JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.172.162.55

38.172.162.55 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 67%: ?

67%

ISP	RED SERVITEL, CA
Usage Type	Fixed Line ISP
ASN	AS270026
Domain Name	servitel.app
Country	🇻🇪 Venezuela (Bolivarian Republic of)
City	Barquisimeto, Lara

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.172.162.55

Whois 38.172.162.55

IP Abuse Reports for 38.172.162.55:

This IP address has been reported a total of 31 times from 16 distinct sources. 38.172.162.55 was first reported on February 8th 2024, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-14 22:30:50 (4 hours ago)		Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-14 20:27:09 (6 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-14 19:59:31 (7 hours ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:59:26.876051 2026] [security2:error] [pid 18369:tid 18369] [client 38.172.162.55:57938] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.55 (+1 hits since last alert)\|ismaelcavazos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ismaelcavazos.com"] [uri "/xmlrpc.php"] [unique_id "ai8IHqhGe2cKFyIYYSc42AAAADM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-14 18:07:27 (9 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇫🇷 dynamix	2026-06-14 18:07:08 (9 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 17:34:42 (9 hours ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 13:34:36.478265 2026] [security2:error] [pid 30784:tid 30784] [client 38.172.162.55:58033] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.55 (+1 hits since last alert)\|bigheartskitchen.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigheartskitchen.net"] [uri "/xmlrpc.php"] [unique_id "ai7mLH9CwUiPdRLi2alC_gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-14 17:02:20 (10 hours ago)	(wordpress) Failed wordpress login from 38.172.162.55 (VE/Venezuela/-)	Brute-Force
Anonymous	2026-06-14 16:07:03 (11 hours ago)	[ssd5.kdns.gr] httpd-xmlrpc-post: sites=sigasigacollective.com; logs=/var/log/httpd/domains/sigasiga ... show more [ssd5.kdns.gr] httpd-xmlrpc-post: sites=sigasigacollective.com; logs=/var/log/httpd/domains/sigasigacollective.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 01:00:44 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:00:39.255250 2026] [security2:error] [pid 8260:tid 8260] [client 38.172.162.55:57709] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.55 (+1 hits since last alert)\|frogdesignmexico.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frogdesignmexico.com"] [uri "/xmlrpc.php"] [unique_id "ai39N-fhwRhw0Is9E0-8hwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-13 22:29:26 (1 day ago)		Brute-Force Web App Attack
🇨🇦 Dunham Support	2026-06-13 21:52:20 (1 day ago)	(wordpress) Failed wordpress login from 38.172.162.55 (VE/Venezuela/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 20:23:05 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:23:01.558016 2026] [security2:error] [pid 26639:tid 26639] [client 38.172.162.55:58094] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.55 (+1 hits since last alert)\|hendersonhomes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hendersonhomes.com"] [uri "/xmlrpc.php"] [unique_id "ai28JTm7FPecjfgszdYGoAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 19:51:03 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 15:50:56.240551 2026] [security2:error] [pid 28599:tid 28599] [client 38.172.162.55:57931] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.55 (+1 hits since last alert)\|genevaatlantic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "genevaatlantic.com"] [uri "/xmlrpc.php"] [unique_id "ai20oDvzflyp3mPHzMneKgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-13 15:11:48 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 11:19:29 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 38.172.162.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 07:19:23.771359 2026] [security2:error] [pid 2413:tid 2413] [client 38.172.162.55:57388] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 38.172.162.55 (+1 hits since last alert)\|lspfest.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lspfest.com"] [uri "/xmlrpc.php"] [unique_id "ai08u_FrdLyXXPue94LwEwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:16ff:5d::

🇳🇱 213.177.179.62

🇻🇪 190.153.21.124

🇺🇸 167.99.54.222

🇮🇳 61.95.199.54

🇧🇷 45.170.58.123

🇺🇸 20.42.108.100

🇺🇸 2a03:2880:16ff:5c::

🇧🇷 200.155.66.2

🇧🇪 198.235.24.203

🇧🇷 189.91.128.26

🇧🇷 186.238.247.238

🇮🇩 180.252.162.21

🇵🇰 111.92.142.155

🇳🇱 93.123.72.183

🇷🇴 80.94.92.177

🇩🇪 79.215.2.72

🇺🇸 47.251.105.28

🇳🇱 34.91.212.219

🇺🇸 34.59.157.230