AbuseIPDB » 38.134.138.127
38.134.138.127 was found in our database!
This IP was reported 9 times. Confidence of
Abuse
is 22%: ?
| ISP |
Cogent Communications, LLC
|
| Usage Type |
Fixed Line ISP
|
| ASN |
AS136336
|
| Domain Name |
cogentco.com
|
| Country |
๐ฎ๐ณ
India
|
| City |
Chennai, Tamil Nadu
|
IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
IP Abuse Reports for 38.134.138.127:
This IP address has been reported a total of
9
times from
6 distinct
sources.
38.134.138.127 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
| Reporter |
IoA Timestamp (UTC)
|
Comment |
Categories |
|
|
๐บ๐ธ
integrantservices.com
|
|
(wordpress) Failed wordpress login from 38.134.138.127 (IN/India/-)
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:09:38.964804 2026] [security2:error] [pid 11276:tid 11276] [client 38.134.138.127:10477] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.134.138.127 (+1 hits since last alert)|modmove.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modmove.com"] [uri "/xmlrpc.php"] [unique_id "ah_9YovW-PdmvB7Oko-VRgAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
Jason Howell
|
|
38.134.138.127 - - [02/Jun/2026:06:35:53 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3402 "-" "Jetpack by ...
show more
38.134.138.127 - - [02/Jun/2026:06:35:53 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3402 "-" "Jetpack by WordPress.com"
38.134.138.127 - - [02/Jun/2026:06:38:01 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3402 "-" "WordPress.com; https://wordpress.com"
38.134.138.127 - - [02/Jun/2026:06:40:09 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3400 "-" "WordPress.com; https://wordpress.com"
38.134.138.127 - - [02/Jun/2026:06:42:16 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3400 "-" "Jetpack by WordPress.com"
38.134.138.127 - - [02/Jun/2026:06:44:23 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3401 "-" "Jetpack by WordPress.com"
...
show less
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:36:35.566888 2026] [security2:error] [pid 23492:tid 23714] [client 38.134.138.127:30829] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.134.138.127 (+1 hits since last alert)|whatismetamodern.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "ah6yMwjYge4aRdKFXtYAnQAAANY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Attac
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 01:39:47.582273 2026] [security2:error] [pid 2000:tid 2000] [client 38.134.138.127:8350] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.134.138.127 (+1 hits since last alert)|gellertdealers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gellertdealers.com"] [uri "/xmlrpc.php"] [unique_id "ah5sozQqyd5oKB4xhi2yuAAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.134.138.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 01:09:07.563814 2026] [security2:error] [pid 4451:tid 4451] [client 38.134.138.127:30849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.134.138.127 (+1 hits since last alert)|assheton.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "assheton.com"] [uri "/xmlrpc.php"] [unique_id "ah5lcw2BKgZcHHuYQoBWiwAAAAs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
sthoyer.de
|
|
May 5 10:23:20 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ...
show more
May 5 10:23:20 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=38.134.138.127 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=43045 DF PROTO=TCP SPT=28348 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0
...
show less
|
Port Scan
|
|
|
๐ณ๐ฑ
exxos
|
|
HTTP1.x attacks
|
DDoS Attack
|
|
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: