:12 (4 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-26 18:42:27 (4 weeks ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-05-25 23:30:06 (4 weeks ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇫🇮 as211431.net	2026-05-25 01:58:10 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (POST method) Endpoint: /xmlrpc.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/62.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 4server	2026-05-25 00:21:26 (1 month ago)	[MonMay2502:21:23.7213702026][security2:error][pid3293090:tid3293108][client38.129.122.250:0]ModSecu ... show more [MonMay2502:21:23.7213702026][security2:error][pid3293090:tid3293108][client38.129.122.250:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"chryptofarm.ch\"][uri\"/xmlrpc.php\"][unique_id\"ahOWA8j98zqO6swaZhmDugAAAAc\"] show less	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.207

🇲🇽 189.147.19.238

🇮🇳 154.29.237.198

🇫🇷 91.196.152.187

🇸🇪 81.226.88.121

🇻🇪 45.168.175.110

🇳🇱 45.148.10.157

🇬🇧 35.203.211.37

🇺🇸 34.26.190.237

🇭🇰 23.91.97.170

🇨🇳 223.90.138.209

🇨🇳 220.161.52.149

🇺🇸 146.75.253.251

🇧🇩 114.130.85.36

🇿🇦 102.64.42.23

🇺🇦 77.87.40.114

🇨🇳 1.83.125.42

🇧🇷 205.210.31.178

🇵🇰 202.47.37.88

🇭🇰 199.45.154.182