JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.172.162.41

38.172.162.41 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 63%: ?

63%

ISP	RED SERVITEL, CA
Usage Type	Fixed Line ISP
ASN	AS270026
Domain Name	servitel.app
Country	🇻🇪 Venezuela (Bolivarian Republic of)
City	Barquisimeto, Lara

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.172.162.41

Whois 38.172.162.41

IP Abuse Reports for 38.172.162.41:

This IP address has been reported a total of 26 times from 18 distinct sources. 38.172.162.41 was first reported on May 10th 2024, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-29 08:10:40 (11 hours ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2026-06-27 04:57:37 (2 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 Vegascosmetics	2026-06-26 14:59:44 (3 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇳🇱 ipoac.nl	2026-06-25 23:30:50 (3 days ago)	2026-06-26T01:30:49.762892+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown ... show more 2026-06-26T01:30:49.762892+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown user 5fm from 38.172.162.41 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 22:01:53 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 18:01:47.098569 2026] [security2:error] [pid 3086:tid 3086] [client 38.172.162.41:56944] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.41 (+1 hits since last alert)\|fundingangelinvestors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundingangelinvestors.com"] [uri "/xmlrpc.php"] [unique_id "aj2lS9g0Gz5DAC5CdMYu1AAAADE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 22:00:05 (3 days ago)	(wordpress) Failed wordpress login from 38.172.162.41 (VE/Venezuela/-)	Brute-Force
Anonymous	2026-06-25 21:58:40 (3 days ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 21:00:45 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 17:00:39.880942 2026] [security2:error] [pid 24124:tid 24124] [client 38.172.162.41:57199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.41 (+1 hits since last alert)\|firstunitedreserve.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "firstunitedreserve.com"] [uri "/xmlrpc.php"] [unique_id "aj2W9504bsWTkIGv3LjgiwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-25 19:55:49 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 15:31:38 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:31:30.922680 2026] [security2:error] [pid 26515:tid 26515] [client 38.172.162.41:56594] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.41 (+1 hits since last alert)\|starcrestsales.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "starcrestsales.com"] [uri "/xmlrpc.php"] [unique_id "aj1J0kr04hV384wm3uVkTQAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 22:37:03 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:36:55.975781 2026] [security2:error] [pid 18961:tid 18961] [client 38.172.162.41:57166] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.41 (+1 hits since last alert)\|artbytracyjane.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artbytracyjane.com"] [uri "/xmlrpc.php"] [unique_id "ajxcB4nN_P4RTbvScDFFMgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-24 21:55:05 (4 days ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 19:01:45 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 15:01:42.081999 2026] [security2:error] [pid 31291:tid 31291] [client 38.172.162.41:56882] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.41 (+1 hits since last alert)\|ardath.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ardath.net"] [uri "/xmlrpc.php"] [unique_id "ajwplpqSTD9CqJKjfm3VMQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-24 15:47:13 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-05-31 21:41:10 (4 weeks ago)	Attac	Brute-Force

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 171.243.150.146

🇿🇦 102.64.37.129

🇯🇵 101.33.55.204

🇭🇰 46.247.61.105

🇵🇰 39.35.224.78

🇮🇳 13.207.204.96

🇮🇳 13.207.194.18

🇨🇳 221.224.159.218

🇹🇼 212.115.54.84

🇱🇹 212.24.99.28

🇧🇷 205.210.31.209

🇧🇷 152.67.48.120

🇹🇷 91.151.95.146

🇳🇱 91.92.40.204

🇳🇱 89.21.67.136

🇸🇬 68.183.236.1

🇨🇳 183.233.187.138

🇺🇸 162.216.149.109

🇺🇸 147.185.132.195

🇬🇧 87.236.176.159